Is Joomla 1.5 still secure? - Joomla! Forum - community, help and support

i don't entirely agree in website's warning, wanted repost here community aware of what's being said. had customer point me article spooked , worried site 1.5.26 comments "we’re confident joomla 1.5.26 no longer secure"!

maybe security team can contact these people , have them point out specifics , ask if claim have had on 30 hacked joomla sites, done them , brought attention? maybe were?

http://www.itoctopus.com/is-joomla-1-5-26-still-secure

is joomla 1.5.26 still secure?

up until recently, recommending our clients keep using joomla 1.5.26 until end of year, no longer recommend this. in fact, urging our clients migrate possible joomla 1.5.26 joomla 2.5.6 (or latest version of joomla, whatever is).

so, why sudden change of heart, might wonder?

well reason in past week alone had on thirty cases of hacked joomla websites, on twenty 5 of them using joomla 1.5.26! know, it’s unbelievable, it’s logical. here’s why think it’s logical:

majority of joomla websites out there still using joomla 1.5.26 version – because it’s hard migrate joomla 1.5 joomla 2.5.

joomla 1.5.26 has several security breaches, in tinymce editor.

these websites using joomla 1.5.26 being hacked @ moment – 1 one, , repeatedly!

so can (yes you!), administrator (or owner) of joomla 1.5.26 website do? well, think have no other option migrate joomla 2.5 – no matter how costly or complicated migration is. don’t think have other option – new vulnerabilities in joomla 1.5.26 being discovered (and maliciously exploited) every week – if address vulnerability on website new ones pop up!

but why not wait until joomla’s development team fixes these vulnerabilities on joomla 1.5.26 , releases better, more secure version, such joomla 1.5.27? well, because never fix it. joomla official development team has ceased support joomla 1.5.x line in may of year (2012). considering amount of websites using joomla 1.5.26, think official joomla team should address these issues immediately, doubt will!

but if company itoctopus secure joomla 1.5.26 website, vulnerabilities , exploits addressed? unfortunately, neither @ itoctopus nor other company can (in fact, company claiming they’ll doing lying). , if it’s possible, it’ll cost less , take less time migrate website (including data , 3rd party extensions) joomla 2.5. never recommend option, regardless of structure , size of website.

but why did joomla official development team cease support joomla 1.5.26? well, because 1) want focus on new 2.5 , 3.0 lines of joomla, , 2) know joomla 1.5’s code isn’t optimal (and that’s why of re-written in joomla 1.6, has same engine joomla 2.5).

how upgrading joomla 1.6 or joomla 1.7? there 2 reasons why should never consider option:

it’s not upgrade joomla 1.6 (or 1.7), it’s migration (see difference here) identical joomla 2.5 migration. means amount of work migrate joomla 1.6 more or less same migrating joomla 2.5.

joomla 1.6 , 1.7 both discontinued – before 1.5 version discontinued (both deemed unstable versions , that’s why had short lifetime).

again, we’re confident joomla 1.5.26 no longer secure , you’ll putting website’s reputation , visitors’ computers @ risk if continue using version. if need upgrading joomla 1.5 joomla 2.5, you’re @ right place! contact , we’ll start working on migration immediately. we’re fast, we’re honest, we’re hard workers, won’t charge much, , we’ll ensure website looks , works before migration won’t think have migrated it! (unless, of course, went admin section of website – it’ll different there, more powerful , exciting!)

hi euoceo,

there no known security vulnerabilities in current joomla! 1.5. there can many reasons these hacks, not have due core files.

the text reads advertisement migration service ... ;-)

regards