Categories

A sample text widget

Etiam pulvinar consectetur dolor sed malesuada. Ut convallis euismod dolor nec pretium. Nunc ut tristique massa.

Nam sodales mi vitae dolor ullamcorper et vulputate enim accumsan. Morbi orci magna, tincidunt vitae molestie nec, molestie at mi. Nulla nulla lorem, suscipit in posuere in, interdum non magna.

Web Development

Apache file permissions and ownership – A security issue

Good post? Please, share it...
Pin It

A Joomla developer asked on a forum: “I have a joomla site which is using linux hosting. when i am going to install a module, it is showing an error…

A Joomla developer asked on a forum: “I have a joomla site which is using linux hosting. when i am going to install a module, it is showing an error “* JFolder::create: Could not create directory* Unable to create destination”.”

Someone had suggested that this developer should change the file permissions temporarily to 777 (read/write for everyone), in order to get over this obstacle. I told him that “You should not set anything on the site to 777. Absolutely ALL directories should be 755 and files 644 (except a couple of crucial files in the root, which should be 444, for safety). Temporarily setting directories to 777 is a ‘worst case scenario’ solution and should only ever be used in serious emergencies. Permanently doing this is a total no-no! If the /temp, /administrator/modules and /modules directories are set to 755 and the log file path is correct, then the problem

Click the title, above, to continue reading […]

Web Development

Another web-site hack, anatomized – Epilogue

Good post? Please, share it...
Pin It

I hold up my hands and say that I was wrong, in the conclusion I came to at the end of my last blog. I hadn’t detected the presence of…

I hold up my hands and say that I was wrong, in the conclusion I came to at the end of my last blog. I hadn’t detected the presence of the strange strings, added to the URLs of menu links. I had merely detected a symptom.

In fact the problem was that pretty much every SEF-related file on the site had been hacked. The SEF code was merely reading the request-headers and extracting a piece of the URL requested, to add to the menu links. So, whenever a request was made to an obsolete, non-existing page, the request was hijacked and part of the URL requested was inserted into the menu link. Fiendishly ingenious!

Needless to say, once I had traced the problem, I was able to clean it out and eliminate it, finally fixing the site. I also put in some additional security measures and gave instructions on how

Click the title, above, to continue reading […]

Web Development

Another web-site hack, anatomised

Good post? Please, share it...
Pin It

Recently, I came across a newspaper web-site, in the UK, which had been hacked. The owner reported that there was a security problem. The moment I visited the site, I was immediately warned by my security tools that the site had been blocked from delivering an evil payload to my machine. This is how I fixed the problem.

Click the title, above, to continue reading […]

Web Development

Vive la difference (between media formats)

Good post? Please, share it...
Pin It

I was recently asked this question, which is not exactly a web-development question, but I’d like to share the answer, anyway: when someone sends a pps what is the difference…

I was recently asked this question, which is not exactly a web-development question, but I’d like to share the answer, anyway:

when someone sends a pps what is the difference to a wmv ? I just thought they were applications of media files opening up in certain players? can you explain a bit more?

Sure. No problem.

pps is the extension that is used for PowerPoint slide-show presentations. This is a Micro$oft proprietary format, that requires at least a PowerPoint reader on the machine that it is to be viewed on. Now, these files are essentially just descriptions of appearance and functionality, so they are small. However, if they contain lots of media stuff, such as images, videos, etc. these have to be included in it, albeit in a compressed form. So that bloats the files. In the end, they can be pretty big.

wmv

Click the title, above, to continue reading […]

Web Development

The use of the non-breaking space in HTML

Good post? Please, share it...
Pin It

A poet friend of mine wants to publish a poem, written by a colleague of his, who has passed away, recently, as a tribute to him. they followed the leader…

A poet friend of mine wants to publish a poem, written by a colleague of his, who has passed away, recently, as a tribute to him.

they followed the leader into the mountainssat at his feet in a Swiss canton                      as they decayed                               like rotting fish

and he looked at themand said:               turn off the ventriloquist's voice               flush out the snakeoil in the blood                  your bible                      your gita                          your gems                              your guns                                  your flags                                      your death

and at night they went to the nite clubs gobbling and soakingup the sudswhile that thingbetween the legsbecame            more urgentthey dished up the cold turkeyof what he had said        and nobody felt too good                  nobody felt

so they took the train the limousine the rucksackand went back home

    next yearthey followed him to Indiaand again he looked at themand said:                follow no leader                                

Click the title, above, to continue reading […]

Web Development

Tables are for tabular data, not display

Good post? Please, share it...
Pin It

The following is a small, but perhaps significant point, about how not to use tables to organize display, in a web-page layout. Whilst analyzing a web-site recently, I came across…

The following is a small, but perhaps significant point, about how not to use tables to organize display, in a web-page layout.

Whilst analyzing a web-site recently, I came across an image inside a single-cell table. Image and its caption are enclosed in a table with a single row and a single column. This is not very good.

Tables should be used only for tabular data, not layout.

i.e. this bit:

< img src=”myimage.jpg” alt=”Active Image” width=”240″ height=”204″ / >

should be inside a < div > < /div > tag and the tag should have the ‘text-align’ style attribute applied:

Bad:

< table border=”0″ width=”250″ align=”right” > < tbody > < tr > < td >< img src=”myimage.jpg” alt=”Active Image” width=”240″ height=”204″ / > < span >This is the caption for my image. Photo by No-one at all< /span >< /td > < /tr > < /tbody > <

Click the title, above, to continue reading […]