The new Joomla! 3.6.1 contains a lot of bug fixes and it is really important to update your site as soon as possible. In the newest Joomla! version, developers introduced a CSRF token check to the Joomla! Update component - which will help secure your Joomla! site.

This caused some problems to our clients who are reporting issues with upgrading their sites to the newest CMS version. In this article, we aim to ensure that your upgrade goes as smoothly as possible.

We often receive clients requests to increase the PHP memory limits  on WordPress instances. The error message they receiving is: “Allowed memory size of xxxxxx bytes exhausted" or the information in the Dashboard:

By default this limit on our platform is set to 512MB. You can verify this by running a simple PHP script. Just create a file info.php in a root directory of your website (if you happen to have the website on CloudAccess the proper directory is: httpdocs) and put there:

Earlier today a zero-day XSS vulnerability was discovered, and it appears to affect all versions of WordPress. This vulnerability resulted in a critical security update release and it is recommended to update your WordPress site immediately.

The CloudAccess.net Abuse Team learned of the vulnerability shortly after its release. Within 2 hours, our team had crafted security measures at the server level in an effort to thwart this particular attack vector. The action taken by our team will likely result in less infected sites on the CloudAccess.net network and ultimately less affected clients.

The CloudAccess.net Platform is built specifically for hosting WordPress and Joomla websites. The well-being of these sites is our top priority and we take these types of vulnerabilities very seriously. As the Joomla and WordPress communities continue to harden the applications, CloudAccess.net will continue to evaluate each application's security at the server level.

With the release of Joomla 3.4 just around the corner, you might be wondering what new features this release will bring. Well, wonder no more. I installed the Beta 2 version and took a look around. This blog contains a list of new features you can expect in the next version of Joomla. Please bear in mind that since 3.4 is still in beta testing, the final look and feel of these features may change for the stable release, but they shouldn’t change much.

Release Dates

First, let’s take a look at the release dates.

• February 10, 2015 - 3.4 Release Candidate
• February 17th, 2015 - 3.4 Stable Release

Beta 2 came out on February 3rd, and these release dates may change depending on the bugs that are found. In just a few days we’ll have a release candidate and, hopefully, a stable release a week after that.

Internet Protocol is the set of rules that governs the exchange of information and the way traffic is routed on the web. Internet Protocol Version 6 (IPv6) is the next generation Internet communication protocol that provides an identification and location system for devices, computers and networks and will replace IPv4, the current protocol that has many limitations. This blog shines some light on IPv6 and explains the impact on Internet users and how the CloudAccess.net platform is IPv6 ready.

The Growth of the Internet and the Need for a New Protocol

Originally developed in the 1970s, IPv4 is a cornerstone of the Internet as we know it. It was developed long before anyone could really imagine all of the interconnected devices that we have today. IPv4 allows for approximately 4.3 billion unique IP addresses, which might sound like a lot and certainly was a lot in 1970s standards. Nobody in 1970, however, could have predicted that the Internet would be as popular as it is or that many of us would be walking around with high speed computers in our pockets. With close to 3 billion current Internet users, IPv4 presents some serious limitations.

Essentially, the biggest limitation is that IPv4 is running out of the 32 bit addresses that each computer or device is required to have. An example of a 32 bit IPv4 address:

We pride ourselves on having an extremely secure platform, but even the most secure hosting providers see hacked websites on a daily basis. Almost always, the goal of the hacker is to steal content, send spam, spread malware or conduct some type of phishing scam. Many times we’ll see a site administrator clean a site only for it to be hacked again a few days later, and then they come to us wanting to know why. We find that some additional steps that can secure a site and fend off attacks are often neglected. This blog explains why sites are hacked, steps for cleaning up a hacked site, and preventative measures that can be taken to secure the site moving forward.

Why sites get hacked

Vulnerable Extensions

There are several reasons a site can be hacked, but the culprit we identify most often is an outdated extension. Updating extensions is critical because hackers can easily identify vulnerabilities in older versions, which are like a wide open back door to the site. If you’re using a Joomla site, it’s best practice to visit the Vulnerable Extensions List frequently. If you see an extension you’re using on this list, download and install the patches immediately. If no patches exist, disable the extension and find something to replace it.

Outdated Applications

Another reason we see sites hacked is because the site itself is an older version of the application, like Joomla 1.5 for example, which is no longer supported with security patches. We provide a managed hosting platform, which means we’ll update versions for you when a new STS (short term support) version becomes available. When a new LTS (long term support) version becomes available, it’s up to site administrators to upgrade on their own. It’s definitely best practice to stay current with the most recent version of your application.

Imagine this horrible hypothetical situation: you’re deep in development mode making changes all over your site. You’re in the zone - nothing can stop you as you move about the options as fast as humanly possible. Your site is going to be a miracle, you’re a genius, ideas keep flowing through your head and you’re going to change the world. After making several changes, installing several extensions, posting multiple articles, you refresh the page to see the changes live only to cry out in pain and anger because your site suddenly looks something like this:

Or this:

Also known as the dreaded “500 Internal Server Error”.

The Cloud Control Panel, or the CCP, is an easy-to-use interface used to manage each website hosted with CloudAccess.net. We recently redesigned the entire CCP and this blog describes the process we went through and offers a little history of one of the most important pieces of our platform.

In the beginning, the CCP was actually a custom Joomla component we built and pre-installed in Joomla sites that were launched through our platform. It was completely separate from what we called the “Client Area” at the time.

When Joomla 2.5 was released, we removed the CCP from the Joomla application and added those features to the Client Area, unifying account and application management tools. The result was the second version of the Cloud Control Panel, which you can see below.

We don't only work with Joomla, we also use it. A lot of us help clients on a daily basis, but we also create our own personal sites.

My father is a (retired) military man, and I am very proud of him and his service. The unit that he was stationed with the longest - the 7th Radio-Technical Battalion of Łask, Poland, where he served as Chief of Arms, had a fairly poor website and I decided to build them a new one using Joomla.

The old site had a lot of  features when I took over, but it was still in the raw HTML form, and, speaking frankly, it would have made a 1990's web developer cry blood. I decided to remake it in Joomla! The military unit (Siódmy Łaski Batalion Radiotechniczny in Polish) no longer exists, as the splash page states. The site was initially just a single page where the unit's “sympathizers” could learn about future reunions. Later, as old service men and other staff found each other, they started exchanging photos, and a gallery was born. The history of the battalion was developed in much the same way. Subsequent reunions produced even more photographs and the gallery currently features 13 years of reunion photographs from 1998 to 2011. Older photographs of equipment the men when they were soldiers were also added. Images of Polish-made and USSR-made weapons, radio turrets, guidance systems and much more were also added.