Please be advised that the following article is an exact replica of How to Tell if a Website Is Running Joomla - O'Reilly Answers. It's more like a note for myself.
Have you had a sneaking suspicion that a site may be running Joomla, but you're not quite sure of it? In this excerpt from Severdia & Crowder's Using Joomla you'll learn some of the methods of determining if the site in question is indeed running Joomla.
There are several things you can do to see if a website is running Joomla. Unfortunately, some people will try to obscure certain things to make some of the methods mentioned not work, so we’ll share some of those tricks as well.
We just discussed this feature in detail in the section called “View All of the Module Positions” in Chapter 9, Modules. Go to
http://www..com/index.php?tp=1 .
If you see module positions overlayed on the screen, the site is a Joomla website.
Have you had a sneaking suspicion that a site may be running Joomla, but you're not quite sure of it? In this excerpt from Severdia & Crowder's Using Joomla you'll learn some of the methods of determining if the site in question is indeed running Joomla.
There are several things you can do to see if a website is running Joomla. Unfortunately, some people will try to obscure certain things to make some of the methods mentioned not work, so we’ll share some of those tricks as well.
The easiest method is to view the website’s source code.
If you see the following line, you can be sure that you are looking at a
Joomla website:
<meta name="generator" content="Joomla! 1.5 - Open Source Content Management" />
Note
To prevent your website from showing the contents of the generator meta tag, add the following to your template’sindex.php
file on the line after the check to see
if _JEXEC
is defined:$this->setGenerator();This will not completely remove the generator meta tag, but it will remove Joomla! 1.5-Open Source Content Management from displaying. We cannot completely remove the tag without a hack since the shell of this meta tag is hardcoded in the framework.
It’s too easy, right? Just like you type
/administrator at the end of your domain name URL
in order to access the Administrator Backend, so do all other Joomla
users.
If you see a Joomla Administrator login screen, you can confirm it’s a Joomla website.
If you see a Joomla Administrator login screen, you can confirm it’s a Joomla website.
tp=1
If you see module positions overlayed on the screen, the site is a Joomla website.
Note
For directions on preventing this check from working on your site, please refer to Chapter 20, Security.
By adding the
Navigate to one of the following URLs:
template=
parameter to
the end of a Joomla URL, you can change the template for that page. If
it works, the person is using a Joomla website.Navigate to one of the following URLs:
- http://www.
.com/index.php?template=rhuk_milkyway - http://www.
.com/index.php?template=beez - http://www.
.com/index.php?template=ja_purity
Note
For directions on preventing this check from working on your site, please refer to Chapter 20, Security.
Joomla uses XML files to install components, manage
parameter types, and more. If we are able to pull up a core XML file, it
can be assumed that the website we are viewing uses Joomla.
Go to http://www..com/administrator/components/com_content/content.xml .
Go to http://www.
Note
For directions on preventing this check from working on your site, please refer to Chapter 20, Security.
Since all Joomla websites have a
Navigate to http://www..com/robots.txt .
If you see they do have a
robots.txt
file, this is an easy one to
test.Navigate to http://www.
If you see they do have a
robots.txt
file,
compare it with the text below. If it matches, you are looking at a
Joomla website:1 User-agent: * 2 Disallow: /administrator/ 3 Disallow: /cache/ 4 Disallow: /components/ 5 Disallow: /images/ 6 Disallow: /includes/ 7 Disallow: /installation/ 8 Disallow: /language/ 9 Disallow: /libraries/ 10 Disallow: /media/ 11 Disallow: /modules/ 12 Disallow: /plugins/ 13 Disallow: /templates/ 14 Disallow: /tmp/ 15 Disallow: /xmlrpc/
Note
To disable this on your website, delete yourrobots.txt
file. Even though this sounds
like an easy thing to do, we don’t recommend it. We think the benefits
of having a robots.txt file outweigh the downsides of not having one.
More information on robots.txt
can be found in the section called “Blocking Search Engines”.
Since all Joomla websites come with a .com/configuration.php-dist .
configuration.php-dist
file, this is another
easy one to test. Navigate to
http://www.Note
To disable this on your website, delete yourconfiguration.php-dist
file. After installation,
this file is no longer needed, so there’s no harm in deleting
it.
No comments:
Post a Comment