« SPF mail protection | Home | ‘Professional’ hackers at large »
Joomla CMS exploits
By Tony Walker - Support Manager | September 17, 2007
We’ve noticed a couple of instances recently of sites running Joomla CMS being exploited and a script being installed to send out bulk unsolicited email. In releases of Joomla version 1.0.11 upwards, a modified htaccess.txt file has been included within the bundle which implements some relevant security settings.
It is important for anyone running PHP script software that they keep their software updated to the latest version. Even minor updates and releases often include important improvements to the security settings within the scripts after such exploits have been reported.
All scripts installed via Fantastico can be upgraded to the latest version using Fantastico itself, which also makes a backup of your previous version during the upgrade. We encourage customers to log into Fantastico on a regular basis and review and implement any upgrades available.
If upgrading a Joomla install, the following points are worth noting:
- Site master configuration settings are reset to the default
- The description and keyword meta-tags are reset to default
- The default favicon is re-installed in the image directory
The above entries and image can be copied in a couple of minutes before applying the upgrade and then restored to your preferences afterwards.
Further information can be found at the Joomla web site.
Tagged as:Fantastico Joomla programming script security
Topics: Netnibble Tidbits | No Comments »
Comments
You must be logged in to post a comment.