Resources 
Joomla News Joomla SEO
Joomla News Joomla SEO
-
.htaccess Hacking in Joomla
I have a good number of Joomla websites that are hacked by hackers.
Generally, the website ends up been slower in performance. However, there are times where the websites are total defaced.
Most common hacking attempts can be easily reversed by going to index.php (either in the default root directory or the template directory) and simply delete the hacking codes. That's the most common remedy.
Another one is the .htaccess hacking. The hacker inserts .htaccess file into your directories and using mod_rewrite, it redirects your web pages (including images, javascript files, etc) to their destinated website. This either causes slow performance or website to hang.
The remedy to the above hacking is to find and locate every .htaccess file in your website and delete them away. Each directory only have at most 1 .htaccess so you would probably have to move around most of your directories to locate them. The .htaccess file will most probably be placed in common directories such as /images, /templates, etc.
After you have solved and resumed your Joomla website, you will need to update your Joomla version to the latest one. You should change your password for FTP and your hosting account access too.
-
Virtuemart Image Update Problem
There seems to be a problem with the product images of Virtuemart 1.0.13a. When you try to upload or update the image of a product, the image does not appear or it will have an unlink problem. This "Virtuemart product image is not showing" problem is quite elusive and appears in some servers only.
Since I had the same problem with one of my client's website, I had to solved it. So here's my solution that works for me:
Go to /administrator/components/com_virtuemart/classes/ps_main.php.
Add this line of code directly after line 269.chmod( $exec['param2'], 0644 );
Yup! That's it. The problem is due to the permission setting of the uploaded files.
Hope this helps!
-
Importing Unicode Data into MySQL
Phew! I have finally solved a big unicode problem for importing chinese characters into MySQL. The problem is like this: My client has a huge Access database containing English and Chinese data which I need to migrate into MySQL.
In the past, I used MySQL Migration Toolkit to import from Access into MySQL. However, this time, it doesn't work because the toolkit turns all the Chinese characters into ???. Yup, exactly that! Question marks.
So I tried to export the Access table into CSV. I opened it with Wordpad and it looks great. So after playing around with the CSV to turn it into SQL statements, I am ready to use command line import style to import the data in. The idea is to go to MySQL command prompt and type:mysql -u root -p database_name < data.csv
This ought to do the job... but it doesn't. It has some very very funny MySQL Syntax error which is like some funny characters. I find it extremely funny so I opened up the file using MySQL Query Analyser instead. What I discovered is that the data is suddenly shortened significantly to just 3 funny characters. My best guess is that wordpad actually compresses the data when you saved it.
Never mind! Chill! I rework the data in MySQL Query Analyser and save it properly. It is neat to know that MySQL Query Analyser will save your sql file in proper UTF encoding. With the proper UTF file, I tried the command line import again.
There shouldn't be any more problem... but there is. Now MySQL told me "Error 2006: SQL Server has gone away". What? Gone away? For a smoking break? OMG! After some searching on the net, I realize that the problem could be with the MySQL server setting to automatically close a connection when there is a large transfer. So I fired up MySQL Administrator GUI, go to "Startup Variables", under "Advanced Networking" tab, I checked and set "Max Packet Size" and "Max Buffer Length" to 5M each.
Back to the command line import, YUP it works! FINALLY! I am writing this out to throw it in the net hoping that it will just help some poor soul who is searching for such a solution.
-
Joomla Access Control
One of the greatest shortcoming of Joomla is that it does not have an editable access control feature. That means you can't really create new access groups nor can you change what each group can access.
The only to edit Joomla's access groups is to programmically hack it. In this posting, I will outline how to edit the access permissions of the existing backend access groups in Joomla.
All the access roles are defined in /includes/gacl.class.php and in the function gacl (line 97 of the file). You will see many statements like this:$this->_mos_add_acl( 'action', 'edit', 'users', 'manager', 'content', 'all' );
To add an access rule, simply monkey see monkey do:$this->_mos_add_acl( {Action}, {Action Value}, 'users', {Access Group}, {The Component Name}, {The Access} );
Not much point in explaining the variables in this statement which you will see why in the next step. We have defined the rule but that is not enough. The component/program has to honor it. Hence, in the component which is to impose this rule, you will need to add something like this:global $acl, $my;
You just do a checking and if it is not true, redirect to a "Not Authorized" web page. You may notice that the number of arguments in the function acl_check is the same as the function _mos_add_acl. Yup! The thing is this: the function acl_check simply checks if you have added a rule through _mos_add_acl that has the exact arguments and values as the acl_check function! So if the acl_check is called with the same arguments as the _mos_add_acl, then it will return true. ACL is quite simple in Joomla right? =)
if (!($acl->acl_check( 'action', 'edit', 'users', $my->usertype, 'content', 'all' ))) {
mosRedirect( 'index2.php', _NOT_AUTH );
}
With that, you should now understand that the arguments for _mos_add_acl is not very important but more for readability. Just good programming practice, it is always good to give meaningful names.
-
Google PR and Joomla SEO
Google has recently updated their PR status to all the websites. As usual, when such as thing happens, there are some websites who got penalized (PR dropped) and some websites who got the prize (PR increases, YAHOO!)
What's PR? PR stands for Page Rank and it is the heart of Google search engine. Basically, when you search for something through a search engine, the search engine simply looks at the content of the website and determine the relevancy of the website to your search and serves it to you. This method allows webmaster to easily tamper with the search engine's ranking as the content is controlled by them.
Hence, Google's ingenious way to counter this is to allow the web to vote for the website. Every time a website receives a link from another website, Google will take that as a vote and calculates that in their ranking of the website. The number of votes that a website has is recorded by Google and Google will assign a rank to the website known as Page Rank. Page Rank is upon a scale of 10 so the higher your page rank, the better Google thinks your website is and the higher the chance of your website appearing in the Google search results.
Of course, that is a grossly oversimplification of the real methodology of assigning a page rank to a website but that is the core idea. That's why you have SEO experts who always talk about getting backlinks backlinks and backlinks for your website!
Just for the record, my company website http://www.futureworkz.com is PR5 and this blog that you are reading is PR4. Not bad for a one-month-old blog! However, my own personal blog http://stevenyap.blogspot.com is still PR zero.
So you might be asking: What is a good PR value for my website? For a starter, achieving PR4 is a good status. That would be a good boost to your search engine ranking for the keywords that you are targeting. However, one should not be overly obsessed with PR. We must always remember that at the end of the day, what really matters for SEO is conversion of web visitors to real customers. PR plays a part but ultimately it is the right ranking in the right market that matters.
Finally, the reason that this blog is able to get PR4 in such a short time is that my company website has a link on the homepage to this blog. This is a PR5 link to this blog and that is a big vote for this website. Hence, in such a short time, this blog is able to get PR4. However, for my personal Steven Yap blog, I have not done anything for it and probably no ones in the world knows about it until I have said something about it or someone searches for it explicitly. That's why it is PR zero. (but now that a PR4 blog is linking to it, there should be at least a PR1 for my blog)
