Joomla, WordPress and Drupal – Should you look outside the big 3?

Whenever someone decides to launch a website, or hired to do so for a client, he’s given three broad choices which will define how they’ll proceed: static HTML, a CMS or Flash. The former being practically dead due to inflexibility and the latter being not only inflexible, but extremely costly to produce, the CMS route seems a dead end; more specifically, the Open Source CMS route.

Dead end it is. Try raising the simple, innocuous question “Which CMS should I chose for my site?” on any public forum and a war seems to spring right out of nowhere. The fighting fractions are what I usually call The Big Three: Drupal, Joomla! and WordPress fans. But is this all there is to it? Does the Open Source CMS universe revolve around only three players? Given the Open Source spirit of Freedom of choice, one would hardly expect this to be the case. In fact, it isn’t. There is more to Open Source CMS than meets the eye.

Read my guest post on the design magazine

How to Improve Your Joomla! Site Design

Joomla! is often paralleled to point-and-click presentation software, such as Impress or PowerPoint, in terms of ease of use. Granted, Joomla! makes it extremely easy to build a site having no knowledge of its internal working, or even what HTML is. However, in order to build a stunning site you need a bit more than that. It’s the tricks in the web builder’s bag which determine his success, both in customer satisfaction and financial terms.

Some of the fundamental techniques for creating compelling sites is your ability to master the use of modules. Often overlooked, modules are the most practical way to integrate diverse content on a single page. Leveraging their use from mere content bearers to integral parts of your content can transform your site from boring to intriguing. The following technique has proved itself again and again in a vast array of site genres. I call it the “Faux module positions” technique.

Read the full article on

Improve your AdSense results with on-the-fold ads

If you manage an ad-supported site, you are probably aware of the problem I’m going to discuss. Some of your ads are stellar, some others are stubborn underachievers, to the extent you might consider them a waste of screen real estate. The truth about ads is that they are position sensitive. Where you put them determines, for the most part, their success. You can’t avoid all bad positions altogether but you can create new competent positions no-one has ever told you about. Implementing this in Joomla! takes 5 minutes and requires no programming skills!

[readon url=””]Read the full article on[/readon]

The Holy Grail of local web development servers

If you are a serious web developer, you might have already figured out that performing experiments and untested upgrades on production servers is a disaster waiting to happen, bringing down the live site with them. Staging live servers (in the form of usually don’t cut it either, especially if you have a lot of file transferring or editing to do. However, local development is still a kludge, as you have to develop in a sub-directory, something like http://localhost/mysite. This has all sorts of implications, the most evident of which being that it breaks cross-content links if you try to pack it and deploy it back to the live site.

Ideally, you would need to develop in subdomains, something like http://mysite.localhost, which would mean that you have the flexibility of local development with the peace of mind of not having to develop in a sub-directory. But, face it. Setting up subdomains is an involving process, requiring hacking around your Apache configuration files. This is suboptimal if you want to do it regularly. Unless you come up with a way to turn http://mysite.localhost to automatically understand where it should find its files.

This article will explain you how to combine WampServer and BIND to create this kind of Holy Grail local web development server on Windows. You will configure a single DNS entry and a single virtual host in order to create a server which can handle infinite subdomains! The only pre-requisite is having a fixed IP address for your server. Well, even will do if you can’t do anything better than that!

Continue reading “The Holy Grail of local web development servers”

Joomla! link handling has its shortcomings

As the maker of JoomlaPack Akeeba Backup – the Open Source utility to backup, restore and migrate your Joomla! site – I often have to face certain challenges. Like when a user told me that as soon as he transferred his site to a different domain, all links in his content would link to the “old” site. Fighting the temptation to dismiss it as a user error, I did some digging around. Throughout this journey I found out some of Joomla!’s link handling deficiencies, their repercussions and coded a workaround.

In this article I am going to talk about how Joomla! handles the link base and canonical URLs, as well as what happens when you migrate your site to a different domain, subdomain or even a subdirectory.

Continue reading “Joomla! link handling has its shortcomings”

Proactive security is sensible security

We live in a potentially hostile world. Spammers, scammers, hackers and – alas! – script kiddies are after our site, for all we know. It’s bad if – like most people – your site is your personal page. It’s humiliating if – like many – it’s the internet presence of your company. It’s devastating if you are one of those people whose site is their business. Having regular, automated full site backups is a good first step, but they’re only good at fixing a disaster after it has happened. Putting restrictions and controls (such as firewalls and tough passwords) is essential, but only if they don’t fail. As Einstein bluntly put it “Only two things are infinite, the universe and human stupidity, and I’m not sure about the former”. An ingenius hacker, or a stupid script kiddie, might stumble upon a way to bypass your security controls and gain unauthorized access to your site. They can even hack you yesterday and eploit their back door today.

So, what can we do? Sit around, act casual until disaster strikes? No, not at all. What we need is a proactive check of our site files. If anything unusual is added, removed or modified the equivalent of a red alert should go off in our head and force us to take measures to contain and fix the problem before it’s too late. It all boils down to an easy way to get a difference between the current state of our site and the last (and also known good) state of our site. This is the question I tried to answer with JoomlaPack SiteDiff.

Continue reading “Proactive security is sensible security”

A serializable PHP5 Factory pattern

Today it was one of my most productive days. After a JCE plugin for K2 content items and putting modules inside tabs, I decided to do some PHP hacking, with great results. The object of my pursuit was to create a variation of the Factory pattern, written in PHP5, which can be serialized and unserialized at will. Purists will observe that my implementation is not a direct implementation of the Factory design pattern. In fact, it is modelled as a serializable version of the Joomla! 1.5 JFactory class, which provides static methods for instanciating Singletons. Let’s dive to the code, OK?


Continue reading “A serializable PHP5 Factory pattern”

Securing your Joomla! site

Today I was reading Brian Teeman’s blog post “Help my Joomla web site has been hacked!!“. It outlines a pretty much scary story of site hacking. As we all know, security is a speed race. We have to upgrade our site software before a potential hacker gets wind of our outdated scripts, otherwise we run the risk of having our site compromised before we can react. What’s more, the compromise might be exploited to the attacker’s benefit long after we have upgraded the vulnerable site software, adding to our confusion. Quite a nightmare. But the hidden gem of this story, is a link back to Brian’s “Are you a Dork?” post. He implies that attackers can easily guess the version of our site’s extension, before breaking in our site. How can they? And what can we do to stop them? Read on for the full disclosure.

Edit May 2012: The information in this post is severely outdated. You can use my Master .htaccess or Admin Tools Professional by instead.

Continue reading “Securing your Joomla! site”

Cosmote Internet On The Go στο Ubuntu

This article is currently available only in Greek Πριν από λίγο καιρό αγόρασα ένα πακέτο σύνδεσης Cosmote Internet On The Go, ώστε να έχω σύνδεση Internet παντού. Η μεγάλη πρόκληση ήταν να το κάνω να δουλέψει, παρά τις αντίθετες διαβεβαιώσεις του πωλητή στο κατάστημα Cosmote, με το Ubuntu Netbook Remix που έχω εγκαταστήσει εδώ και λίγο καιρό στο EeePC μου. Ενώ, θεωρητικά, ο Network Manager υποστηρίζει εγγενώς συνδέσεις 3G Internet, τα πράγματα χωλαίνουν λόγω του μη υποστηριζόμενου USB stick της Cosmote (ZTE MF636) και της εμμονής μου… να θέλω να έχω PIN στην SIM! Ο επιμένων, όμως, νικά!

Edit May 2012: Εδώ και κάνα χρόνο ή και παραπάνω το Ubuntu έχει drivers από τη μαμά του. Δεν χρειάζεται πλέον τίποτα απ’όσα αναφέρω εδώ.

Continue reading “Cosmote Internet On The Go στο Ubuntu”

Get the CellID in WinCE using Lazarus

One of the greatest aspects of Lazarus, the free Delphi-like RAD environment of the FreePascal project, is its ability to cross-compile applications targetting Windows Mobile devices. I was taking a look at various CellID-based geolocation software lately and I thought I could probably write something of my own. However, it seems that most information pertaining to obtaining the CellID on WM devices is written for the .NET CF and there is – of course – nothing about Lazarus. So, I wrote my own simple unit to query the Cell ID, LAC and MNC codes of my Windows Mobile phone using nothing but Lazarus.


Continue reading “Get the CellID in WinCE using Lazarus”