Tag-Archive for » .htaccess «

Secure Joomla site.

By Gunjan · August 28, 2009

To avoid Joomla site to be hacked follow the following steps.

Disable RG_EMULATION for Joomla. When this option is enabled even the latest Joomla is

vulnerable to some variable injections. It can be disabled by placing the following line in

your configuration.php:

if(!defined(‘RG_EMULATION’)) { define( ‘RG_EMULATION’, 0 ); }

————-
Secure your administrator’s area. This will first prevent simple brute-force attacks. Along

with that, all components and modules’ code inside this directory will be safe. For this

purpose:

- Place an .htaccess inside Joomla’s ‘administrator’ directory. It should contain:

Deny from all
Allow from YourIP*

In case your IP changes, you should try securing the directory with Password Protection

If you are using PHP 5.2, make sure that the directive ‘allow_url_include’ is set to off;

If you are using PHP version below 5.2, make sure that the directive ‘allow_url_fopen’ is

set to off.

http://www.host.co.in/forums/f37/how-check-if-server-suexec-not-821/
Category: Third party script issue  Tags: , , , ,  Comments off

How to disable the Directory listing?

By Gunjan · August 25, 2009

To disable the Directory listing for directories you need to create the .htaccess file under the each an every folder under which you want to disable the Directory listing and insert the following code in .htaccess file.

————
Options -Indexes
————

Category: Basic Linux  Tags: ,  Comments off

Enable private PHP Error Logging via .htaccess\disable PHP Error Logging for visitor

By Gunjan ·

To hide PHP errors from visitors insert the following code in .htaccess

# supress php errors
php_flag display_startup_errors off
php_flag display_errors off
php_flag html_errors off

Once disable the error logs for visitors enable the private PHP error logging by using following code in .htaccess

# enable PHP error logging
php_flag log_errors on
php_value error_log /home/path/public_html/domain/PHP_errors.log

The PHP_errors.log file needs to be permission 755 or 777.

http://www.host.co.in/forums/f37/how-check-if-server-suexec-not-821/
Category: PHP  Tags: , ,  One Comment