I posted the 10 top things for fun, its a funny thing. Don't take it as condescending please, its not meant like that, instead learn from it. Just good fun :)
On Thu, Mar 26, 2009 at 4:39 PM, Mark Simko <masi...@verizon.net> wrote: > On Thu, 2009-03-26 at 12:00 -0400, joomla-requ...@lists.nyphp.org wrote: > > Top posting because of the length of the prior post. > > The tone of this response appears condescending, although it may not > have been meant that way. Perhaps it's just the title that gives the > post that appearance. > > I can think of several reasons why a site may still be running an older > version of Joomla! than the latest and greatest. It may be that the > client does not want to pay for the work involved in an upgrade, or that > the client cannot afford to pay for it. Or, perhaps the extensions being > used on the site do not have stable 1.5 versions yet. > > There may be reasons why the site is run on a shared host. To some that > may seem like a less than ideal situation, but for others, shared > hosting and low hosting fees may fit them better. > > I think the original post about being hacked was meant to be informative > and perhaps intended to spark a discussion. This reply seems like a > lecture. If so, it's unwarranted. If I'm wrong about the intent, then I > apologize, but sometimes the elitist tone gets my ire up. > > Mark > >> Top 10 Stupidest Administrator Tricks >> >From Joomla! Documentation >> >> >> 10. Use the cheapest hosting provider you can find. >> >> Preferably use a shared server that hosts hundreds of other sites, >> some of which are high-traffic porn sites. Don't check the list of >> recommended hosting providers. >> >> 9. Don't waste time with regular backups. >> >> Maybe the hosting provider will help you out. >> >> 8. Don't waste time adjusting PHP and Joomla! settings for increased >> security. >> >> Hey, the install was brain-dead easy. How bad could the rest be? >> Worry about those details only if there's a problem. >> >> 7. Use the same username and password for everything. >> >> Use the same username and password for your on-line bank account, >> Joomla! administrator account, Amazon account, Yahoo account, etc. >> Hey, who has time to keep track of so many passwords? And anyway, >> since you don't change passwords, it's easier to just use the same one >> all the time, everywhere. >> >> 6. Install your brand new beautiful Joomla!-powered site, and >> celebrate a job well done. >> >> Don't worry about it again. After all, if you don't make any more >> changes, what can go wrong? >> >> 5. Do all upgrades on the live site right away. >> >> Who needs a development and testing server anyway? If an >> installation fails, you'll just uninstall it again. That will >> hopefully also undo any damage the installation caused. >> >> 4. Trust third-party extensions. >> >> Install all the cool-looking stuff you can find. Anyone smart >> enough to write a Joomla! extension will provide perfect code that >> blocks every known exploit attempt, now and forever. After all, almost >> all this stuff is provided for free by well-meaning, good-hearted >> people who know what they are doing. >> >> 3. Don't worry about updating to the latest version of Joomla! >> >> Hey, nothing has gone wrong so far, and if it ain't broke don't >> fix it! Same plan for the third-party extensions. Too much work; >> life's a beach. >> >> 2. When your site gets cracked, panic your way into the Joomla! Forums. >> >> Start a new post with a very familiar title: "My Site's Been >> Hacked! (sic)" Be sure not to leave relevant information, such as >> which obsolete versions of Joomla! and third party extensions you >> installed. >> >> 1. Once your site's been cracked, fix the defaced index.php file and >> assume all else is well. >> >> Don't check raw logs, change your passwords, remove the entire >> directory and rebuild from clean backups, or take any other overly >> paranoid-seeming action. When the attackers return the next day, >> scream loudly that you've been "hacked again," and it's all Joomla!'s >> fault. Ignore the fact that removing a defaced file is not even step >> one in the difficult process of fully recovering a cracked site. >> >> > > > _______________________________________________ > New York PHP SIG: Joomla! Mailing List > http://lists.nyphp.org/mailman/listinfo/joomla > > NYPHPCon 2006 Presentations Online > http://www.nyphpcon.com > > Show Your Participation in New York PHP > http://www.nyphp.org/show_participation.php > _______________________________________________ New York PHP SIG: Joomla! Mailing List http://lists.nyphp.org/mailman/listinfo/joomla NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
