Version 1.0
Article 1. Introduction. Open Source Matters, Inc. owns and manages several websites, representing the Joomla! Project web presence with all the connected services.
Article 2. Purpose of this Policy. This Policy aims to regulate the procedures of creation and management of a *.joomla.org property or any other OSM owned domain.
Article 3. Scope of the Policy. This policy applies to all the OSM owned domains. All the Joomla teams or working groups who operate/manage an OSM owned website shall implement and follow the provisions of this Policy.
Article 4. Creation of a new website/subdomain. The creation of an additional joomla.org subdomain and website shall be avoided, in order to contain the effort needed to maintain and manage the infrastructure. The creation of a new subdomain shall be approved by a motion of the Operations Department after the preparation of a specific plan and the formation of a working group / team who is responsible for such property. The creation of a new subdomain by motion shall be done only after a thorough evaluation of the needs/specifications for the new property pursuant to Article 5 of this Policy.
Article 5. Evaluation of Specifications. In the eventual case a new website/property is requested by a team or working group, the Webmasters Team shall evaluate the specifications and the needs according to the following schema:
- Does the new website fit with any of the existing websites?
- Joomla.org - main site for promotion, marketing, announcements, official/institutional information.
- community.joomla.org - central place for everything related to the Community, communications, events, user groups, shop, magazine, resources, etc.
- developer.joomla.org - home for all the development related materials.
- docs.joomla.org - home for all public documentation.
- downloads.joomla.org - where all downloads are provided.
- extensions.joomla.org - home for all the extendable parts within Joomla (components, module, plugins, VEL, templates).
- Is there a public role for the website?
- Are there any special needs, which are not viable within the main sites, like:
- Legal requirements;
- Financial requirements
- Privacy considerations
- Technical requirements
Article 6. Templates. All OSM owned websites shall use the official Joomla template which is maintained within the official GitHub repository; any other template is not allowed and shall be removed, unless otherwise approved by a motion of the Operations Department. Custom code changes to the template are not permitted, and any additional CSS shall only be implemented via the custom.css file. Any variation, including any custom CSS, shall be properly stored and documented in the website-specific repository on GitHub.
Article 7. Special Accounts. All OSM-owned websites shall include a Super User account assigned to the OSM Secretary and a Super User account assigned to the Department Coordinator, linked to their functional email addresses. The Department is the responsible entity of a specific property. The accounts with the highest level of rights/permissions shall use an additional authentication mechanism, such as multi factor authentication.
Article 8. Identity Access Management. All OSM-owned websites shall adhere to the “Identity Access Management Policy”, which is defined and maintained by the Webmasters Team and can be amended upon team motion.
Article 9. User Configuration. All OSM-owned websites shall adhere to the “Joomla User Configuration Policy”, which is defined and maintained by the Webmasters Team and can be amended upon team motion. Such policy defines standard rules related to password options, allowed email domains and all the other user-related options.
Article 10. Backup Configuration. All OSM-owned websites shall adhere to the “Joomla Backup Configuration Policy”, which is defined and maintained by the Webmasters Team and can be amended upon team motion. The standard backup configuration set shall comply with the Joomla Backup Policy that defines the retention and includes other provisions to comply with the Privacy Regulations.
Article 11. Extensions, Tools and Services. Only approved extensions shall be used on a OSM-owned website. Extensions are provided by OSM for free upon a partnership agreement with the vendor, otherwise can be bought by OSM upon request, after financial approval by the related Department Coordinator. The Webmasters Team shall maintain a list of all the extensions used by the OSM-owned websites. Only approved tools and services paid or provided within a partnership agreement by the organization are allowed to be used on OSM-owned websites. All third-party services or tools shall be assessed by the Webmasters Team for Privacy compliance prior to be deployed and used on OSM-owned websites.
Article 12. Auditing & Monitoring. Pursuant to Board motion #2020/064, the Webmasters Team shall operate regular audits of OSM-owned websites to ensure compliance with this Policy and other operational guidelines defined by the organization. The monitoring and auditing process shall consist of the following checks:
- Uptime monitoring
- Backup configuration
- Update status
- Settings configuration
- File existence
- Security related aspects, as defined by the Joomla Security Strike Team.
- Privacy related aspects, as defined by the Joomla Compliance Team.
- Any other check defined by the Webmasters Team.
Article 13. Versioning. All OSM-owned websites shall use the organization default versioning system, which shall hold all customizations, overrides, specific code or ad-hoc developed extensions. A specific repository is available on GitHub for each website.
Article 14. Data & Legality. Every change on any OSM-owned website which involves personal data shall be communicated to the Compliance Team, to update the related legal documentation, including Privacy and Cookie Policies. All OSM-owned websites shall follow any other data, privacy and legal policies defined by the relevant Department or by the Board.
Article 15. Order of Precedence. In case of conflict between provisions of this Policy, the order of precedence for conflict resolution in descending order shall be as follows: (i) Bylaws, including amendments; (ii) and (iii) the Policies.
This policy has been adopted by the Board of Directors of Open Source Matters, Inc. with the motion #2020-081 on June 04, 2020 and is published under the Policies section of the organization’s website.
Official Policy version
The official version of the policy adopted by the Board of Directors on June 04, 2020
Download the Official Joomla Property Management Policy (version 1.0)