Book Image

Mastering Mambo : E-Commerce, Templates, Module Development, SEO, Security, and Performance

By : Christian Wenz, Tobias Hauser
Book Image

Mastering Mambo : E-Commerce, Templates, Module Development, SEO, Security, and Performance

By: Christian Wenz, Tobias Hauser

Overview of this book

<p>Mambo is a PHP-based Open Source CMS. Mambo is both easy to use at the entry level for creating basic websites, while having the power and flexibility to support complex web applications. <br /> <br /> Mambo implements the core requirements of a full featured CMS. It has a powerful and extensible templating system with the ability to upload and manage many different data types. User access control, content approval, rich administrative control, content display scheduling are all built-in. New features and extensions are constantly added to the core system, with many more being available and supported by the community.<br /> <br /> Most of the Mambo development team now works on a fork of Mambo known as Joomla. Mastering Mambo is fully compatible with Joomla's 1.0 release.</p>

Related Content you might be interested in

Current Title:

Small book image
Mastering Mambo : E-Commerce, Templates, Module Development, SEO, Security, and Performance
Christian Wenz | Tobias Hauser
Dec, 2005 | 304 pages
No titles found
Table of Contents (18 chapters)
Mastering Mambo
Mastering Mambo
Credits
Credits
About the Authors
About the Authors
Preface
Preface
Free Chapter
1
Basic Mambo Principles and Terms
Basic Mambo Principles and Terms
Front-End Configuration
Administration Interface
Summary
2
Designing Your Own Templates
Designing Your Own Templates
Template Manager
Your Own Template
Administrator Templates
Useful Stuff
Summary
3
Extensions: Modules, Mambots, and Components
Extensions: Modules, Mambots, and Components
Modules
Mambots
Components
Included Stuff
Summary
4
Internationalization
Internationalization
Languages and Language Packs
Mambel Fish
Summary
5
E-Commerce
E-Commerce
Installation
Functions
Administration of Products
Configuration
Customize and Extend
Summary
6
Forum
Forum
Alternatives
Installation
Configuration
Customizing and Extending
Summary
7
Document Administration with DOCMan
Document Administration with DOCMan
Installation
Administration of Documents
Configuration
Customization
Extensions
Summary
8
Even More Extensions
Even More Extensions
MosForms: Forms with Mambo
Community Builder
Calendar: Events
Picture Gallery: zOOm Gallery
Picture Gallery: RSGallery
Chat: MOS-Chat and Others
Some More Extensions
Summary
9
Your Own Modules, Mambots, and Components
Your Own Modules, Mambots, and Components
Your Own Modules
Your Own Mambots
Your Own Components
Summary
10
Search Engine Optimization
Search Engine Optimization
Google PageRank
Problems and Solutions
Specific Modules for Optimization
Summary
11
Mambo and Security
Mambo and Security
Security and CMS
Cross Site Scripting (XSS)
SQL Injection
Unexpected User Data
"Best Practices" for Secure Programming
Deployment on the Intranet, Extranet, or with Shared Hosts
Keeping Mambo Up to Date
Keeping the System Up to Date
Summary
12
Performance and Caching
Performance and Caching
Performance Fundamentals
Caching
High Performance Programming
High Performance Administration
Performance Tests
Summary
13
Accessibility
Accessibility
The Web Content Accessibility Guidelines
Tools for Developers
Tips for Editors
Summary
Index
Index

Keeping the System Up to Date

One last important aspect regarding security is the maintenance of the system itself. The best example of that is the Code Red computer worm, which exploited a weak point in the Windows web server IIS (at that time it was still called Internet Information Service) and spread really quickly. Naturally, Microsoft carries a lot of the blame for that. The server was susceptible and was installed and updated as the default with many Windows versions. Even worse, the problem had been recognized and repaired; a patch was available for it 18 months before Code Red attacked. There are numerous similar examples. Naturally there are also Zero Day Exploits (malicious code, which exploits a security gap and is published simultaneously with the announcement of the gap), but a lot of adversity could have been prevented, if administrators and end users had taken care of their security updates in time. For instance, Microsoft did not repair one weak point in Windows until...

Previous Section
End of Section 9
Next Section