Rangerland Redeveloped

Our clients come to us in a variety of ways and with varying requests. Rangerland came to us with an older site looking for something fresh to portray the company more effectively - essentially a new fresh look.

The end result was a very simple and clean layout with seasonal imagery used for a backdrop - it's really quite nice.

Working with clients we try to get a sense of their own style preferences, a feel for the company, their clients, their services - it's a lot to take in, but that's where our team shines.

Through round table discussions and creative planning, we're able to deliver sites to clients that are beautiful and functional. We've been using the Joomla! framework, which means that clients have the ability and option to update their own sites once we've put the finishing touches on them. This is great news for clients, as we've seen the pains (in fact a lot of new customers come to us with those pains) of not being able to update your own site.

Customers usually want to make relatively minor changes - it's hard to justify paying someone for simple text edits and waiting for a web company that doesn't see your business as their priority can end up taking days, sometimes weeks to get done.

Don't get me wrong, we're happy to help clients update their sites and generally can provide a quick turn-around for minor changes, but we do all get busy and having the ability to access and update yourself is golden. Especially when Joomla! makes it so easy.

Joomla Security

Introduction

According to Google Trends (1), Joomla is the most widely used CMS on the market today. With its ease of use, developer community, and immense library of third party add-ons, it’s no surprise why Joomla is so popular. Popularity, though comes with a price - the issue of security.

It’s comforting to know that, out of the box, Joomla 1.5.10 is a very secure CMS (2); and when maintained properly, keeps your site nearly hack- free. But do keep in mind that nothing is 100% hack-free.

The key here is maintenance. Aside from typical security measures, the owner must be vigilant in keeping up to date with security patches, regular backups, and monitoring unauthorized access.

There is official Joomla documentation on a security checklist (3), that if not taken for granted, can reduce any downtime in having to re-implement a compromised site.


What can the Developer Do?

The developer can do a lot to ensure that the client’s new Joomla site is safe and secure. Here is a list of some of the most important things:

- use a secure host (www.siteground.com is popular)
- install recent Joomla version (ensures latest security update)
- ensure sensitive directories are write-protected (prevents unauthorized access)
- enable .htaccess (this prevents unauthorized scripting)
- enable SEF urls (this hides URLs)
- turn Magic Quotes off (prevents SQL injections)
- turn Register Globals off (prevents access to global variables)
- delete unused templates (prevents unwanted display of pages)


What can the Client Do?

The client needs to acknowledge the fact that all websites are vulnerable to attack, even those found on Secure Server Layers (SSL) like Bank websites for example. Certain precautions need to be taken to avoid potential disaster:

- secure usernames and passwords (combinations of numbers/letters/uppercase)
- an offsite backup system (don’t rely on the host to do this)
- secure third party Joomla extensions/plugins (buyer beware)
- tracking and monitoring (be aware of unauthorized traffic)


Conclusion

In summary Joomla is the number one open-source CMS on the web. This popularity has led to more than its fair share of hacking attempts, but this is normal. It’s the PC vs MAC analogy. Apple boasts that MACs have zero viruses, but this is simply due to the fact that it has less market share, thus less interest from hackers. To be sure, the underlying UNIX-based system behind a MAC is very secure to begin with, but that does not mean it cannot get hacked.

Joomla is very similar in this regard. With the release of Joomla 1.5, significant security measures have been integrated into its core. Things like SEF urls, and .htaccess do a lot to ensure your Joomla site is safe from exploits. However it is up to the developer to make sure everything is setup correctly. Thereafter, it is the client’s responsibility to change passwords, monitor third party access, and perform regular backups.

In the end, Joomla is what you make it.


SOURCES

(1) Google Trends

(2) ”Is Joomla A Secure Platform for a Business?”

(3) Joomla Security Checklist