| Time for some Joomla Spring Cleaning? |
 |
 |
 |
| Written by Ken Task | |||
| Wednesday, 02 June 2010 11:13 | |||
For those of you that run Joomla's, might want to add this to your list of things to do on a regular basis.
Joomla core is normally secure and easy to update with the update component installed (JUpdateMan). That component, however, won't update all that you might have added. As such, please consider checking this resource: http://secunia.com/advisories/search/?search=joomla It will show what 3rd party add-on components have issues. First, of course, might be a good idea to note what add-ons you've installed. Login to Admin side. Go to Extensions, Install/Uninstall, then the tab for Components. You'll see a listing which shows name, version numbers, and Author. Those that show "Joomla Project" are core. 3rd party components might show authors name or provide a non-clickable URL. Holding mouse over author name will render a pop-up tool showing the URL to the web site and author EMmail address. The fixes might be simple if the 3rd party add-on is still being maintained - just install the latest/most secure version. IF it doesn't appear there is an updated version, best to remove it. Don't forget, if you were using it, removing it may not be possible until you un-link or if you can remove with no warning, you might have broken some link in your menus. Set the display of components to "all", then print to a PDF file for future checking. Another very good resource for checking all kinds of open source software vulnerabilities: http://www.exploit-db.com/ It's a jungle out there, isn't it? :(
|