Critical Website Security Disaster Averted While Customers Sleep

Written by Paul Andrews
Category: Our Blog Created: Tuesday, 15 December 2015 11:03
Hits: 2175

Last night the Joomla CMS Project announced urgent security updates for all version of Joomla. These updates were considered urgent as a vulnerability was discovered that would have allowed hackers to very easily gain control of a website and then use it for illegal activities.

All versions of Joomla from 1.5.26 and 2.5.28 (which have reached end of life status an should be update to the latest version) and the latest version 3.4.5 – which is now at level 3.4.6 after the update – were all affected by the critical security issue. Joomla had previously announced that there would be no further security updates for Joomla 1.5 and 2.5 but this time they made an exception. If this had not been the case, all old 1.5 and 2.5 sites would have been a hack waiting to happen. It is important that all sites are moved up to the latest live version of Joomla as soon as possible.

Late last night Joomla released patch files to close this security hole and I spent the night implementing them with the last site patched at around 3:30am. All sites hosted on my servers are now secure against this vulnerability.

Which brings me to my point about software updates. Unfortunately, the relationship between many clients and t heir web designer ends with the handover of the site. They help set you up on a web hosting service but the issue of future updating and security is often omitted. This is not the fault of the developer, they are paid to build a site and that’s usually it. It’s not the fault of the we host – they are paid to host your website and often little else. This is especially true of cheaper hosting.

What you get when you get Long Road Website Development Dunsborough to build your website, we offer an ongoing hosting and security arrangement whereby Paul Andrews will personally manage software updates and security so that you don’t have to. We guarantee that your site will not get hacked due to any negligence on our behalf. As well as the software security updates our servers in Dallas USA are specifically configured to host Joomla websites and our firewalls are designed to block many of the attempts that are made on sites on a daily basis. We also keep daily backups archived for months in case any disaster should strike.

The long and short of this piece is to reaffirm that while my clients slept soundly, were out partying or attending to their business, I was at my desk ensuring their sites were secure, performing well and connected to the net for the world to see.

What will happen in 2016?

In 2016 the next Long Term Support Version - Joomla 3.5 will be released and all Joomla 3.4.x sites will be upgraded – we expect this to be a free upgrade but will confirm closer once the new version is released.

Joomla 1.5.26 sites will have to me migrated to the latest version. They are now well beyond use by date and it is time for these sites to be either closed or brought up to date. Joomla 2.5.28 sites will also need to be migrated to Joomla 3.5. These two upgrades will need to be quoted as they will largely be new sites with new templates (if necessary) and fully updating the core and various components used in these sites. We will be contacting all our clients in regard to this and trying to keep costs as low as possible.

Thanks you for choosing Long Road Website Development Dunsborough. I am a self employed, home based business, when you spend money with Paul Andrews to build a site you directly pay for my family’s expenses and most of what we earn is spent back in our local community. Please consider me when you are considering your next website project.