Millions of Joomla websites at risk due to bug

Joomla BugUh oh, this isn’t good.

It seems that for over two years there has been a SQL-injection vulnerability in the Joomla Platform (which is used in millions of websites) that will allow remote takeover hacks.

SQL-injection vulnerabilities allow end users to execute powerful commands on a website’s backend database by entering “special” text in search boxes or other input fields found on a website. The flaws, which are among the most commonly exploited website vulnerabilities, are the result of an insecure Web application failing to enforce the treatment of incoming data as plain text rather than executable code. Often, this makes it possible for hackers to download confidential files from the vulnerable server.

Joomla have now patched the platform, but if website owners do not install the update, they are still vulnerable.

It’s a good thing all of our websites are using the WordPress platform 🙂

You can read more about this issue at Joomla Bug.

Why we use WordPress for Websites

WordPress Website Design Caboolture Morayfield

 

There are many reasons we use WordPress for the basis of our Web Designs.  First and foremost for me it’s because WordPress is by far and away the easiest to learn and understand.

But here is a detailed list of the reasons and advantages to using WordPress:

  • It’s FREE and Open Source – Being an Open Source Project, WordPress is completely free to use, forever!!!. Being Open Source means that there are people around the world continuously contributing to the project and improving it with extra features and improved security.
  • An Abundant Array of Plug-in’s – If you need to add a particular function to your WordPress website, you can almost guarantee that there is a Plug-in available to do it.  There are Plug-in’s for SEO, Contact Forms, Buttons, eCommerce, Photo Galleries, Guestbooks and Forums, Social Networking and the list is endless.  By and large, the majority of plug-in’s that you would want to use are also free, with Plug-in developers offering “paid for” versions which add some extra features, or support for a fee.
  • User Friendly CMS – In my opinion, WordPress has to be the easiest and most flexible Content Management System (CMS) around.  I have used others, but WordPress is very intuitive and there is a wealth of information and help forums online if you get stuck.
  • Themes let you “Style” the look – The way your WordPress website looks, feels and behaves is determined by the Theme used.  So if you get sick of the look, or just feel like a change, you can achieve this by simply uploading a new Theme, activating it, and hey presto, there you have it.  Of course it isn’t quite as easy as that because the reality is that some content may not suit the new styling, but there is nothing that is overly difficult to overcome.
  • Your website can grow with you – Your WordPress website can grow with you and you can easily upgrade it with new features and security. You can change your Theme at any time without the need to re-do your whole website. Plug-in’s can be added for enhanced functionality (add e-commerce if your business grows, a photo gallery, conatct forms, etc.).  WordPress is used by millions of websites, so it won’t be going away in a hurry.
  • Good for SEO – Over the years I’ve used various SEO plugins including All-In-One SEO, WordPress SEO by Yoast, and Google XML Sitemaps.  But even without these plugins, the simple structure of WordPress, the permalinks, and the easy linking in WordPress is Google friendly. I even heard a statement directly from the horse’s mouth Matt Cutts (the head of Google’s “Web Spam Team”) when he spoke at WordCamp San Fransisco 2009 where he said, “WordPress is a great choice” and went on to say how much “WordPress automatically solves a ton of SEO issues“.  Don’t believe me, see for yourself below.