These are the script I use to maintains all my 3 demo Joomla! sites:
These scripts increased security and are trying to standardized how to create, update and maintain Joomla! demo site. Feel free to submit, send me ideas how to improve them or ask for help.
This project is hosted at http://forge.joomla.org/gf/project/demosite/ under a GPL v3.0 license and the latest documentation can be found in my WIKI
- 1 script (snapshotit.bat ) per Joomla! instance to create snapshots (files+ database) and save the result in a zip file.
- 1 generic scripts (renew.sh) that renew an instance of Joomla! (files+ database) and secure it at the same time
- An access to a Linux bash on your server, ideally as root
- The possibility to define new crontab entries
On your desktop or reference server, install preferably in xampp/htdocs as much version of Joomla! as needed. These directories are containing Joomla versions . In these versions you will be able to install, remove configure your extensions. I personally have them in XAMPP
In each of these Joomla! installation, copy this file snapshotit.bat inside and configure the variables accordingly. The file is well documented to not describe these variables here.
This small batch file is making a snapshot of all files and database and create a new file demo-joomla-1.5.zip for example.
Consider while installing Joomla!
- To not choose as a default for table name the prefix jos_ but something longer and more random, something like gZ45dF_ to mitigate SQL injection
- Do not name your admin user admin, but choose something longer and more random, Fdhtz56df_Gdte34 to reduce risk of brute forcing the administrator login/sql injection
On the server
Copy now this file demo-joomla-1.5.zip to your server, using FTP, SSH
Copy also renew.sh to your server, using FTP, SSH
Add to your crontab for each of your demo site the following big line, I renew demo site every 30 minutes
$ crontab -e
add this line
30 * * * * locationOf_renew.sh locationOf_zip locationof_httpdocs dbuser dbpassword dbtablename unixuser unixgrp
- locationOf_renew.sh fully qualified path to renew.sh
- locationOf_zip fully qualified path of zip file (containing Joomla! and .sql file)
- locationof_httpdocs fully qualified path of the httpdocs directory where this zip file content will be extracted
- dbuser : database user that is used by Joomla!
- dbpassword : database user password that is used by Joomla!
- dbtablename: database schema name that is used by Joomla!
- unixuser: unix user that is supposed to own all files in httpdocs, for example cedric
- unixgrp: unix user that is supposed to own all files in httpdocs, for example psaserv
This script renew.sh is doing the following with the zip file
- Delete all files in locationof_httpdocs removing all potential security threat and settings changes by visitors of your demo site
- Lock the demo site by adding an htaccess and htpasswd files temporary
- Unzip all file in demo-joomla-1.5.zip to locationof_httpdocs
- Restore the database with the file demo-joomla-1.5.sqlfound in demo-joomla-1.5.zip
- Change user and usergrp to the right one (unixuser, unixgrp)
- Change all files and directory to the minimum required set of permissions (555 for directory and 444 for files)
- Make the cache directory of Joomla! read write for the owner unixuser
- Delete the file demo-joomla-1.5.sql
- It remove potentially dangerous components from demo site, among others
- com_media Removing the users the right to upload, alter or delete files
- com_config Removing the users the right to change configuration
- com_installer Removing the users the right to install extensions
- it remove installation or installation.old if present
- Unlock the demo site by removing the htaccess and htpasswd files, and restoring the one from the zip files
All in all and thanks to this development, my 3 demo site are now online, update will be a lot easier and I will keep them more often up to date
Joomla! 1.0 tricks
In Joomla! 1.0 configuration.php I use the following trick to not have any stage dependent values.
$mosConfig_absolute_path = dirname(__FILE__);
$mosConfig_cachepath = dirname(__FILE__).'/cache';