Support

I am building a site that will exist on a subdomain rather than www.

Is it wise to turn off the htaccess maker feature that redirects the domain? Or is there a way to use it to direct to the subdomain instead of www? I realize www is a kind of subdomain.

Just looking for some guidance on this from anyone has already had experience with it.

The site I'm building is to help with a disaster relief effort so there will likely be a large exposure to it very quickly. I don't have the luxury of time to figure out I should have done X instead of Y.

Thanks!

marc,

if your primary domain redirects to www, then having your subdomain direct to www wont be a problem.

However if your primary domain does not redirect to www and you try redirecting your sub domain to www it will most likely throw 404 dependent on a few factors.

If i were you, i would definitely not turn off htaccess maker features, however it not a big deal to not redirect non www to www. Depending on your config it sound like you should probably avoid redirecting non www to www.

Very Importantly if you decide not to redirect make sure

Host name for HTTPS requests (without https://) within htaccess maker is set accourding eg. primarydomain.com/subdomain

same thing with your root folder and dont forget the live site variable within you configuration.php file.

hope that helps!

Thanks. I'm planning to launch the site in an hour or so. Am having RocketTheme issues with the Entropy template and .htaccess created with ATPro 2.05.

IMHO i have seen many rocket theme templates which i dont rate at all. They always have issues and personally am sick of developers and templates with little to no focus on security, through poor practices. Its so common, it almost seems the norm.

I fixed both problems with htaccess maker tweaks. Thank God for FireBug.

My site is on a development LAMP box running Ubuntu. Thank God for Jumpbox.com too! Full root access is a great way to fix stuff. :)

First problem - Entropy template. It comes with 3 fonts. I added the file extensions to the Front End File Type exception box (ttf, svg, eot, woff) and all is well again.

Second problem - the new administrative template called MissionControl. It's free from RocketTheme. I love it. Some of the style sheets are rendered through a PHP instead of CSS (e.g. colors.css.php) and adding "php" to the Backend File type exceptions.

I'm sure there will be additional hurdles once the instance is on the actual host (a Rochen account) but that's part of security, isn't it? I hate problems, but love solving them.

Hope this post helps somebody down the road.

Almost forgot to give props to Nicholas for suggesting I use Rochen instead of SiteGround. I have a Reseller2 account now. Man, they rock.

Thanks, Santa... I mean, Nicholas!

You are so right Slaes, it seems more and more of these clubs are delving into areas of PHP for their designs without evaluating the consequences of their actions.

The biggest problem I have with this is I tend to take a template and do major mods to it. Now that these templates are not simple shells anymore they have more updates when they find something that is broken or a security issue they overlooked in their haste to deliver the template in thirty days.

I do not even look at a template until it is at least 2 months old and when they update their framework I tend to wait even longer before I consider them as a possible design solution.

Another thing that ticks me is that many of them do not even offer up a change log so we can decide on how to best update the template without having to redo all of the changes or if it is a security update to know that it is something we should do in defense to the threat.

glad you sorted it.

personally i much prefer to leave server side processing out of css for a number of reasons. (PHP ESPECIALLY)

the reason template makers allow it is because security is not their issue and well the buzz words " modify everything in a few clicks " etc etc.

earthrat,

yeah for sure, i agree on all accounts.

Reguarding the change log, i understand to some point, however most makers dont even mention the type of fix.

From my own personal experience,

Template Monster = nightmare. I would doubt anybody on this site, would be using anything like that. I have seen some very poor examples indeed, if not the worst

Rocket Theme = not a fan, once were good. Still have some good older stuff, i think they are trying to keep up and compromising quality. (which leads to possible security risks)

Joomart = very attractive, lots of work goes into them. they have a big team however similar cons to the above.

Solution = use proven templates or make your own which can be a PITA for some.

** all my personal opinion and from my own experience and i have used hundreds if not thousands. Golden Rule = always try update, everyone seems to forget about templates. Server side processing of css (php within css) is a joke and should be avoided where possible. No real logic to it apart from, "yeah one click changes everything" sign up today, lol :)

Nicholas - regarding using htaccess facilitate compression at the server instead of a zipper plugin, I found that, at least on Siteground, the htaccess compress option broke the site. I had to turn it off just to get the site to run.

Having said that, and somewhat in RocketTheme's defense, it is hard to know what a given ISP will work with regarding Apache features. Thus, providing a non-server based compression solution is a valid idea - in theory.

MC

or if you really want a nightmare, start playing with google's mod_pagespeed for apache. All you christmasses will come at once :)

Great Idea, if only it would work, right all the time. lol! ahhhh

Google are obsessed with speed, but they deserver lots of credit for the effort IMHO.

** 2 not misleads anyway, only relevant with sites serving LOTS of certin type of content. By no means good for all. Standard compression better for most

Well, I've launched the site. Then we posted the URL on our Facebook page and within SECONDS I started getting Bad Behavior out the wazoo. After a few minutes I enabled the automatic banning feature after 5 attempts. I guess there's a crawler out there that looks for new URLs posted on Facebook.

Hands down, Akeeba Tools Pro and Akeeba Backup Pro is the best 85 euros I have ever spent! I'm sure we'd have a DDoS by now otherwise.

Hats off.

http://smithville.monroecountyweb.com