A recent discussion with a client highlighted the frustrations people have in finding a reliable Joomla freelancer to create, update or maintain their site. To most, the world of development is opaque and seemingly unregulated. I don't blame prospective clients for their apprehension when embarking on a project with a new developer. Neither side of the equation is at fault here. Technology options are plentiful, trends change and quoted prices vary wildly. These difficulties are certainly not specific to Joomla, but the points below are with special reference to Joomla, as it has it's own peculiarities. We can't do much about the technology ecosystem, but what we can do is help each side appreciate the considerations and limitations of the other. 

In this article, I'd like to cover the 8 things I'd like prospective clients to know before taking on a new Joomla developer

1. You're paying for their time, and you get what you pay for

I believe it's a symptom of the globalised online-freelancer-market in which we inhabit, that the relationship between client and freelancer can be so transactional as to become adversary. Clients are naturally looking to get their needs met at minimal cost. If they post their requirements on any of the freelancer sites, they'll get some pretty amazing offers along side others ten or twenty times that amount. This makes several impressions on the client; first, that the web development market is inherently fickle, and secondly, that higher offers are clearly exploitative and not worth considering. In this race to the bottom, freelancers are naturally inclined to want to get it done, get paid and get out, which doesn't lend itself to a considered approach or many of the items below.

Certainly clients should be budget minded, but there is no such thing as a free lunch, so make sure that your developer is given the time to meet all of the criteria below.

2. Good freelancers will have evidence

This may seem obvious, but get evidence of the developers skills through past work, community involvement and recommendations. How much due diligence you do obviously depends on the size of a contract, but its worth seeing what they have done in the past. If they have applications that are in your sector or share similar features or design, then even better. If your project uses Joomla, it's useful to ascertain whether they specialise in the CMS or whether it's just one of many tools in their arsenal. If they claim to be experts in Drupal, Typo3, Shopify and Joomla on their freelancer profiles, then I'd be wary. And get recommendations. An easy way of doing this is to make contact through the contact form of portfolio sites provided by the developer asking for a recommendation. 

Joomla's certification programme helps provide a benchmark for clients to use to be assured of the competency in Joomla. Given the low levels of adoption of these certifications (and I hope this changes), if your provider is certified, then this in an excellent way to be assured of their Joomla expertise.

As an aside to this, as a Joomla developer myself, I know how flexible the system is, but it's not the panacea to every web project. If I have someone who wants to set up a blog for affiliate marketing, and not requiring anything else, I'll suggest they use a different CMS. The one that everyone uses. The one starting with W.

3. Configurator vs Developer vs Designer vs SEO/SEM 

It's tempting to think that your Joomla expert is an expert at every service related to your website, but its not the case. You can certainly get me or any other Joomla developer to tackle each of these tasks, but each one is a specialist field in itself, so if you want 100% in all these areas, you're probably looking for several freelancers, not one (or a company that retains all these skilled individuals).

Configurator: I'm not sure it's really a word, but this refers to contractors who can install Joomla, add content, create menus, install extensions and templates and essentially get a full site completed. There are plenty of people who have those skills, and in many cases, they are all you need to get your site launched. There are lots of quality commercial templates out there as well as great extensions. But you'll come unstuck when you need to change something in the sites functionality that can't be done by changing settings or installing another plugin. This type of contractor (who often refer to themselves as developers) don't have the skills to create custom code to add their own extensions. Or worse still, they'll know just enough to have a go and make a mess of it.

Developer: These are the people who make your Joomla site do something that requires custom coding. Thankfully, Joomla is extremely extensible, allowing for custom extensions (components, modules, plugins and libraries) to be created that leverage the power of Joomla's code base to do pretty much anything. These skills are rarer, so expect to pay more.

Designer: There's a difference between making things work and making things pretty. Both are very important to a web application's success, but they're not necessarily skills held by the same person. If your project calls for a highly customised design or unique user interface, then you'll want to ensure that your freelancer is an expert in this type of work.

SEO & SEM: Once you've got your Joomla site built, you'll want people to hear about it. Whoever creates your site should bear basic SEO principles in mind, but this area is also somewhat of a dark art (in my opinion), and finding an expert can be very advantageous.

The person you find will likely have a combination of two or more of these skill sets, but be mindful that they are all specialisms in their own right, so don't assume that because your contractor can do one, they can do them all.

4. Insist on documentation, if not for you, then for future developers

Its important that you get a record of the work done by your developers, especially if you intend to hire new developers on an ad-hoc basis (I explain the perils of this approach in point 6). Ideally this would be official documentation covering all changes and their functionality, but in its simplest form, it's an email from your developer explaining what changes they've made, to which files. Even if you don't understand this, your next developer will, and it may make their job immeasurably easier. It's not time consuming for your developer to do this, and it encourages them to develop in a sensible way. And this leads me on to the next two points related to sensible development.

5. Make it clear: No core hacking

Much of the time, the quickest way of achieving an unusual change to the functionality of your site is to edit a core Joomla file. It gets around having to create an extension or an override, and it does the job. For the time being. This approach makes sense to the client because they're getting it done quickly and cheaply. And it works for the developer because they don't imagine they'll be around when its time to update the site, at which time you'll discover your changes are gone.

This is the once aspect of poor development causes most harm. It leaves clients understandably frustrated when they inevitably have to update their site, and it gives the entire Joomla developer market a bad name. Don't do it! 

Adhering to the no core change principle requires effort on the part of both parties. It requires the developer to make the additional effort to add the functionality through plugins and overrides, and it requires the clients to accept they'll pay the cost of this. And if you decide that you just want it done as cheaply as possible, and to worry about the consequences later, then be aware that it's not the developers fault (unless you're unaware of this approach).

As a client, insist that no core files are edited in order to add functionality to the site, and accept this will come at a small premium that will repay itself many times in the lifetime of the web application.

6. Long term thinking

This is more about your general approach to development than any developer, and calls into consideration the overall approach to developing a website. As a general rule, the less extensions the better. I've worked on sites where dozens of developers had been involved at different times, and it showed! There were components that weren't used, more unpublished modules than published, had components calling plugins that called modules that called components, and where styles and scripts of one extension were making a mess of other extensions. 

A good developer will look at your web application as an overall entity, and look to streamline, uninstall and clean things up to avoid a Frankenstein's monster of a site. But here's the rub. This kind of thing takes time, so it costs money, and it's not very sexy. But if you can implement this type of development from the start, it'll save money and headaches in the long term.

Part of this long term thinking is to have a long term relationship with your developer. Obviously this is hard to enter into when you're new to each other, but it's preferable if it can be achieved. It encourages the developer to work on the site in a way that is conducive to its long term operation, and it provides consistency and an assurance of understanding the client has.

I believe that the gig economy has had a damaging effect on the web development arena, encouraging short cuts, undercutting and unrealistic expectations from prospective clients. There's no easy fix to the uncertainty felt by clients when taking on a new developer, but hopefully the above pointers will give you an insight into the considerations that can often be the difference between a successful Joomla project and a disaster. 


When someone wants to create a custom Joomla extension, one of the options is to use one of the several online tools that allow users to input the particulars of their concept and have the tool do a lot of the heavy lifting in terms of directory and file generation. A Joomla extension is a thing of many parts. They share common directory structures and files with similar code. Some clever clogs have decided that the repetition of tasks involved in their creation is too much to bear, and have automated the process through these online tools. The great thing is that they've made these tools available to everyone, and they are an enormous time saver for those involved in creating custom extensions for the Joomla CMS.

Read more: Online Joomla Extension Builder Tools - A Review

A crowdsourced response to whois.spam

The calls are starting to die down now, and I only get 5 emails a day now, rather than 20. That's some comfort, I guess.

I've had to ensure the same process that most proud new domain owners endure. Calls from allegedly local numbers from offshore web developers, SEO services, social media marketers and app builders offering their services towards making my new domain the successful new venture that they assume i want it to be. Emails too. Many more emails than phone calls. In the week following the registration of three domains- one '.com' , one '.co.uk' and one '.xyz' - I was receiving around 20 emails a day, but a mere 5 or 6 daily calls.

Much has already been written on the issue of whois spam, and whether the balance between the integrity of the web and privacy. I would suggest that having a name and postal address would be sufficient in order to bring accountability to domain ownership and ensure that those with valid reasons for contacting you are able to do so. This adds a small cost to the contact process and avoid email spam and nuisance calls.

Domain registrars acknowledge this issue with the whois registration, and use it to promote their various domain privacy options, which often cost more than the domain itself. No doubt, on a day with 7 nuisance calls and having my inbox filled with dozens of spam emails, I would have told you that the price of these domain privacy packages was absolutely worth it. But then again, why should we have to pay a significant levy on the price of registration to avoid a form of harassment that is uninvited and entirely caused by an ill-considered public register policy.

So I wondered what I could do about it. How could I devise my own system that detected and filtered out spam and nuisance calls, while still providing full disclosure of ownership and a means to contact the owner with legitimate queries. So I wrote down patterns and wondered how i might address them. If I was to create a phone number and email address that served an as intermediary to my usual number and email address, what are the means by which I might be able to ensure that I might be able to filter out dubious connections and allow through correspondence I need to know about. Because the email address and phone number would only be used for whois publication, I might be able to apply customised filters that would be impractical to everyday email or phone call screening processes

 Pattern Problem Solution
 Calls often received without caller ID  This may suggest that the user is calling from a VOIP service or is actively obscuring their number. Although there may be legitimate reasons for doing this, it usually suggests that the caller has a reason for not wanting to reveal their identity  The phone number listed on the whois register would take the caller to an Interactive Voice Response system that would advise them that calls without caller ID are not permitted and that they should call back from a disclosed number
 Emails often come from public email provider addresses

 It's not without irony that people purporting to be web professionals send you their sales pitch from a gmail or hotmail account.

Along with the fact that these emails rarely contain the name of the company or links to their portfolio, it indicates that the sender is aware that they are engaging in spam.

 The email system would add a greater level of scrutiny to email messages coming from these addresses. Senders would be sent a captcha image which they would need to respond to and confirm by email in order for their message to be received. This added burden makes blanket emails impractical.
 Emails contain similar keywords Emails offering web services contain the same words and phrases.   A database can be easily created with keywords that indicate a sales email and this can be run against all incoming email to filter it appropriately

 So, I've created domainbeard.com, where I'm staging my fightback against whois spam. I have a IVR call system set up that leads all legitimate callers to a voicemail which alerts me to new messages by email, and i can pick up at any stage. I also have a dedicated email address which I've used in the registration of a few new domains. I'm monitoring and configuring an email system that necessitates validation and emails e senders a response requiring their action under certain circumstances. I'm just learning now, but I see a place for a new free service for all domain registrars to use that will alleviate the pain of whois spam.

Allowing legitimate correspondence

I figured I could not only create a system that filters out junk, but also identifies high priority calls and emails

 Pattern Solution
 Calls from bonafide sources come from recognised numbers A database of numbers can be built up of both known nuisance callers, and conversely of known domain regulators and legal bodies. This could rely on the reporting of users and be built up over time 
 Emails from bonafide sources come from recognised email addresses The same applies to email. A database of known spammers and known legitimate sources would be built up which would enable better filtering as time goes on.

 At the moment, I'm gathering data and experimenting with different approaches, but I'll be opening up Domainbeard to any domain registrant early in 2018 with a few main goals:

  • Alleviate the pain of spam email and nuisance calls by providing an intermediary address and number specially configured to identify the legitimacy of sources
  • Allow users to report on the legitimacy of callers and email senders to improve the filtering algorithm
    • This can be used to save future email registrants from being bothered by known spammers
    • It can also be used to build a case of evidence to provide to ISP and telephony providers in order to have the account of spammers stopped.
    • Provide statistics and advice related to whois spam that is far more authoritative and quantitative than the anecdotes of a frustrated domain owner.
  • To be free- given the enormous wealth of data that could be collected, its ability to improve the integrity of the web, and a common acceptance that people ought not be subjected to nuisance calls and emails, why should people have to pay for this? 


Visit Domainbeard

A project against whois spam

In recent months, I've become increasingly obsessed with whois spam. It's become a bit of a moral crusade for me. I don't really understand why the cost of integrity and transparency in the domain registration system has to mean that my inbox is filled with spam, and I get dozens of calls daily whenever i register a new domain. Adding to my frustration is the conventional answer- a domain privacy add-on, effectively doubling the cost of my domain registration. This rort is purchasable on an annual basis, and on a per-domain, not per domain-owner, basis. 

Pay for your new home, then pay someone else some money to make sure your mailbox isn't vandalised.

So, never being the person who goes for the obvious answer, I've decided to conduct a little experiment. I'll try to create a system to shield my phone number and email account from endless offers for SEO services and web designers.

I've set a a dedicated domain (domainbead.com) for the project, and an email address which I've used on the whois register for a number of my domains. I'm devising a number of filtering mechanisms that you can read about here.

I've also arranged a VOIP virtual receptionist and voicemail system to handle phone calls, with a few mechanisms to weed out the spam callers.

If you've ever been annoyed with whois spam, and you'd like to follow along, then drop by https://domainbeard.com from time to time over the next couple of months. If you're really keen, or if you think you have something to offer to the project, then you can get in touch and we can work on tackling whois spam in a new way together!

RESTful API added to Geodata Solutions

If you've been wondering why a world of web site developers, CMS teams, shopping cart providers, and blue chips are all maintaining their own independent geographical databases, then you're not alone. 

Imagine if every website wanting to display the weather forecasts, forex information, or sporting results all had to download CSV files from a github repository and then commit themselves to maintaining their own lists forever more. 

Countries, states and cities may not pop into existence as often as the weather changes, but the idea that every website should maintain their own database seems crazy. It's the kind of thing that is ideally suited to a web service.

Updating country lists may be a mere irritation, an occasional chore, for a website administrator. After all, the last time a new country needed to be added was back in 2011, when South Sudan gained independence from Sudan. However, states and their names change much more frequently, and towns and cities even more so. And then there's additional information about locations, such as their population, that change even more frequently.

The point of Geodata Solutions is to make this tedious task a job for one organisation, rather than for millions around the world. I plan to build on the existing database I've created, keep it current, and build on its assets. My hope is that this project will change the way geographical information is sourced in web applications. Syndicated usage of the system will alleviate the duplicated burden of maintaining local data stores, while allowing error reporting and updates to be submitted by millions of users. 

The RESTful interface is in 'Beta' at the moment. It offers country lists, state lists and city lists, along with some basic additional location information. Developers wanting to use the system should get in touch for an API key, as well as requests for new search types or filtering, or new pieces of data. There's also quite a big job in completing gaps in the data set, of which population data is a significant one.

Here is an example of the select lists possible with only a few lines of code...

<select name="country" class="countries presel-byip" id="countryId">
    <option value="">Select Country</option>
<select name="state" class="states" id="stateId">
    <option value="">Select State</option>
<select name="city" class="cities" id="cityId">
    <option value="">Select City</option>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script> 
<script src="https://geodata.solutions/includes/countrystatecity.js"></script>
Back to Top