WE HAVE MANY SUPPORT OPTIONS

3Get our response in 2 hours or less.

You can also email us at info @ intelliplans .com // Need Remote Support? Windows or Mac

WE'RE AVAILABLE 24/7

Sales: 800.229.0674
24/7 Phone Support: 850.549.2282 | 480.624.2500
Customer Service | Contact Form | Email

Joomla! 3.4.7 Version Fixes Security Flaws

Joomla! has released the latest version, 3.4.7, of its free content management system software to address two reported security vulnerabilities.

The new version of Joomla!, which is used to create websites and online applications, strengthened the security of the MySQLi driver to help prevent object injection attacks.

Joomla said its Security Strike team has been following up on the critical security vulnerability patched last week.

“Since the recent update it has become clear that the root cause is a bug in PHP itself,” Joomla! reported on its website. “This was fixed by PHP in September of 2015 with the releases of PHP 5.4.45, 5.5.29, 5.6.13.”

Joomla! pointed out the only Joomla sites affected by this bug are those that are hosted on vulnerable versions of PHP, and it corrected the flaw because not all hosts keep their PHP installations up to date.

Joomla! 3.4.7 is now available. This is a security release for the 3.x series of Joomla which addresses a critical security vulnerability and one low level security vulnerabilities. We strongly recommend that you update your sites immediately.

This release only contains the security fixes; no other changes have been made compared to the Joomla 3.4.6 release.

WHAT'S IN 3.4.7

Version 3.4.7 is released to address two reported security vulnerabilities and includes security hardening of the MySQLi driver to help prevent object injection attacks.

The Joomla Security Strike team has been following up on the critical security vulnerability patched last week. Since the recent update it has become clear that the root cause is a bug in PHP itself. This was fixed by PHP in September of 2015 with the releases of PHP 5.4.45, 5.5.29, 5.6.13 (Note that this is fixed in all versions of PHP 7 and has been back-ported in some specific Linux LTS versions of PHP 5.3). The only Joomla sites affected by this bug are those which are hosted on vulnerable versions of PHP. We are aware that not all hosts keep their PHP installations up to date so we are making this release to deal with this issue on vulnerable PHP versions.

SECURITY ISSUES FIXED

  • High Priority - Core - Session Hardening (affecting Joomla 1.5 through 3.4.6) More information »
  • Low Priority - Core - SQL Injection (affecting Joomla 3.0.0 through 3.4.6) More information »

Please see the documentation wiki for FAQ’s regarding the 3.4.7 release. It is important to note that due to some session changes you will not be able to edit items until you log out and log back in again. Please note that there has been a backwards compatibility break regarding how session management is handled. If you are using the documented Joomla API you will have no issues. The changes are fully documented in the release documentation.


Sources:

  1. https://www.joomla.org/announcements/release-news/5643-joomla-3-4-7-released.html
  2. https://www.us-cert.gov/ncas/current-activity/2015/12/22/Joomla-Releases-Security-Update-CMS

 

Continue reading
Rate this blog entry:
974 Hits
0 Comments

WARNING: Websites Running Joomla 1.5 Are at Risk

As of August this year, according to W3techs out of all the websites currently using Joomla, 44.6% of them are still on the unsupported Joomla 1.x series, support for which ended way back in September 2012.

Whilst the Joomla 1.x series was very robust and can still run reliably if well looked after, it's time is nearly up. Technologies are changing and security is being tightened up online, and the Joomla 1.x series is being left behind. So if you're running a Joomla 1.x website, now is the time to upgrade, and here are just a few reasons why;

1. Security

As of September 2012 support for Joomla 1.5 was officially dropped, meaning that no security patches will be released. This can be a big problem if you rely on third party code for any of your websites features, for example Google Maps or online payment gateways, or simply if an extension you are using becomes compromised by new hacking techniques. The longer you run a Joomla 1.x series website there is a growing risk of your website being hacked and your data compromised.

2. Changing server technologies

Like Wordpress and Concrete 5, Joomla is a PHP based CMS, which runs on a Linux based server and runs its databases via MySQL. These technologies are also constantly evolving to keep the nasty hackers away as they find new ways to be naughty and get into places they shouldn't.

Currently, there is no supported version of PHP compatible with Joomla 1.5! (http://php.net/eol.php)

As a result of this, we have noticed hosting companies are forcing their customers to upgrade their PHP versions to at least PHP 5.4 (The latest is 5.5). Joomla 1.5 sites are compatible with PHP versions up to 5.3, and so features of your Joomla 1.5 are almost certain to break if your host decides upgrades your PHP version.

At Channel we have mitigated against this for our customers by running Joomla 1.5 sites on the legacy versions of PHP to ensure your websites continue to run happily, but there will come a point in the very near future where we will be forced to upgrade to newer PHP versions, and those 1.x sites will no longer function.

3. Extensions Support and easiEr upgrades

Most extension developers have dropped their support for 1.5 versions of extensions to build extensions for the current Joomla versions. More than 65% of Joomla extensions are now available for Joomla 2.5, so it is likely that any functionality you had previously will still be available on the newer Joomla versions.

4. Future proofing

Joomla 2.5x has many great features compared to the 1.x series, the most cost effective of which is a more robust and easier upgrade system. Joomla 2.5x has an inbuilt upgrade engine, which give you upgrade notifications and 1 click upgrades. It has also been built with future version upgrades in mind and has been designed to make the jump between Joomla versions much easier than upgrading the 1.x series, saving you time and money in the long run.
But my website is fine, why do I need to upgrade?

This is a common question from our customers and it's logical to think "If it ain't broke don't fix it"!, but unfortunately that sentiment doesn't apply to well in the world of the web.

OTHER COMMON THINGS WE HEAR ARE:

  • We built our site only a few years ago and don't have the budget for upgrading.
  • It sounds like a lot of work, I can't be bothered with it
  • My site has never been hacked, so I don't need to upgrade
  • You're only telling me I need to upgrade because you want more business.

Whilst it is true there is a fair amount of work involved and you may have a perfectly healthy Joomla 1.x series website, it won't stay that way forever. The question to ask is if your website got hacked tomorrow, what would be the loss in revenue/reputation for your business?

If the monetary value of any disruption outweighs the cost of upgrading your site, then it's something you really should invest in. Otherwise, you will end up with a website that you cannot host, or if you do find a host who is willing to take it, it will end up repeatedly getting hacked and live a pretty sad life for the rest of its days!

SO HOW DO I UPGRADE AND WHAT'S INVOLVED?

Every website is different. The work involved depends on how many extensions you have, how many customisations you have done, the amount of content and functionality in your site, amongst other things. We have experience of reliably upgrading 1.x sites and would welcome you to contact us for a free audit of your website to find out the best method for you to upgrade.

FREE AUDIT

To help our customers running 1.x series sites and also in the interest of all of our other customers in regards to security, we are offering a free audit to help you find out what's involved in upgrading your Joomla 1.x series website to the latest Joomla! version.

We don't want to see our long standing members fall by the wayside and eventually have to remove them from our servers when they become untenable security risks, so we could encourage you to get in touch with us asap to plan for your upgrade.

So if you are running a Joomla 1.x series site, please get in touch with one of the team today who will be happy to do your free audit and quote for upgrading your Joomla site today.

Continue reading
Rate this blog entry:
902 Hits
0 Comments

Why Outsourcing your Print Work is a Great Idea

  1. Cut your capital costs. Let’s face it, print equipment is expensive, and you likely require several different types of machinery to perform jobs. It’s also incredibly costly to maintain. Then you have costs associated with commercial office buildings, land, or simply space in general. Bringing a project to commercially operational status can be outlandishly pricey. By outsourcing, you don’t need to be financially responsible for any of that stuff.
  2. Reduce your labor costs. Outsourcing allows you to bypass the need for additional employees that your business can’t afford. It also enables you to direct your costs toward those with the experience that you require, rather than keeping folks on the payroll that aren’t fulfilling your company’s very specific needs at a given moment. Plus, you’ll eliminate additional insurance costs, hiring costs, etc.
  3. Increase your efficiency. This is a pretty obvious one. By keeping your core competencies in-house and outsourcing everything else, you enable your business to run more smoothly. As a result, you keep the focus on the things you do best, and let someone else handle the rest. Plus, you turn around more business, faster.
  4. Scale up your growth. At the end of the day, outsourcing print allows you to level the playing field. For example, if you’re a relatively small business in size, you’re still able to compete with larger businesses in the same industry when you outsource. Multiple employees and capital expenses can cause headaches. Without them, your efficiency, as mentioned, increases dramatically which enables you to grow faster than ever before.

In short, outsourcing allows someone else to do the heavy lifting while you and your business reap the rewards. It lets you to choose exactly what you need, when you need it, and how much you’re willing to spend. Think of it like an à la carte approach to business.

Continue reading
Rate this blog entry:
888 Hits
0 Comments

Regular Updates to Your Website CMS is Important

Regular Updates to Your Website CMS is Important

A content management system (CMS) is the easiest way to add, edit and refine content on your website. The ability to easily and quickly add and manage content is essential for anyone with a professional website. If you don’t have some form of CMS built in to your website, it’s time to seriously ask yourself the question – Is your website offering you what you need it to?

Most people have heard the phrase ‘content is king’, and since good content is the cornerstone of any effective website – content should be revised and updated regularly.

A CMS allows you to control the content on your site on your own terms without having to have a working knowledge of HTML or CSS (web coding languages), and means you also will be able to avoid having to get in touch with your web developer every time you want to add or amend content.

Not only is having to deal with a third party when it comes to updating content time consuming, it also means that you’re probably not going to end up adding as much content as you should. In the competitive world of online marketing and appearing in Google’s search results, new and insightful content can be the difference between people finding you over one of your competitors.

From Joomla, WordPress and Drupal, there are many different content management systems that are used internationally, but none more popular (and arguably as easy to use) as WordPress. Therefore for the purpose of this article we will be focusing mainly on updating WordPress, although the main point is consistent for all CMS’s, with the major point being – update or beware.

Similar to anti-virus software updates, CMS updates are provided regularly for good reason. Like anything else, when it comes to online security, everything on the web can become vulnerable with time and hackers are always finding new holes, and new ways to exploit the back end of a website.

Outdated software is especially prone to attack as coding languages have changed and gaping holes can be left which black hat operators are all to keen to exploit for their own gain. Third party plugins, themes and scripts can also present a security risk to your CMS, so before installing any third party plugin or theme on your site, make sure to do your research to verify the safety and reputability of the add-on you are installing.

So if your site becomes compromised, the worst that could happen could be any of these below:

  • Thousands of spammy links from questionable sites which may cause your site to be penalised by Google leading to loss of traffic and enquiries
  • Stealing of private user data including email addresses, credit card information, passwords and other private customer information
  • Hi-jacking of your site to change layout, delete or add offensive content, or change the way your site functions
  • Changing of your CMS password restricting access to your site.

OTHER REASONS TO UPDATE YOUR CMS

Apart from the major reason of security, updating your CMS also offers a range of other benefits. New updates contain more efficient codes and features which help to improve the speed and performance of your site, while also using less bandwidth. As your site grows, this will also alleviate pressure on your web server.

An updated CMS also gives access to new features that can enhance the usability of the platform to integrate with other tools. New updates also help to simplify the way you add content to your site, including the ability to drag and drop rich content without the need for reformatting.

For those who don’t manage a website themselves, it’s important to have a plan in place with your hosting company or website administrators to ensure your CMS is regularly updated. This ensures that neither party assumes the other is responsible for updating the software and a plan is in place for the ongoing security of your site. This could be as simple as making someone in your business responsible for doing this, and checking that the version of the CMS that you are using is the latest one, or it could mean paying your hosting company or web developer to take responsibility of your site security including an updated CMS.



Credits: http://www.mediaheroesbrisbane.com.au/

Continue reading
Rate this blog entry:
872 Hits
0 Comments

Apple is launching search engine to destroy Google

Apple is launching search engine to destroy Google

Apple is launching a search engine called “Spotlight,” at a pace of 3% a quarter -- if you have an iPhone or Mac you’ve been using it for a while!

 

Google has gone from unstoppable to “about to be stopped,” in the minds of the smartest folks in the industry. Search ads are Google’s cash cow; unfortunately, for them, it seems that Google is not advancing the platform (outside of slamming massive amounts of “paid inclusion”).

“Paid Inclusion” is basically the ads that consumers think are content, but are really ads.

You can see this on your desktop by doing a search for “used iPhone.” The majority of the screen real estate is now ads! In the example above 11 of the 12 links are advertisements!

Wow.

On top of that, < 1% of the screen real estate is dedicated to telling this insane fact to consumers! See the tiny ‘AD’ and ‘SPONSORED’ logos? Yeah, barely noticeable … by design.

In the old days Google used to highlight the ads with a background color … over time they have included smaller and smaller notes; this is, of course, a huge debate in the industry. In fact, people have done studies to prove that a large percentage of users don’t know they are clicking on ads.

GOOGLE GRINDS, APPLE SHINES

While Google is grinding users down with 90% of search results generating ad links (10 of 11), Apple is building a search engine in plain sight called “Spotlight.”

Spotlight is what happens on your desktop when you hit COMMAND-SPACE or on your phone when you hit “slide down” when on your home screen.

For example: when you search for “Weather Cupertino” it gives you the result with no advertisements, no Google logo -- nothing but content.

On your mobile phone they will show you Wikipedia pages, App Store links and more -- without any ads.

Every time Apple hosts their World Wide Developer Conference (WWDC) they add a couple of features to Spotlight. The big update came yesterday, with “deep link searching in apps.” Here they show folks searching for “how to make chocolate cake” and subsequently dumping users into the Yummy App.

No. Google. Necessary.

Continue reading
Rate this blog entry:
1302 Hits
0 Comments
TOP