Home Conticreative Blogs The Joomla Blog Un-Joomla your Joomla! site

Blogs - The Conticreative Joomla Blog

Un-Joomla your Joomla! site

Written by Marco Conti Thursday, 01 March 2007 16:14

User Rating: / 0
PoorBest 

One of the tricks to make your finished site as professional as it can be is to eliminate the various references Joomla makes to itself throughout the site.

If your site is at risk of being hacked, the following tricks will help "mask" your site from the various script kiddies and any ill intentioned hacker. Warning: you are not actually locking down your site or make it hack proof completely. The intention here is simply to make it so that at first glance it will be hard to recognize your site as being built using Joomla.

Step 1: Use an SEF component

This is always a good idea regardless of your intentions. Human readable URLs make it easy for both users and search engines to index your site and remember URLs. I use both ARTIO and OpenSEF or the more recent 404SEF (my favorite at the moment) and all work very well for me. The idea here is that a URL called mysite.com/blog/index.html will not give out the dynamic nature of your site.

The Joomla "Contact" component and some other components sometimes retain their non-SEF URL. There are a few tricks for that too. (but you are going to have to wait for those)

Step 2: Edit the Joomla! footer

This is usually simple: go to your Templates > (template name) > footer.php file

(In some cases the footer code is in the index.php file also)

There you will see something like this:

[ Copyright © <?php echo mosCurrentDate( '2005 - %Y' ) . ' ' . $GLOBALS['mosConfig_sitename'];?>. <?php echo $_VERSION->URL; ?> ]

Simply delete the entire line or just the echo $_VERSION->URL; code or then again comment it out using the PHP // comment (don't use the HTML comment style or it will still write the Joomla copyright in the HTML code). It should look like this:

<?php //echo $_VERSION->URL; ?>

Step 3: Change or delete the META='GENERATOR' tag

This is an easy one. Under "Global Configuration" look under the "Metadata" tab and switch "Show Author Meta Tag" off.

Step 4: Create a generic or branded Administrator Template

All this work would be wasted if somebody could simply type /administrator and see the Joomla administrative login page. The good news is that the Administrative template works just like any other Joomla template. Go to Administrator > Templates and change the graphics to something more generic. You can also change the layout of the Admin template and eliminate all of the Joomla references. I usually also change the template around a bit so it looks less like a hacked Joomla admin screen.

At this point, you can still perform a global search and replace for "Joomla" on your site and your parsed code to make sure nothing else will give out the fact you are using Joomla.

And yes, to answer your next question, it's perfectly legal to do this. In fact, it's recommended if you want to keep the casual hack from trying to mess with your site.

< Prev		Next >