As I write, a massive worldwide hacking campaign is underway against websites running the Joomla CMS.
A little over a week ago, a critical security hole was discovered in all versions of Joomla. An upgrade was very quickly released for the latest versions of Joomla, and a patch was released for all previous versions.
But if you haven't installed these, it's probably only a matter of time before your website is hacked.
The hackers are targeting all of the websites which haven't been patched or upgraded yet. And, unfortunately, that is most Joomla websites.
It is important to stress that this is not a reason not to use Joomla, it's not a poor reflection on Joomla or the Joomla community at all. In fact, it's a very good reflection! The upgrade and patch were released in a very short space of time.
Whatever software your website uses, whether it's Joomla, WordPress, Magento, OpenCart, or anything else, it can never be guaranteed to be free from security holes. But by choosing well maintained software, and upgrading it regularly, you can minimise your chances of problems.
Responsible security policy
At OpenGlobal, we automatically upgrade and patch all of our client websites whenever necessary. It's just part of the service that we offer.
But unfortunately, this is not standard industry practice. Most web designers do nothing at all. Once the website is created, it is never upgraded without the client explicitly requesting it, and paying for it!
This is just not acceptable.
This year we've helped 5 different companies to recover websites that have been hacked. In all cases, it could have been prevented by installing the latest upgrades or patches.
Recovering from a website hack is a time consuming and expensive process, and you can never be 100% sure that you've completely got rid of everything they've done and that they can't get back in again.
The cheapest and most effective thing to do is just to upgrade and patch your website as soon as it becomes available.
If you'd like to move your website to a responsible website management company that takes your security serious, contact us today on 0845 269 9624.