Software vulnerabilities are an inevitable byproduct of having a content management website
To ensure security, website software should be checked and updated on a regular basis
If software is not updated, your site will eventually be hacked
Google flags websites as “unsafe” if they are hacked or contain malware
Automatic software updates are conceptually a good idea but there are many considerations before deciding to use them
Your content management (CMS) website, be it WordPress or Joomla, needs periodic maintenance to ensure adequate security.
When you choose to use a content management website, you must make a commitment to periodically maintain it. If software updates are not applied, it’s not a question of IF a website will be hacked, it’s a question of WHEN. If your site gets hacked or infected with malware, Google will flag your site as “unsafe” and warn people not to visit it.
On a content management site, there are many software components such as the core platform, various plugins, a theme, etc. At any given time, this mix of software often contains security vulnerabilities. This is an unfortunate and inevitable byproduct of open source content management systems.
“…the leading cause of infection could be traced to the exploitation of software vulnerabilities in the platform’s extensible components… the integration of plugins, extensions, components, modules, templates, themes…” from Sucuri’s blog post Website Hacked Trend Report 2016 – Q1
That said, these vulnerabilities usually get fixed relatively quickly thus minimizing the threat to your website. But here’s the problem: website owners must take action to get these fixes applied to their websites. And they very likely don’t know they have software that needs updating. They don’t know their sites are at risk of being hacked. If vulnerable software is not updated, hackers will eventually find a way to gain access to the site. The best defense is to simply keep your site software updated.
As a rule of thumb, have your website software checked and updated at least monthly. It’s critically important to your website’s security to have software updates applied on a regular basis.
This is a security release which addresses a critical Remote Code Execution vulnerability. The Joomla team (at Joomla.org) strongly recommends that you update your Joomla site immediately.
This is a security release which addresses a critical SQL Injection security vulnerability. The Joomla team (at Joomla.org) strongly recommends that you update your Joomla site immediately.
Security Release This release addresses six important security issues, so you should ensure your site gets updated ASAP. Here’s the official blog post from WordPress.org with details of what is contained in the release.
If you have automatic background updates enabled, that’s the default setting for minor and security releases, then you should receive an email from your site when it has been updated. The email is sent to whomever is designated to receive admin emails in your General Settings. I received several of these notifications yesterday covering the sites I manage.
So to ensure your site’s security, please check that your site is updated. Also, keep your eye out for the next major release, WordPress 4.3, slated for release on August 18.
If you’re a website owner running WordPress, Joomla or other popular CMS, this is a serious issue that shouldn’t be ignored. We’re not just talking about Joe Schmo, amateur hacker here. We’re talking about large-scale, sophisticated attacks using sophisticated software on sophisticated networks. Did I mention they’re a sophisticated lot? And don’t be fooled into thinking hackers wouldn’t be interested in your small or obscure site. Hackers will attack any website regardless of size or purpose.
The Joomla Project has made available two security releases (i.e. they address security issues in the Joomla core software). If you have a Joomla website, then you should keep the Joomla core software up to date – particularly if it addresses security issues. This helps protect your website against security issues like malware, viruses and hackers.
Security Release This release addresses some important security issues, so you should update your site ASAP. Here’s the official blog post from WordPress.org with details of what is contained in the release.
This is the first security release to come out since automatic background updates were implemented so you may already be on this release – assuming you have not explicitly turned off automatic updates. If you have not turned off automatic updates, then you should receive an email from your site when it has been updated. The email is sent to whomever is designated to receive admin emails.
The Joomla Project has made available two security releases (i.e. they address security issues in the Joomla core software). If you have a Joomla website, then you should keep the Joomla core software up to date – particularly if it addresses security issues. This helps protect your website against security issues like malware, viruses and hackers.
Ok, so you have a Joomla or WordPress website, and you can now make minor, or maybe even major, content updates yourself… Great! Don’t have to worry about website maintenance anymore, right?… But wait, have you thought about the “health” of your website? How long has it been since the content management system (CMS) software was last updated? Did you even realize that it should be updated?
The Joomla Project has made available a security release (i.e. it addresses security issues in the Joomla core software). If you have a Joomla website, then you should keep the Joomla core software up to date – particularly if a release addresses security. This helps protect your website against security issues like malware, viruses and hackers.
This is a security release which addresses a critical Remote Code Execution vulnerability. The Joomla team (at Joomla.org) strongly recommends that you update your Joomla site immediately.
Security Release
Ok, so you have a 