Is your domain HEF?
Selecting a name for your new site is perhaps the most important thing you will ever do. Of course the content and design is important but if no one can remember your name all that time and effort will be wasted.
You'll find loads of sites on the net telling you the golden rules of domain name selection:
Dork : An inept or foolish person
What does this have to do with Joomla? Well a dork is also the name given to the method hackers use to identify if a site is running a vulnerable extension.
As soon as a vulnerability in an extension is revealed in either the hacker forums or on responsible security sites such as milw0rm or The Open Source Vulnerability Database the hackers of the world use google to search the net for sites using that extension.
On 14th April 2003 I released a newsletter component for Mambo 4.0 which at the time was one of the only "extras" you could get for a Mambo web site and yet today there are approaching 4,000 extensions for Joomla.
That newsletter component had to be installed manually via ftp and phpmyadmin was required to create the database tables and add the component to the interface. It was also the very first extension to use a WYSIWYG editor - at the time you needed to write all your content using pure html.
What do you use for backups of your Joomla web site? Until Joomla 1.6 (thanks Sam for adding this) there has been no backup routine built in to Joomla and yet backing up your website is the most important thing you should do.
No matter what your web host offers as a backup service this is your responsibility and only yours. Backups are too important to rely on anyone but yourself.
Since the beginning of Mambo "I want/need/demand ACL" (access control lists) must be one of the most common threads in the forums. But what do I/you mean by ACL and why is it just so dam hard to implement. (I assume it must be hard or it would have been done by now in the core)
Keep It Simple Stupid
Where do you stop. You've got a great idea for an extension but at what point do you say enough is enough and release. There has to be a point in the development of an extension where adding additional features actualy detracts from the effectiveness of the extension rather than adding to it.
One of the few pieces of code that I can claim any credit for is the ability to define a database prefix to all the tables in your site and this dates back to the early days of Mambo around the end of 2003. The reason it was frst introduced was to allow site owners to install multiple version of Mambo on a single mysql database.
But now it serves a second purpose in "helping" to protect your site from some of the more common security hacks.
Everyday a new warez site pops up on my google alert offering me the latest and greatest Joomla extensions and templates. I am not a developer but I talk to several every day and each time the conversation turns round to how to stop rapidshare, megaupload etc. or which method of encrpytion to use.
But what is the point! All encryption can be broken, people dont like encrypted software and the time spent firing off emails to ISP, domain registrars and hosts could be far better spent.
Take it as a compliment and a free advert that someone is ripping of your work and move along. I know I did.
If/When you start development on your extension don't reinvent the wheel!
Joomla has established several default behaviours and irrespective of whether you agree with them your users are already familiar with them. By following these defaults you will greatly reduce the learning curve for your extensions and consequently reduce the number of support requests.
