As you will have gathered by my blog posts I take the security of my joomla sites very seriously it even prompted another blogger "realise I needed to get smarter about passwords".
Even if you follow all the advice in those posts and the excellent advice in the Joomla Administrators Security Checklist you can never be too careful.
So it is no surprise that when a new security extension popped up in JED it picqued my interest.
It seams that no Joomla related blog is complete without an obligatory comparison between Joomla and Drupal.
As I've never used Drupal, and have no intention of learning it, I'm not really in a position to do a comparison.
And even if I did I am sure it would be unfairly biased as my years of experience with Joomla is bound to influence my conclusions and decisions.
After my blog post the >other day I started thinking how I could improve the portable Joomla training suite.
Currently at the start of each training session I provide the trainees with a USB stick with a suite of portable apps including XAMPP and FireFox.
This ensures that they are all running the same software and I can pre-install some sample Joomla sites to use during the training.
Unfortunately this only works for Windows users and I don't like solutions that exclude Mac or Linux users.
Today Andrew Eddie posted a useful explanation of the new ACL (Access Control) he is building for Joomla 1.6.
Whilst Andrew has tried to explain a difficult concept it was still written by a developer for developers.
So I thought I would have a go at translating it into "normal" speak.
How often have you struggled to remember the wierd and wonderful syntax of a plugin?
How often have you wondered how you tricked Joomla into doing something?
How often have cursed yourself for not making notes?
Browsing the web all day some trends really start to stand out. Designers seem to be under the misapprehension that white space is bad and that they need to fill it.
Of course in the Joomla world we have all those wonderfuly useless eye-candy gadgets (oops I meant to say modules) to chose from to fill that white space.
But do they add to the site or does the site become so busy that your visitor misses your important content?
I bet you are amongst the majority of internet users who use one password for everything.
A password is only as strong as the weakest link and if you use the same password on multiple sites it is only as strong as the security on the weakest site.
And if you recently had an account at typo3.org you just found the weakest site as their site was compromised over the weekend.
Despite claims to the contrary Joomla 1.5 does have an ACL system. It may be rudimentary but when fully understood can be very useful.
To help you I've created a simple table with an overview of who can do what.
It should be obvious but it seems that people need a reminder.
You should only ever download files from their original source!! If you don't how will you ever be certain that what you are downloading is the real deal and doesnt have some hidden backdoor.
Not long ago a new version of wordpress was released at www.wordpresz.org which wasn't actually the real deal.
Don't fall into the same trap!.
