Jump to content

www.quik-site.com

computerlady911
 Share

Recommended Posts

computerlady911 Junior Member

computerlady911

Posted
Posted

I have integrated the WHM system into my site quite seamlessly, I think. Thanks to Direct Admin, this program and Installatron, I now have a fully automated hosting solution. People can signup and install Joomla (Or about 25 other web scripts) in less than 15 minutes!

 

I looks rather nice, I think, too. :D

 

What do you think?

0
Link to comment
Share on other sites
computerlady911 Junior Member

computerlady911

Posted
  • Author
Posted

You have a lot of very beautiful templates there. But I love my Joomla and all the tools and tricks it does. I am an expert with it and can get the wrapper to work right.

 

I can also get the SEO to work right which is the real trick. We have used Joomla for years and Mambo before that so we know all the tricks.

0
Link to comment
Share on other sites
bucketshop Member

bucketshop

Posted
Posted
Because it is an open source CMS. Just not something I would recommend using to power a business.

 

LOL

 

xxkylexx, now that is a good one.... best one I have heard in a while.

 

I would lay my money on open source over closed source almost any day of the week... and have done so for years.

 

I noiced that your website/billing/support system runs on the open source scripting language called PHP... you might want to check into that and change to ColdFusion/Java/.Net.. scratch Java, they just open sourced it... now Amazon and Ebay are going to crash :D

0
Link to comment
Share on other sites
xxkylexx Senior Member

xxkylexx

Posted
Posted
Because it is an open source CMS. Just not something I would recommend using to power a business.

 

LOL

 

xxkylexx, now that is a good one.... best one I have heard in a while.

 

I would lay my money on open source over closed source almost any day of the week... and have done so for years.

 

I noiced that your website/billing/support system runs on the open source scripting language called PHP... you might want to check into that and change to ColdFusion/Java/.Net.. scratch Java, they just open sourced it... now Amazon and Ebay are going to crash :D

After restoring customer's accounts due to defaced and compromised Joomla and PHPNuke sites on a weekly basis, say what you want, but I wouldn't touch em' with a five foot poll. Guess I just don't have a very good experience with them ... could be me though :? .

0
Link to comment
Share on other sites
Adam Senior Member

Adam

Posted
Posted

Hey,

 

So to run your companies site you are gonna to use software that everyone knows (source code) and how it runs.

 

So from a hackers point of view, you want to hack a site. You know they are running a CMS. Then they find out that they can see the PHP code that runs the CMS! Now what if that CMS has a bug in it? Oops the hacker knows your PHP code and you just got @$#@$#.

 

Then from a clients point of view, "my web hosting is running a CMS on their site!" That right their doesn't look professional at all. It means they do not have the money to get a coder or even know simple HTML mark up to code their own site. IE looks bad on new customers who want a host who knows their stuff. You can say that your staff knows everything their is to web hosting and can help you out, but when your running a site that has a CMS it doesn't mean anything.

 

Also some one mention that you should not be using PHP as its open source, well if you haven't noticed we all don't use the same version of PHP, we all have different modules and different ./configure options so we are all not using the same.

 

So you can go ahead and run a CMS on your companies site and maybe you won't get hacked and maybe your clients won't think that you don't know how to code. So maybe a CMS is okay for you.

 

But you don't need me to tell you how to run your company.

 

From,

Adam

0
Link to comment
Share on other sites
computerlady911 Junior Member

computerlady911

Posted
  • Author
Posted

Like any software, Joomla cannot be left in its default state after installation. It must be secured. Most of the problems I have seen have been from people leaving their configuration file at 777 after installation. The second most common mistake is using component with known insecurities.

 

It is not uncommon for people that "hand code" their sites to "accidently" leave those open to vulnerabilities as well.

 

In other words, being open source has nothing to do with the security.

0
Link to comment
Share on other sites
Adam Senior Member

Adam

Posted
Posted

It is not uncommon for people that "hand code" their sites to "accidently" leave those open to vulnerabilities as well.

 

How can you accidentally CHMOD a file to 777? The only reason would be for a script to write into them.

 

The most common mistaken would be SQL ejection not CHMOD on files/folders that are "hand coded."

 

From,

Adam

0
Link to comment
Share on other sites
computerlady911 Junior Member

computerlady911

Posted
  • Author
Posted

People discover security issues in Microsoft software every day, it is not open source. Again, security is an issue that every type software faces.

 

Joomla and other open source programs are not for everybody, but for those who can't afford to hire a team of web developers and are willing to learn a little on thier own, it is an excellent choice.

 

Lack of a major budget should not stop companies, especially small businesses, from having their little space on the web.

0
Link to comment
Share on other sites
xxkylexx Senior Member

xxkylexx

Posted
Posted
People discover security issues in Microsoft software every day, it is not open source. Again, security is an issue that every type software faces.

 

Joomla and other open source programs are not for everybody, but for those who can't afford to hire a team of web developers and are willing to learn a little on thier own, it is an excellent choice.

 

Lack of a major budget should not stop companies, especially small businesses, from having their little space on the web.

Don't get me wrong, I'm not trying to degrade your business in any way. Just expressing my opinion on the matter.

 

Kyle

0
Link to comment
Share on other sites
computerlady911 Junior Member

computerlady911

Posted
  • Author
Posted

Joomla is not the only software I use, but I use as many open source programs as I can. I didn't think you were trying to put down my business. My business is run by people, not software. I just think we should all agree that there are different tools available in the web development world, and saying that they are bad just because they are open source, is neither fair nor accurate.

0
Link to comment
Share on other sites
Roger Senior Member

Roger

Posted
Posted
Hey,

 

So to run your companies site you are gonna to use software that everyone knows (source code) and how it runs.

 

So from a hackers point of view, you want to hack a site. You know they are running a CMS. Then they find out that they can see the PHP code that runs the CMS! Now what if that CMS has a bug in it? Oops the hacker knows your PHP code and you just got @$#@$#.

 

etc etc

 

From,

Adam

If your server is secured properly and you do your homework to secure your site. It's not much of a problem (see shared environment disclaimer below .. :) ) short of a "0 Day" type hack. PHPSuexec goes along way towards stopping the bulk of security issues. You can't CHMOD to 777 for example. 777 directories, the nemesis of nuke sites. xScript and SQL injection same.

 

I'm with computerlady911 on this one. Do your homework, make sure you didn't miss any security stuff. Keep an eye out for the new stuff. Joomla is no worse off than anything else. The difference is YOU and how YOU set/maintain security.

 

If you are in a shared environment and have no root privileges on the server. Then your security is no better than the worse security setup on the box. No matter how well yours is setup. They'll get you because a neighbor is a high school teen who didn't set their security up (been there done that).

 

Security is not an abstract thing. If you are a host it's a way of life especially if you're trying to make a living from hosting.

 

computerlady911 I may need to pick your brain sometime re:Joomla if you don't mind.

 

That's my story and I'm stickin' to it ... 8)

0
Link to comment
Share on other sites
Adam Senior Member

Adam

Posted
Posted
Hey,

 

So to run your companies site you are gonna to use software that everyone knows (source code) and how it runs.

 

So from a hackers point of view, you want to hack a site. You know they are running a CMS. Then they find out that they can see the PHP code that runs the CMS! Now what if that CMS has a bug in it? Oops the hacker knows your PHP code and you just got @$#@$#.

 

etc etc

 

From,

Adam

If your server is secured properly and you do your homework to secure your site. It's not much of a problem (see shared environment disclaimer below .. :) ) short of a "0 Day" type hack. PHPSuexec goes along way towards stopping the bulk of security issues. You can't CHMOD to 777 for example. 777 directories, the nemesis of nuke sites. xScript and SQL injection same.

 

I'm with computerlady911 on this one. Do your homework, make sure you didn't miss any security stuff. Keep an eye out for the new stuff. Joomla is no worse off than anything else. The difference is YOU and how YOU set/maintain security.

 

If you are in a shared environment and have no root privileges on the server. Then your security is no better than the worse security setup on the box. No matter how well yours is setup. They'll get you because a neighbor is a high school teen who didn't set their security up (been there done that).

 

Security is not an abstract thing. If you are a host it's a way of life especially if you're trying to make a living from hosting.

 

computerlady911 I may need to pick your brain sometime re:Joomla if you don't mind.

 

That's my story and I'm stickin' to it ... 8)

 

 

Hey,

 

Well if you have PHPsuEXEC installed (should be using suPHP) then you should be good to go, but no server is hacker proof. You can still find ways around it. Installing suPHP or PHPsuEXEC only makes the CLI version of PHP run under the username which prevents 777 on folders and files.

 

But you should still have your /tmp folder as noexec as well as an arsin of security tools installed server wide.

 

Point being, if you server is not secured and even if it is, running an open source free content management system on a professional looking site is just plain horrible. You don't see Microsoft, Google, WHMCS, cPanel/WHM and countless other sites run them for a reason.

 

From,

Adam

0
Link to comment
Share on other sites
bucketshop Member

bucketshop

Posted
Posted
You don't see Microsoft, Google, WHMCS, cPanel/WHM and countless other sites run them for a reason.

 

I agree with Adam, you have to stay on top of security for *everything* you use. Subscribe to a mailing list or forum for that purpose if they offer it.

 

I think it depends on your comfort level. I don't run a CMS period, but I use the heck out of open source products.

 

Matt uses phpBB - Open Source and has had vulnerabilities.

DarkORB runs vBulletin - Proprietary and has had vulnerabilities.

 

I think that just about sums it up. If you don't stay on top of your "stuff" your open to vulnerabilities I don't care what you run, closed or open applications.

0
Link to comment
Share on other sites
Roger Senior Member

Roger

Posted
Posted

That's is what I've been saying bucketshop.

Do your homework, make sure you didn't miss any security stuff.
The difference is YOU and how YOU set/maintain security.
Security is not an abstract thing. If you are a host it's a way of life especially if you're trying to make a living from hosting.

I just also happen to like Joomla.

 

 

8)

0
Link to comment
Share on other sites
  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept