On Tuesday December 14 the command of development Joomla released the urgent security update closing 0-day vulnerability which opens for malefactors a possibility of remote code execution. Hackers already actively try to attack the vulnerable websites.
Millions of the websites working at CMS Joomla can be cracked, and the malefactor gets administrative access to the cracked website. It is a consequence of vulnerability in Joomla which was corrected only last week (by itself, not all websites were updated to receive this correction of a bug). Under control of Joomla about 2,8 million websites work now.
The vulnerability connected with a SQL injection was corrected last week, with an output of the new Joomla 3.4.5 version. Vulnerability allowed the malefactor to execute a malicious code on the server from the started CMS Joomla, this vulnerability for the first time in November, 2013 was found, and just now it was closed.
2 years ago
It happened to configure now to me Akeeba Backup Pro on remote storage of backup copies in Dropbox. And on the course of process it has appeared that Akeeba is only able to litter that Dropbox, and here it is necessary to clean second-hand articles after it manually. But manually — not comme il faut and archives on gigabyte with small. Therefore, it is necessary to get rid somehow from outdate without hands.
So, it is given — full backups aploaditsya in the full folder each three hours. The Mysql bases — in the mysql folder everyone half an hour. So the owner of the site wants, he under this business of Dropbox Pro has paid.
It is necessary — to delete all old full archives, having left on one in day (and that was!), and all backups of Mysql, except the today's.
Developers, and those who them is not, use content management systems for work with the sites. There is a lot of these systems, but three are especially popular among them: WordPress, Drupal and Joomla.
Joomla is suitable for development of the sites better, it is more difficult, than blogs on WordPress, but it is simpler, than Drupal. One of advantages of Joomla is number of expansions. They help to expand and configure appearance and functionality of the site.
The site map is list of important pages which helps searchers to find and index important content like Google. JSitemap – one of the best generators of cards for Joomla which offers the innovation mode of work with site maps. According to statements of creators, this expansion increases visibility of the site by 400% searchers.
After the JSitemap installation you should not wait for the moment when the searcher views all your site – instead all information will be able to go at once to bases of searchers.
In the previous article we have studied how to create subject for WordPress. Give on the basis of the same template in the very first article today. Instead we will consider in details features of creation of template for Joomla!
Уязвимость позволяет удалённому злоумышленнику извлечь архив, хранящийся где-то удалённо, на атакуемый сайт во время распаковки резервной копии или установки обновлений, в зависимости от настроек. Само наличие уязвимости не позволяет её использовать. Злоумышленник должен атаковать именно в то время когда извлекается архив резервных копий или устанавливается пакет обновления Joomla!
Версии программного обеспечения, подверженные уязвимости
Akeeba Backup for Joomla! Professional, версии 3.0.0 и выше, включая 4.0.2
Akeeba Backup Professional for WordPress, 1.0.b1 и выше, включая 1.1.3
Akeeba Solo, 1.0.b1 и выше, включая 1.1.2
Admin Tools Core and Professional, version 2.0.0 и выше, включая 2.4.4. Более поздние версии не подвержены, так как не включают в себя Joomla! update.
Akeeba CMS Update, version 1.0.a1 и выше, включая 1.0.1
Joomla! 2.5, 3.0, 3.1, 3.2, 3.3 и выше, включая 3.3.4
3 years, 1 month ago
Joomla? one of the most popular opensource CMS in the world. Which year it successfully competes with Wordpress for rank of the most popular.
The increase in load time of the site at 1 second has the following effects:
reduction of number of viewings of the page by 11%;
decrease in satisfaction of buyers by 16%;
decrease in reyt of conversion of visitors in buyers for 7%.
40% of mobile buyers will leave online store which pages are loaded more long than 3 seconds.
In this article we will touch upon subject of optimization of Joomla. For the best disclosure of subject in future articles we hold competition: send us the recommendations about optimization of Joomla which have not entered this article. On optimization VPS 1024 for year will be provided to the author of the fullest and useful tips (the result of competition on Wordpress will be declared very soon). At the end of article the link to registration of free Cloud VPS from Infobox for experiments with optimization of Joomla.
3 years, 7 months ago
before I started to work over the current design, I did not think that I when or should use tools for the automatic assembly of designs. After all I work exceptional with interpretive languages to which compilation is not necessary. However, as it appeared, they can be useful and by development on PHP, and especially by operation with Joomla!
3 years, 9 months ago
All greetings. I wants to describe process completely automatic creation of backup copies of sites on CMS Joomla by means of a component of Akeeba backup, and are more its than the free version. I knows that to dzhumla on habre not especially favored, but I thinks nevertheless there will be habrovchane who created sites with are more its the help.
3 years, 12 months ago
Hello, habravchane! Today it would be desirable to share the decision whom I using for implementation of AJAX when writing components for Joomla! 2.5. At once it would be desirable to notify angry barrackings: «go to Google! polzuy searching! it already were! Boyan!». It are the decision did not lie on a surface and though it and banal, to find it, it were necessary to me popotet.