Sadly in the last 6 months there have been two published circumstances where an extension provider has been hacked and malicious code inserted into the extensions that they offer.
This meant that as soon as you installed the extension your site was vulnerable to defacement etc.
If there have been two published cases perhaps there have been more that we don't know about.
So is there anything we can do to prevent this?
Read more: Help my Wordpress site has been hacked!
On Wednesday I explained how your Joomla site might be exploited
"Just because you keep your server secure and your software up to date you may have been exploited yesterday, ready to be hacked tomorrow."
Today I read an article explaining the exact same thing happening on a Wordpress site. I had tried to explain this to the site owner 6 weeks earlier but...
Read more: Help my Joomla web site has been hacked!!
..or how do you keep your Joomla web site secure?
I've sat on this blog post for a few weeks as I wanted to separate any connection to the specific client for who this relates to.
So I'm sat in a hotel bedroom, idling away the time before bed, browsing a news sites when a skype window pops up on my Mac.
"Please help!!!! I've got 12 sites all on different servers and they keep getting defaced."
Now obviously I then ran through my usual set of questions:
- "Are the sites running the latest version of Joomla?"
- "Are the file and directory permissions set sensibly?"
- "Do you monitor the extensions and make sure they are all up to date?"
And the answer was yes to all of the above.
Joomla Hidden Secrets - the movie
Is it time for an International Joomla Event?
Why integrate Joomla and Wordpress?
