Bernard Sfez blog and notes

Tiki Express Tutorials, notes or security related informations.
A good part is related to Tiki Wiki, the complete web application builder.
Other are related to the technologies used with my ready-to-use Web Applications.

SEO, SEM, affiliates, socials, ads, analytics, CPC, PPC, ROI... Do you need (to understand) all this ?

Author: Bernard Sfez - Published

Building a website is not a goal (or may be in very few case) by itself. I often see people requesting a Website... a nice one, with their logo, colour chart, have a slider, bootstrap, etc, etc. But if I ask: "What do you want your website to do for you or your organisation" ? I got a 10 seconds silence with eyes looking for someone else in the room to answer my question.
It happen a lot and that’s ok. Yes that’s ok and it’s our job as project managers, to understand our customers needs and to help them without wasting their time or money. It is to us to analyse and understand what is going on Internet and Digital Media, fields that are constantly changing and evolving. They got their business, their branch, their day to day task to run, maintain and complete !

A website is a part of a company strategy or a tool for an organism you setup for a purpose. Once you know what your website should do - how it should interact with your company, your employees, your customers and volunteers - then you can think about how and if you need people to find your website or something inside it. In this article I would like to share my experiences about "what you can do" directly rather than what and how serious SEO/SEM consulting company can to help you.

How to redirect anonymous to your great 404 page in Tiki

Author: Bernard Sfez - Published

For another member of the Tiki community I did a quick video to answer his question : How do you redirect to a more "Jedi" 404 (that’s was his words ;)) ?

I answered doing this quick video and then I was asked to share it, and someone else ask something else and did a second video and so on. I’m not sure exactly where it will go but I’ll publish those quick video without too much of editing. And that’s ok if I don't get an "Oscar" for this. To be true I’m thinking seriously about doing tutorials and this is may the start.

Tiki 18.1 has been released (am I’m back to my blog !)

Author: Bernard Sfez - Published

The Tiki community announced the latest stable release - 18.1. This update includes a number of fixes since the initial 18 release, as well as code and feature improvements. It includes critical security fixes thanks to the very active Tiki security team that have also backported to all maintained Tiki versions - Tiki 15.6LTS, Tiki 12.13LTS and Tiki 17.2. Get Tiki 18.1 or the update for the version you are using at the Tiki download page.

Security and bug-fix updates: Tiki 17.1, Tiki 16.3, 15.5 and Tiki 12.12 released!

Author: Bernard Sfez - Published

The Tiki Community has released updates to all supported branches of the Tiki Wiki CMS Groupware project. These updates address several vulnerabilities found in Tiki, as well as bringing miscellaneous bug fixes.

Special thanks to:

for reporting and assisting in verifying fixes for the security issues!

All Tiki website administrators are strongly encouraged to upgrade their sites to the latest Tiki versions: Tiki 17.1, Tiki 16.3, Tiki 15.5 LTS, and Tiki 12.12 LTS.

Visit https://tiki.org/Download to get the latest version.

Tiki 17.0 has been released

Author: System Administrator - Published

The Tiki Community is pleased to announce the latest stable release - Tiki 17.0 aka Zeta Boötis. This update includes many new features and code improvements, as well as security fixes. Tiki 17, originally scheduled for an April 2017 release but pushed back for extra fixes and enhancements, brings a number of significant new features including support for modern favicons, password blacklists, and a new method for annotations.

New external libraries integrated as features include H5P, the open source platform for creating, sharing, and reusing interactive HMTL5 content; CasperJS, a browser navigation scripting and testing utility written in Javascript for PhantomJS or SlimerJS; and Exposé IDS (intrusion detection system).

Feature advancements include a massive improvement in PDF generation via mPDF, tracker additions and enhancements including a more versatile user selector field type, typography enhancements based on PHP SmartyPants, and a number of new wiki plugins.

For the most polished and feature-complete Tiki Wiki CMS Groupware experience, an upgrade to Tiki 17.0 or new installation as a first Tiki website is highly recommended!

You can find here the long long list of Tiki 17 improvements: https://doc.tiki.org/tiki17

Get Tiki 17.0 at the download page.

It is time to update your Tiki ! (Tiki 16.1, 15.3 and 12.10 released)

Author: Bernard Sfez - Published

A new breed of Tiki has been released a week ago and the Tiki Community urge every user to update as it solve critical security issues. LTS (Long Term Services) versions are concerned, 12.x and 15.x, as well as the under going development 16.x branch so you got no excuses. With so many improvement and a few regression and bug fixes it is in your best interest to upgrade as those version not only contain security fixes but hundreds of small improvement, enhancement and regressions fixes.

The process is pretty smooth and doesn’t require that much knowledge thanks to the Tiki Install/Update process and your data will be safer as well as your files. As usual do backup of your database and if you feel it is too complicate for you ask from the Tiki Community for help, contact me or check the Tiki consultant list to have it done.

Skype being heavily targeted this end of year

Author: Bernard Sfez - Published

Skype the popular text, voice and video communicator has being targeted several time on several platform since October 2016.
If you were on Windows and Android it is now several weeks you are urged to update your version of Skype. Since an old backdoor was also found (by Trustwave's SpiderLabs analysts) on Mac OSX version it seem that everyone should update skype, period.

Skype, acquired by Microsoft for $8.5 billions in 2011 was born in 2003 (only) but became rapidly a very commonly used application with 300 millions of users, around 20% of adult Internet users are Skype aficionados! With such penetration, simple breach or hack have a huge impact on the entire community. Not infected system are getting spammed and must defend themselves or be defended while all this have a cost and decrease Internet performances. The virus infection come with a slow wave propagation. While this may fool some of us (we are not affected at the same time) this give a good advantage for those who are away from the source and by the time the virus or hack affect the system that they are connected to or may received information from they should have updated or upgraded their own application.

WikiSuite, une compilation d'outils Libre / Open Source pour gérer information et communications

Author: Bernard Sfez - Published

WikiSuite (en un seul mot) est une compilation d'applications Libre / Open Source et d'outils rassemblés et intégrés dans une même Suite. Il n'y a pas vraiment moyen de le dire en peu de mots aussi commençons par les gros titres; Servir, Protéger, Gérer, Communiquer, Partager et Publier les données de votre organisation en utilisant des applications et outils qui ont fait leurs preuves pour assurer vos besoins. Oui, ca fait tout cela et franchement, après des années a essayer de trouver un outil solide pour répondre aux besoins et approches communes du monde des moyennes et petites entreprises qui ne peuvent investir dans des tonnes de licences et une infrastructure (matérielle et personnelle) pour mettre en place, supporter et maintenir leur systèmes informatiques cela ressemble à une sérieuse et valide option.

Vulnérabilité sur des modules Drupal, la question de l’usage de plugins externes (de nouveau)

Author: Bernard Sfez - Published

Drupal demande à ses utilisateurs de corriger plusieurs dangereuses brèches de sécurité qui permettent aux hackers de prendre contrôle de sites via une exécution de code à distance. Ce système de gestion de contenu (Drupal) affiche quelque 15 millions de téléchargements, comparés au 140 millions revendiqués par Wordpress et au 30 millions par Joomla, est utilisé pour gérer les informations de très grosses organisations ou sociétés qui incluent 9% des 10,000 sites les plus populaires.

Si le noyau de Drupal n’est pas affecté et que cela ne concerne pas 100% des sites, cette préoccupation met de nouveau en avant les problèmes liés à l’utilisation des modules/plugins/add-ons externes proposés par une tierce partie (développeurs ou compagnies indépendantes) pour être ajouté au logiciel principal et qui peuvent causer de graves préjudices au projet lui-même, à vos utilisateurs, votre business... votre dur labeur. Il est critique, si vous utilisez Drupal que vous lisiez attentivement les conseils publiés le 13 juillet 2016 par Drupal pour vérifier si l’un des modules que vous utilisez n’est pas affecté par le problème en question.