Christmas Sale
The “Give Back Sale” is active until 9/8/12. Proceeds of this sale will be sent to a non-profit organization, 58ten.
More Details Here...
Scheduled Maintenance - On Friday the 25th at 10PM EST we will be making some minor DNS changes to our server. We do not expect there to be any down time on our site, but if after this time our site does not load for you please simply clear your browser cache and restart your machine. - Thank you.
login
Join Now Access Products


Forum Support
Ask questions and find answers about products

linktree Shape 5  >  General Category  >  General Talk/Questions/Comments
linktree Topic: Security - Template Updates
Pages: [1]
Print
Author Topic: Security - Template Updates  (Read 2246 times)
uglyfashio
Offline Offline

Posts: 249
« on: June 05, 2012, 06:28:43 AM »
Hi I recently got hacked on one of my sites - not a Shape 5 template though.

Having researched all my security business, I have been advised to update everything from Joomla, to components, modules, plugins, and templates.  I know you update templates sometimes, but I don't know how to find out this information.

I would gladly sign up to an email update on templates that I've used, or any other suggestion would be good.  I basically intend to update all my templates to the latest versions from here on in.

Anything you can do to assist me with this would be great.

Eoin
Logged
mikek
Shape 5 Administrator
Offline Offline

Posts: 19438



WWW
« Reply #1 on: June 05, 2012, 08:01:28 AM »
Hello,

Templates really aren't security risks because they don't interact with the core joomla framework, they simply stylize. The updates that we do are usually just simply css updates which we post in the template's forum board at the top if there are any.
Logged
Mike
------------
Shape 5 Team

- Need a great host for your website? We highly recommend siteground.com!


- Using Firebug will save you so much time, frustration and forum questions:
http://getfirebug.com/

- Need some custom coding done on your site? Use our Shape 5 Hire a Coder program for free:
http://www.shape5.com/hire_a_coder/listauctions
uglyfashio
Offline Offline

Posts: 249
« Reply #2 on: October 19, 2012, 03:53:42 PM »
Ah ok, but templates aren't simply CSS files.  They do usually have PHP within them right?  Hence I would suggest that there is a possibility of Joomla being updated and the templates not meeting security standards.  I can imagine a situation where a few years ago a template allowed PHP Injections or something similar to that.

I could be wrong, it was just that was what I had been told.  The website I read it on said that older joomla templates were often vulnerabilities.
Logged
mikek
Shape 5 Administrator
Offline Offline

Posts: 19438



WWW
« Reply #3 on: October 20, 2012, 07:44:19 AM »
Hello,

The only php in a template is to check for modules being published and to create layouts. They aren't php calls that would modify files, or connect to databases, etc. Those are the type of functions that cause security risk. Simply echos that create a layout or not security risks.
Logged
Mike
------------
Shape 5 Team

- Need a great host for your website? We highly recommend siteground.com!


- Using Firebug will save you so much time, frustration and forum questions:
http://getfirebug.com/

- Need some custom coding done on your site? Use our Shape 5 Hire a Coder program for free:
http://www.shape5.com/hire_a_coder/listauctions
cexim
Offline Offline

Posts: 50
« Reply #4 on: October 20, 2012, 11:17:44 AM »
Hello, it might be helpful to note there is a published list of extensions and modules with known security risks on the Joomla site.

rgrds
Logged
Pages: [1]
Print

linktree Shape 5  >  General Category  >  General Talk/Questions/Comments
linktree Topic: Security - Template Updates
 « previous next »
Jump to:  


Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com Page created in 0.024 seconds with 20 queries.

Affiliate System


Become a Shape 5 affiliate today and earn 20% on each sale you generate through your site

Suggest a Template


Feel free to give us template suggestions or even any template integration wishes that you may.

Membership FAQ


Learn more about the benefits, costs, rights you have as a member and details site terms.

Contact Us


Do you have a question? Feel free to send us an email and we will be happy to assist you.