AUSWEB BLOG

The Joomla Project has announced the release of Joomla 1.5.14, which contains fixes for two material bugs that were introduced in version 1.5.13 and one low level security issue. Instead of waiting for the normal 6 to 8-week release cycle, this release has been made available to users now and we recommend all users of Joomla to upgrade.

You can find the latest release or appropriate upgrade package by following the link below.

http://www.joomla.org/announcements/release-news/5244-joomla-1514-released.html

CMS, Joomla, PHP Applications, Scripting & Coding, Security, Web Development

Theres a wealth of great PHP resources and tutorials scattered around out there online, including AUSWEB’s own PHP & MySQL tuts. However, here’s a giant list sorted into useful topics and catering to both beginners, and advanced PHP programmers – 101 PHP tutorials!

PHP Applications, tutorials guides, MySQL, php, programmers, tutorials

Please find attached the new important Fantastico software security updates for your cPanel Hosting account

• Joomla 1.5: 1.5.12 -> 1.5.13
• Open-Realty: 2.5.6 -> 2.5.7
• SMF: 1.1.9 -> 1.1.10
• TYPO3: 4.2.1 -> 4.2.8
• WordPress: 2.8 -> 2.8.2
• Coppermine Photo Gallery: 1.4.20 -> 1.4.25
• Drupal: 6.10 -> 6.13
• LimeSurvey: 1.82+ -> 1.85+
• OpenX: 2.0.11-pr1 -> 2.8.1
• osTicket: 1.3.1 -> 1.6 RC5
• PHPlist: 2.10.9 -> 2.10.10
• phpWCMS: 1.1-RC4 Rev. A -> 1.4.2 r327
• TikiWiki: 3.0 -> 3.1
• Zen Cart: 1.3.8a -> 1.3.8a [Patched]
• Zikula: 0.764 -> 1.1.1

Please always keep your scripts save and secure and up-to-date to the newest version to prevent server and system compromise, which would not just affect you , but lots of other clients!

Best Regards and thanks you for your cooperation.

AUSWEB Hosting , Domains and Dedicated Servers

http://online.ausweb.com.au/clients/
http://tutorials.ausweb.com.au/
http://ausweb.com.au

CMS, Joomla, News, PHP Applications, Scripting & Coding, Web Development, Web Hosting News, Wordpress, cPanel, drupal

Joomla! has recently updated to 1.5.12 with a host of bug and security fixes. You can download the latest version and view the release notes at the link below:

Joomla! 1.5.12 – As usual pay close attention to the upgrade instructions, especially if you are upgrading a live or heavily modified Joomla website!

CMS, HTML, Joomla, News, PHP Applications, Web Design, Web Development CMS, Joomla, Patch, Security, Update

Updates for Drupal versions 6.13 and 5.19 have been released this week with a host of maintenance fixes as well as some critical security vulnerabilities which have been fixed.

As always, upgrading and keeping your installations up to date is highly recommended. As always follow the Drupal upgrading procedures with a current and tested backup of your site.

CMS, PHP Applications, Scripting & Coding, Security, Web Development, drupal CMS, drupal, Patch, php, Security, Upgrade

A fair few people know what DNS lookups are, Even without having to work in the IT industry. It basically converts the pretty, familliar and easy to understand (for us) “www.domain.com” into an IP Address, which computers can understand and direct traffic to.

The Image below is from Verisign, and to make the understanding a bit easier, it ignores the process of caching.

Image source: Verisign Domain Name Industry Brief, June 2007 (PDF), last page.

Read more…

Domains, PHP Applications, Science & Tech DNS, Domain Name, Lookups

The Joomla Project announces the immediate availability of Joomla 1.5.10 [Wohmamni]. This is a security release and users are strongly encouraged to upgrade immediately. Read more…

PHP Applications

Facebook has been targeted by malicious hackers seeking to steal valuable data from members.

The social network site has been hit by five separate security problems in the last seven days, say security experts.

By creating fake messages padded with details of Facebook members the thieves are capitalising on the trust and social links that drive the network.

Security firms warn that the popularity of social networking sites makes them a tempting target for hi-tech thieves. Read more…

News, PHP Applications, Rambles, Scripting & Coding, Security, Software

WordPress is by far the most popular blogging system known to man. It provides a great back-end with great flexibility and customization without having a complex management console to navigate. It powers this blog right here. Here is a number of plugins which you should take a look at, When installing or running a WordPress website.

Read more…

PHP Applications, Scripting & Coding Blogging, Blogs, Plugins, SEO, Webhosting, Wordpress

Keeping your blog secure is extremely important these days. So much so that new installs of WordPress ask the user to create four security keys. These keys help ensure that the cookies placed in your browser when logged in are not easily de-coded by would be hacker sites.

Some pre-existing installs of WordPress may only have one or two security keys while others may have none.

“Beginning with Version 2.6, three (3) security keys, AUTH_KEY, SECURE_AUTH_KEY, and LOGGED_IN_KEY, were added to insure better encryption of information stored in the user’s cookies. Beginning with Version 2.7 a fourth key, NONCE_KEY, was added to this group.

You don’t have to remember the keys, just make them long and complicated or better yet, use the online generator. ”

If you have been using Wordpress for a while, you may not have these keys in place and this could cause security issues. It’s a simple fix though.

Wordpress has a tool to randomly generate the four keys. You can get yours at: http://api.wordpress.org/secret-key/1.1/

Once you have them, open up your wp-config.php file and past them in. If you have one or two security keys already you can either replace them or just add in the new ones.

Save the file, re-upload it and you’re done.

You’ll probably have to re-login to your blog, but the security keys will now be in place and can help give you peace of mind.

Read more…

News, PHP Applications, Scripting & Coding

ModSecurity is a web application firewall module designed for use with Apache web servers. It provides an increased level of server security by protecting the server from vulnerabilities present in web application code. This increased security is achieved by detecting and preventing possible attack fronts before they reach the actual application. It is now estimated that over 70% of all attacks on web servers are carried out at web application level, hence the need for more secure web hosting environment.

AUSWEB deploys ModSecurity on all of our shared Linux hosting solutions to ensure we are able to provide the most secure shared hosting environment possible for our clients. Whilst it is not a guaranteed solution to protect against all web vulnerabilities, it reduces the attack surface of our hosting environments and therefore reduces the chances of a security breach.

From time to time, having ModSecurity installed will mean clients may experience ip blocks if code on a client website is deemed insecure. These blocks can also occur when using applications that are attempting to communicate with the server in an insecure manner, which can be caused by trojans/viruses on your pc or other software programs or their plugins.

Read more…

PHP Applications, Scripting & Coding

The Joomla project has announced the release of version 1.5.9 and recommends all users to upgrade as soon as possible. The release addresses one low level and one high level security issues, along with a number of performance tweaks and enhancements.

We strongly advise clients using Joomla to upgrade to this release. If you installed Joomla via Fantastico then the release should become available shortly via your Fantastico control panel. Alternatively you can install the update manually by following the instructions on the Joomla website.

http://www.joomla.org/announcements/release-news/5226-joomla-159-security-release-now-available.html

PHP Applications

PhpBB updated the popular forum application on December 12th 2008 with the release of the “one year anniversary” phpBB 3.0.4 package. The delivers a huge increase in performance along with fixes for some bugs introduced with the changes in 3.0.3. It also corrects some other minor issues, and  two security bugs.

If you have not done so already, phpBB strongly urges all users of its application to update to the latest release of version 3. You can find more information at the phpBB website.

http://www.phpbb.com/downloads/

PHP Applications

Drupal released the latest version of its CMS on December 11th 2008 addressing a number of highlighted issues and critical security vulnerabilities. The update should be available to install via Fantastico shortly, however you can also perform a manual update by following the link below to the Drupal site and downloading the latest version.

http://drupal.org/taxonomy/term/10

PHP Applications

The Joomla Project announced the availability of Joomla 1.5.8 [Wohnaiki] on November 10th, 2008. This latest Joomla release contains a number of bug fixes along with fixes to a two moderate-level security issues. The previous Joomla update was released on September 9, 2008 so it’s been a couple of months since we saw any changes.

As with any software updates, we strongly advise everyone using Joomla to update to this latest release to keep their site secure and issue free. If you have installed Joomla using Fantastico, the update will be available to install shortly through the Fantastico console. Alternatively, to install it prior to that update being available, just head over to the Joomla site, download the update, and follow their installation instructions.

http://www.joomla.org/announcements/release-news/5219-joomla-158-released.html

PHP Applications

The latest release to the Simple Machines Forum application has been released. This release addresses several security issues recently discovered in SMF 1.1.6 and older. To keep your installation safe and secure, we highly recommend that all users upgrade to 1.1.7 as soon as possible.

To upgrade, either use the package manager from within your administration centre, or login to your cPanel and upgrade via the Fantastico control panel if you used Fantastico to install SMF. More information can be found at the Simple Machines Forum website.

http://www.simplemachines.org/community/index.php?topic=272861.0

PHP Applications