Security updates for Joomla 1.5 ceased in April 2012. There will be no reports about new security holes in Joomla 1.5 by Joomla, but this does not mean that it remains a fully secure system.
If a security vulnerability is found in your Joomla 1.5 website, not only will these vulnerabilities not be reported officially, but Joomla will also not be releasing any security patches. The official word from Joomla is as follows:
“ Support for Joomla 1.5 ended in April of 2012 and we continued to support it unofficially until the end of 2012 for medium to high priority security issues.
Does that mean your 1.5 site will suddenly stop working? No, your site will continue to work as it always has. However, Joomla’s developers will not be releasing new versions for Joomla 1.5, so you won’t be getting bug fixes or security fixes. For this reason, it’s recommended to migrate from 1.5. ” - Joomla Announcements
In the interests of privacy, information security and keeping your website online 24/7, your safest bet is to call us and request a quote to upgrade.
Is my website affected?
If you have been an Alltraders client prior to 2012, or you have a Joomla website created prior to 2012 and you are unaware of any applied major updates, your website is most likely at risk.
If unsure of your website version and if this affects you, call us and we'll confirm this for you.
Do I have to upgrade?
By upgrading to the latest long term stable Joomla release (currently 2.5), you will have the following benefits:
- Long term risk mitigation
- Allows for future upgrades to be applied much more easily
- Removes potential risks and places your website in the best position to move forward
- Able to add a maintenance package to have this area managed by Alltraders on your behalf (including website firewall, backups, and periodic security audits).
What if I don't upgrade?
By continuing to run a website based on Joomla 1.5, you run the risk of being targeted and successfully attacked by malicious users, who might:
- Take down the site, rendering your online presence/shop temporarily closed for business
- Deface and/or replace your entire website with another company
- Turn it into a phishing or malware trap for visitors, and
- Gain access to private user information stored within the website to potentially sell to third parties.
If you leave the website as is and only address this when a problem occurs, you will have:
- No peace of mind
- A higher cost to remedy a hacked site than to address the issue up front
- Possible loss of site depending on the damage
- Inability to add a maintenance package to have this area managed by Alltraders on your behalf
Bear in mind that most extensions for Joomla 1.5 may also be no longer updated, and so additional security holes may be found and not fixed unless a core Joomla upgrade is performed.
How do I secure my website? How do I upgrade?
As an upgrade from 1.5 can be a complicated procedure, we do this for you. There are associated costs, but we will let you know beforehand if there are any major issues. As each website is unique and different, costs may differ. To upgrade, simply call Alltraders and we will do the rest.
If you would like your website to be automatically maintained and updated by us in the future, such that security flaws like these are taken care of as they are found, ask us about a maintenance package.
