News and Thoughts

Joomla is now at version 3.7.3, which was released on July 4th. You can tell this is a truly international commuinty, as they didn't think twice about making all us US-based System Administrators work on the 4th to upgrade software.

The other software is the version of the PHP programming language in which Joomla is written. We were on the 5.6 version, we've now upgraded to version 7.0.12. (Don't ask "What happened to version 6?" It's a sad tale).

Hope you're all well.

 

I've just accepted a six-month contract for development work. It'll be 32 hours per week, with two days on-site and two days telecommuting. What does this mean? It means that I'm about to be very busy between that and starting graduate school at Georgia Tech. I plan on working on the contract work starting early in the morning, which means I'll have time to work on your sites in late afternoon. I appreciate your business and your flexibility during this time.

One generally thinks of the sites that hackers target as being multi-billion dollar enterprises like Target or Home Depot, but this past month three of our sites have come under attack. Hackers from the Ukraine and Russia hit these sites with literally thousands of login attempts per hour to the administrator side. Of course, we have software installed that locks people out from attempted logins after three successive failed login attempts from the same network address. But that didn't stop the hackers from continuing to try. Although they utterly failed at getting administrator login priviledges, they did slow our server down due to the amazing amount of network traffic they generated. Once I saw what they were doing, I could block them from ever seeing the login screen, but this took a bit of time and our sites did experience some performance issues in the meantime. I'm looking into automating the defense if they keep up these attacks. I'm hoping this won't be necessary, since they aren't getting anywhere with us and will hopefully move on to other easier targets. Stay tuned for updates.

As we approach Christmas, we're thankful to all our clients and business contacts. We hope each of you have a great Christmas season with your friends and loved ones. We won't be going out of town, but will be available if needed for any emergency. We'll tag base in the New Year.

The Joomla project has released Joomla 3.6.5. It addresses three security bugs and adds security hardening to several areas. You can read the announcement here. The update was applied to all our client sites within a couple of hours of its release.

Here's a good article about the 19 types of custom field types coming in Joomla 3.7 early next year. 

The Joomla! developers have published the timeline for the Joomla 3.7 release. If all goes according to plan, it'll be out before the end of March 2017.

This year's voting on the CMS Critic site is in the books. Joomla has won the Best Free CMS award again. You can see the complete list here. All well and good, but I'm a bit puzzled as to what the difference would be between the best Free CMS vs. the best Open Source CMS, especially since Joomla is Open Source. But we'll take the win and go with it, I guess.

The Joomla team is famous (or imfamous) for having oops releases, e.g. a major release, then another minor one a few days later to correct a few issues. That's happened again with 3.6.3 and its immedate followup 3.6.4. We've updated all our client sites to 3.6.4, which patched a long-standing security issue. You can read more details in this official followup.

Today the Joomla project released version 3.6.3, and we've installed it on all our clients' sites. It's a bugfix release, with about 350 fixes. Nothing big, but a couple of our clients have hit a couple of the bugs, so they should be cleared up now.