- Proper Hosting Environment
A properly configured server is highly recommended for your joomla website. Host your site on a server that runs PHP in CGI mode with su_php. This means that PHP runs under your own account user instead of the global Apache user and you don’t need to set insecure global permissions like CHMOD of 777.a. Set register_globals OFF
b. Disable allow_url_fopen
c. Adjust the magic_quotes_gpc directive as needed for your site. The recommended setting for Joomla! 1.0.x is ON to protect against poorly-written extensions. Joomla! 1.5 ignores this setting and works fine either way.
d. Don’t use PHP safe_mode