I recently tied-up with a start-up web design company in Western Australia, HCS Technology. The owner of the company subscribed to YouJoomla, and I personally like their member templates. Professionaly done, cool designs, and some nice extensions.
About 2 weeks ago, I received an e-mail from Barrie North of Compass Designs, telling me about a security vulnerability within Joomla 1.15 wherein a person could get in and change my admin password, thus advising me to urgently upgrade to version 1.5.6 to avoid disaster. Sadly, I did not take notice.
A few days after that, I received an e-mail from somebody, telling me about the same vulnerability. The only difference is that he told me he would fix the issue for $200. So I logged in to my administrator’s control panel and behold… that person changed my admin password. Luckily though, that was the only problem and I have a database back-up so I restored the original password. Right away I downloaded and applied the patch from Joomla.
Lesson learned: always check and apply new patches, especially security patches, and always listen to experts. Yeah I should have listened to Barrie in the first place… 🙂
After a few months from its official release, I finally got a chance to use Joomla 1.5 in a production environment, not just test sites. It’s a little different from the earlier versions and I’m still getting the hang of it. It seems to me though that it’s easier to use when you get more familiar with it. Maybe a few more sites and I will grasp the essence of the new version of Joomla. 🙂