Joomla and Hacking

johnhardy
johnhardy used Ask the Experts™
on
Hello Experts
I have a friend who has been advised by the company who built his site that the site is in danger of being hacked.
Quote
Unless you have updated Joomla and any installed extensions yourself our records show that your site has not been updated since it was built. This leaves your website at risk from being hacked and it is recommended that you upgrade as soon as possible.

Could anyone explain what this may mean.
I have no experience of Joomla and its properties or upgrades.

Many thanks

John
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Hi,

Like any website, you run the risk of being hacked.  Being up to date with your Joomla version increases security but you will always be at risk no matter what you do there are always new exploits and new forms of hacking that would increase the risk.

what I would suggest is upgrading to the latest version of Joomla for added security and then also installing some of the additional security modules/components for added security.  Once done also ensure that you have your site backed up daily, there are components available that does this as well.

check out extensions.joomla.org, there are plenty of tools to use, the latest version of Joomla is 2.5.

Hope this helps
He just tell you that you should update it, but if it's an old version, let say prior to 1.5 this will not be easy to updated it. A lot of things have changed and some third plugins and components doesn't exist anymore. Template will need to be modified ect.

Joomla 2.5 have a lot of new features, so it will probably be a site rebuild not only an update.
For more information:
http://docs.joomla.org/Migrating_from_Joomla_1.5_to_Joomla_2.5

Be aware that running a Joomla web site required a lot of maintenant because they have a lot a security updates, so you should reconsider your needs before switching to the latest version.

I suggest the use of ExpressionEngine, it's is not free but it is more secure and more flexible.
http://expressionengine.com/overview

Author

Commented:
Many thanks for the answers.

Very helpful

Regards
John

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial