General

Fix 755 permission issues with running PHP as FastCGI

Wednesday, 29 September 2010 00:18 Written by Ron Bassett

I know there is a lot of talk about security involving any CMS these days. Especially between Joomla, Drupal and Wordpress. Everyone keeps saying 777 is bad, you should never use it because it is a security risk and your site will get hacked. Well that may be true, but most of these people never provide a solution. All they say is your directories should be 755. On many php installs this means only apache can wright to these folders. So if you try to upload a theme, component, module or plugin from your CMS it will fail. That is why so many people have to set directories to 777 in order for things to work properly. Before doing any of the below create a backup first!

If you are using Plesk there is an easy but not well documented solution. Apache suEXEC must be installed for this to work properly, but if you are using plesk it most likely is already running. http://httpd.apache.org/docs/1.3/suexec.html
Go to Domains > yourdomain.com > Web Hosting Settings. Scroll down to PHP support. Make sure ‘safe_mode’ is unchecked then select FastCGI application. This FastCGI is much different and faster than CGI. Also this should be much quicker than using suPHP which would be the other option to fixing permissions issues.

fastcgi

You may have to restart Apache before everything works correctly. After turning this on my site had errors and would not run. Turns out I had some ownership issues. I ran a chown from the command line which returned ownership to the ftp user. Everything worked great after this. You can now change your 777 directories to 755.

If you have SSH shell access the following commands can be run from the command line to reset all files and directories back to the server defaults of 755 and 644. Change directories to the top directory (" / ") of your Joomla! installation, then run:

find . -type f -exec chmod 644 {} \;
find . -type d -exec chmod 755 {} \;

For more infomation on Joomla and permissions: http://docs.joomla.org/How_do_UNIX_file_permissions_work%3F

Fix for "invalid token error" with JomSocial & Affinity from RocketTheme

Monday, 02 August 2010 17:59 Written by Chris Conrad

invalid token-JomSocial-RocketTheme-Affinity-fix invalid token-invalid token error

RocketTheme template Affinity + JomSocial : invalid token error

If you are using RocketTheme Affinity template and Azrul Jomsocial 1.8, sometimes you get Invalid Token error due to some template overrides.

If you get invalid token error when you try to create a new album, discussion, bulletin, or album then here's an easy fix for you. You have to edit a few lines of code in the Affinity template. Specifically in the "html" directory.

To fix the invalid token error:

1. Open {YOUR_WWW_ROOT}/templates/rt_affinity_j15/html/com_community/groups.adddiscussion.php

2. Find this line:

3. Insert the following line after it:

The line of code to ad directly above or before the closing form tag () is; So just to be clear you can replaced the closing form tag should be the second to last line of code in each file with the following; Replace it with,

4. It should look like the following line of code:

5. You will need to do the same with the "add album" and the news template overrides. Insert that line anywhere between the form tags and it will work!

6. You'll need to do the same in pretty much all overriden forms such as the following;

PATH=yourdomain/templates/rt_affinity_j15/html/com_community
groups.invitefriends.php
groups.addnews.php
groups.adddiscussion.php
Photos.newalbum.php

Adding the line of code fixes many issues, depending on which file you add it to.

How To Remove the default JOOMLA! 1.5 META Tag

Thursday, 29 April 2010 19:58 Written by Chris Conrad

For security and other reasons you should make it less obvious that your site is running Joomla. The META tag "generator" value is easy to modify or remove with one line of code, placed in one, or several files. Depending on where you put this code, you may have to re-enter it after a JOOMLA core update / upgrade.

Securing Joomla!'s Administrator Logins

Monday, 09 November 2009 01:20 Written by Ron Bassett

Many times you want to force https or SSL on Joomla! administrator logins so admin users passwords are always sent ecyrpted. This can be done by creating a .htaccess file in the /administrator/ directory and adding the code below.

RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://codersresource.com/administrator/$1 [R=301,NC]

Page Peel Banner - Joomla Module Fix

Monday, 24 August 2009 23:48 Written by Ron Bassett

Joomla-page peel-banner-bug-module

Some of you may have used the very cool Page Peel Banner for Joomla. http://extensions.joomla.org/extensions/ads-a-affiliates/corner-banners/3209 . The only problem I ran into was using it with SEF enabled. This made the module only display on the first page. It came down to needing some links to files changed in the default.php file. The modified version can be downloaded here (default.php) Just download, unzip, and upload to >/modules/mod_pagepeel_banner_J15/tmpl/