; Joomla! Project ; (C) 2007 Open Source Matters, Inc. ; License GNU General Public License version 2 or later; see LICENSE.txt ; Note : All ini files need to be saved as UTF-8 COM_CPANEL="Control Panel" COM_CPANEL_HEADER_SUBMENU="Submenu" COM_CPANEL_HEADER_SYSTEM="System" COM_CPANEL_LINK_CHECKIN="Global Check-in" COM_CPANEL_LINK_CLEAR_CACHE="Clear Cache" COM_CPANEL_LINK_DASHBOARD="Dashboard" COM_CPANEL_LINK_EXTENSIONS="Install Extensions" COM_CPANEL_LINK_GLOBAL_CONFIG="Global Configuration" COM_CPANEL_LINK_SYSINFO="System Information" COM_CPANEL_MESSAGES_BODY_NOCLOSE="There are important post-installation messages that require your attention." COM_CPANEL_MESSAGES_BODYMORE_NOCLOSE="This information area won't appear when you have hidden all the messages." COM_CPANEL_MESSAGES_REVIEW="Read Messages" COM_CPANEL_MESSAGES_TITLE="You have post-installation messages" ; Translators: Don't touch the code part in the following message, Starting with ## Mod rewrite ... COM_CPANEL_MSG_ADDNOSNIFF_BODY="

Joomla is now shipped with additional security hardenings in the default htaccess.txt and web.config.txt files. These hardenings disable the so called MIME-type sniffing feature in web browsers. The sniffing leads to specific attack vectors, where scripts in normally harmless file formats (eg images) will be executed, leading to Cross-Site-Scripting vulnerabilities.

The security team recommends to manually apply the necessary changes to existing .htaccess or web.config files, as those files can not be updated automatically.

Changes for .htaccess
Add the following lines before \"## Mod_rewrite in use.\":

<IfModule mod_headers.c>\nHeader always set X-Content-Type-Options \"nosniff\"\n</IfModule>

Changes for web.config
Add the following lines right after \"</rewrite>\":

<httpProtocol>\n  <customHeaders>\n    <add name=\"X-Content-Type-Options\" value=\"nosniff\" />\n  </customHeaders>\n</httpProtocol>
" COM_CPANEL_MSG_ADDNOSNIFF_TITLE=".htaccess & web.config Security Update" COM_CPANEL_MSG_EACCELERATOR_BODY="eAccelerator is not compatible with Joomla! By selecting the Change to File Caching button below we will change the cache handler to file. If you want to use a different cache handler, please change it in the Global Configuration page." COM_CPANEL_MSG_EACCELERATOR_BUTTON="Change to File." COM_CPANEL_MSG_EACCELERATOR_TITLE="eAccelerator is not compatible with Joomla!" COM_CPANEL_MSG_HTACCESS_BODY="A change to the default .htaccess and web.config files was made in Joomla! 3.4 to disallow folder listings by default. Users are recommended to implement this change in their files. Please see this page for more information." COM_CPANEL_MSG_HTACCESS_TITLE=".htaccess & web.config Update" COM_CPANEL_MSG_HTACCESSSVG_TITLE="Additional XSS protection for the usage of SVG files" COM_CPANEL_MSG_HTACCESSSVG_BODY="

Since 3.9.21 Joomla is shipped with an additional security rule in the default htaccess.txt. This rule will protect users of svg files from potential Cross-Site-Scripting (XSS) vulnerabilities.
The security team recommends to manually apply the necessary changes to any existing .htaccess file, as this file can not be updated automatically.

Changes for .htaccess

<FilesMatch \"\.svg$\">\n  <IfModule mod_headers.c>\n    Header always set Content-Security-Policy \"script-src 'none'\"\n  </IfModule>\n</FilesMatch>

Currently we are not aware of a method to conditionally configure this on IIS web servers, please contact your hosting provider for further assistance.

" COM_CPANEL_MSG_JOOMLA40_PRE_CHECKS_TITLE="Prepare for the next Major Release of Joomla" COM_CPANEL_MSG_JOOMLA40_PRE_CHECKS_BODY="

Beginning with Joomla! 4.0 we are raising the minimum server requirements. If you are seeing this message then your current configuration does not meet these new minimum requirements.

The minimum requirements are the following:

Please contact your hosting provider to ask how you can meet these raised server requirements - it is usually a very simple change. When you meet these new requirements then this message will no longer be displayed.

" COM_CPANEL_MSG_LANGUAGEACCESS340_TITLE="You have possible issues with your multilingual settings" COM_CPANEL_MSG_LANGUAGEACCESS340_BODY="Since Joomla! 3.4.0 you may have issues with the System - Language Filter plugin on your website. To fix them please open the Language Manager and save each content language manually to make sure an Access level is saved." ; The following two strings are deprecated and will be removed with 4.0 COM_CPANEL_MSG_PHPVERSION_BODY="Beginning with Joomla! 3.3, the version of PHP this site is using will no longer be supported. Joomla! 3.3 will require at least PHP version 5.3.10 to provide enhanced security features to its users." COM_CPANEL_MSG_PHPVERSION_TITLE="Your PHP Version Will Be Unsupported in Joomla! 3.3" COM_CPANEL_MSG_ROBOTS_TITLE="robots.txt Update" COM_CPANEL_MSG_ROBOTS_BODY="A change to the default robots.txt files was made in Joomla! 3.3 to allow Google to access templates and media files by default to improve SEO. This change is not applied automatically on upgrades and users are recommended to review the changes in the robots.txt.dist file and implement these changes in their own robots.txt file." COM_CPANEL_MSG_STATS_COLLECTION_BODY="

Since Joomla! 3.5 a statistics plugin will submit anonymous data to the Joomla Project. This will only submit the Joomla version, PHP version, database engine and version, and server operating system.

This data is collected to ensure that future versions of Joomla can take advantage of the latest database and PHP features without affecting significant numbers of users. The need for this became clear when a minimum of PHP 5.3.10 was required when Joomla! 3.3 implemented the more secure Bcrypt passwords.

In the interest of full transparency and to help developers this data is publicly available. An API and graphs will show the Joomla version, PHP versions and database engines in use.

If you do not wish to provide the Joomla Project with this information you can disable the plugin called System - Joomla Statistics.

" COM_CPANEL_MSG_STATS_COLLECTION_TITLE="Stats Collection in Joomla" COM_CPANEL_MSG_TEXTFILTER3919_BODY="

As part of our security team's review, we have made some changes to the default settings for the global text filters in a new Joomla installation. The default setting for the 'Public', 'Guest' and 'Registered' groups is now 'No HTML'. As these changes are only applied to new installations, we strongly recommend that you review these changes and update your site from: System -> Global Configuration -> Text Filters

" COM_CPANEL_MSG_TEXTFILTER3919_TITLE="Updated Text Filter Recommendations" COM_CPANEL_MSG_UPDATEDEFAULTSETTINGS_BODY="

As part of our security team's review, we have made some changes to the default settings in a new Joomla installation. As these changes are only applied to new installations, we strongly recommend that you review these changes and update your site.

The changed settings are:

We have created a dedicated documentation page explaining these changes.

" COM_CPANEL_MSG_UPDATEDEFAULTSETTINGS_TITLE="Updated site security recommendations" COM_CPANEL_WELCOME_BEGINNERS_MESSAGE="

Community resources are available for new users.

" COM_CPANEL_WELCOME_BEGINNERS_TITLE="Welcome to Joomla!" COM_CPANEL_XML_DESCRIPTION="Control Panel component"