Joomla! News (6)
Joomla! has recently released an update that provides an important security fix. It's advisable that you update your Joomla powered website as soon as possible. You can read more about the release and download the update by clicking HERE.
Anytime a new release of popular cms's like Joomla is released, an important question is raised, how are you making sure you're up-to-date? For security sensitive websites, this even more troublesome to consider if you don't currently have a plan in place.
All of our site maintenance customer's websites have been updated already and sleep well at night not having to worry about every release. How about you, do you have a plan in place that allows you to sleep comfortably at night knowing your site is up-to-date and safely hosted? If you're interested in our website maintenance services, drop us an inquiry so we can share the peace of mind we have to offer.
Joomla! has released version 1.5.17 to fix the issues we mentioned earlier that were plaguing version 1.5.16:
This is a priority release to correct two issues in version 1.5.16. Although there are no security issues fixed in this release, we consider it a security release because a security-related bug has been fixed and because many sites may be upgraded directly from 1.5.15 to 1.5.17.
Visit their site to snag the download if you haven't already.
Late last night/early this morning an update to Joomla! was released–bringing the current version to 1.5.16. The update fixes several low to moderate security vulnerabilities, so it's advisable that you upgrade as soon as possible. You can read more about these vulnerabilities here.
Make sure you download Joomla! 1.5.16 and update soon.
If the idea of uploading the update and overwriting files makes you a bit squeamish, you should check out Update Manager for Joomla! It's a simple and easy to use tool that makes the process so incredibly easy.
*Important* - When updating there is the potential for you to lock yourself out of your Joomla! Administrator area if you're not careful. Before updating, simply make sure you
1. login, go to your "Global Configuration".
2. click on the "System" tab, and then select "Database" from the drop-down under "Sessions".
3. Then click save.
You should be safe from getting locked out now.
If you're reading this after having been locked out of your administrator area, don't worry, there's an easy fix.
1. Find and open the /libraries/joomla/applications/application.php. Open it up and on line 533 comment out the code you find there. So change: $session->fork();
to
/* $session->fork(); */
2. Then login to your Administrator Area, go to "Global Configuration", click on the "System" tab, and select "Database" from the drop-down under "Sessions" and click save.
3. Then don't forget to go back to your application.php file and undo the what you did in step 1, changing line 533 back to look like: $session->fork();
We often receive questions from customers concerned with keeping their website(s) secure. They want to know how to keep their website safe from all of those annoying hackers and script kiddies who mean them harm.
The first thing we always suggest is to find a web host that takes security seriously. Around here security is of the utmost concern. We don't want to get all technical on you, but here is a small list of just some of what we do to make sure our customers are safe when hosting with us:
- Servers are Reliable, Hardened, and Secure
- Server operating system and control panel installation modified for security
- Firewall Protection
- Brute Force Detection and Evasion
- Apache Dos Prevention/Protection
- Email virus filtering
- File management with secure and correct permissions
A good number of our customers are using Joomla! CMS, so they ask specific questions about what they can do to stay safe. The main thing you want to be concerned with is keeping your Joomla version updated. You can check the version of your Joomla! 1.5 cms site when logged into your admin area by going to Help > System Info and looking next to "Joomla! Version". You can always find the newest version of Joomla! by going here.
The other main thing you want to be concerned with if you're a Joomla user is your 3rd party extensions. Oftentimes developers of these extensions aren't all too concerned with keeping their extensions secure which can leave your site wide open to hackers. Even if they are keeping things on the up-and-up, it still can be difficult to keep up with all of the updates.
Luckily, Joomla has just made keeping up with 3rd party extension security a bit easier for all of us by releasing an RSS feed to their existing vulnerable extensions list. Make sure to read up on how to make good use of the RSS feed, subscribe to it, and start using it!
OR, if you are one of our Joomla! hosting customers, your xml files are already protected by our server configuration. So, thank you Joomla! for realizing and offering a fix for this for those whose sites are not on a Joomla! optimized host. Not having to worry about this is yet another benefit of hosting with Simple Source Solutions.
