Improve Virtuemart Security

SecureVM is an extension that removes spammer / hacker targets from Virtuemart 1.1.4 /  1.1.5.

Important! - If Joomla! security recommendation are followed and Virtuemart is upto date your installation is secure. It is not being suggested here that that is not the case.

This extension has been developed after an extensive review of the server logs specifically monitoring for malicous requests. The results indicate that although the site being targeted (your site) is secure there can still be numerous hack requests targeting specific files wihtin Virtuemart.

The goal of SecureVM is remove these targets.

Here is what the extension does:

Remove FetchScript - this script is used to compress javascript and css files prior to serving the page, but unfortunately can not include the normal define(JEXEC) or die('Restricted Access')  creating a potential alertnate entry point. Our recommendation is to disable fetchscript and use a combination of minified code and Joomla's gzip compression.
This extension completely removes fetchscript.

Modifiy show_image_in_imgtag - calls to include configuration files and set mos_config have been removed.

Remove Export Module - There is no documentation for this module and dependent files are not provided with the installer. export.php does not include define(JEXEC) statement creating a potential alertnate entry point. Since the module has the capability to export data from the system, but can not be maintained via the Administrator console it has been removed completely.

Error.php - Traps have been added to Joomla! template error.php file to catch specific errors (e.g. 404, 403) and send an email notification.

SecureVM can be dowloaded here.