[Updates] Joomla! 1.x Sunsetting
Wednesday, October 8th, 2014 - Updates
Due to a recent rash of web hosting accounts being compromised and exploited and a lot of these being traced back to outdated Joomla! scripts, we have made the decision to sunset all Joomla! 1.0 and Joomla! 1.5 scripts that are installed on our servers.
Sunsetting, in this context, means that we will be disabling these web hosting accounts or directories that currently have a Joomla! 1.0 or Joomla! 1.5 script installed.
To put this in perspective, consider these end of life announcements from the Joomla! developers:
End of Life Date | |
Joomla! 1.0 tree | July 2009 |
Joomla! 1.5 tree | April 2012 |
Joomla! 2.5 tree | December 31, 2014 |
End of Life means that the developer stopped supporting that software or that version of the software. Any security holes discovered after a product goes End of Life means that it will not be patched.
Joomla! 1.0 reached end of life in July 2009, that was over 5 years ago. Joomla! 1.5 reached end of life in April 2012 which was nearly 18 months ago. Joomla! 2.5 will reach end of life at the end of 2014, but we are not making any changes to Joomla! 2.5 based web hosting accounts.
When will you be sunsetting these scripts?
We are planning to start disabling Joomla! 1.0 and Joomla! 1.5 scripts in January 2015. So you still have plenty of time to make arrangements to move on to a supported version of Joomla! Because Joomla! 2.5 will technically be reaching it’s end of life at the end of 2014, we recommend moving straight to Joomla! 3.3.
The January 2015 deadline is not set in stone at this point, but that is what we are aiming for. It definitely won’t be before January 2015. But this may get pushed back depending on how this plays out.
How do I upgrade to a supported version of Joomla!?
That’s a very tricky question, one that unfortunately we cannot solve. The upgrade path from Joomla! 1.0 or Joomla! 1.5 to any supported version of Joomla! is quite daunting. That is why we have given such a wide timeframe to allow you to perform this “upgrade”. There is no de-facto standard way for “upgrading” a Joomla! 1.0 or Joomla! 1.5 to a supported Joomla! version. Every web hosting account is going to be different, depending on how you have Joomla! set up.
Because Joomla! 1.0 and Joomla! 1.5 are so old, they don’t take advantage of a lot of modern upgrade methods, that is why this process is so difficult. Basically you have to install a new version of a supported Joomla! and then migrate your data from your old Joomla! system into the new system. Any plugins or components that you had on your old Joomla! system would have to be reinstalled with an updated version, for the new Joomla! system.
For migrating from Joomla! 1.5 to Joomla! 3, you might find this link to be useful:
http://docs.joomla.org/How_do_I_upgrade_from_Joomla!_1.5_to_3.x
But your best resource is probably going to be the Joomla! support forums:
If you don’t know what to do, I would suggest starting with the forums and asking the community there for help.
My website works fine, why are you forcing me to upgrade?
Unfortunately we are just seeing too many web hosting accounts that are becoming hacked, exploited, and used for abusive purposes. In order to try and get ahead of this, we have to be proactive and try to stop these hackings before they start. Your website may be working fine, but a lot of times, malicious users have taken advantage of your account and left behind little scripts on your account that perform abusive actions. These scripts may be completely oblivious to you, the website owner, but behind the scenes they are using your account to send out spam or initiate DDOS attacks, and all of these can be tied to a security hole in your account that gave these malicious users access and privileges to perform these actions.
But my Joomla! 1.x website is completely secure.
The other issue with Joomla! 1.x scripts is that the components, themes, plugins, and addons are also old and outdated. If you have a component installed on your Joomla! site and it is outdated and prone to security exploits, then this can allow your web hosting account to become hacked. There are no longer any updates to any Joomla! 1.x components or themes, and sadly a lot of those were poorly written to begin with, so you may be a ticking time bomb waiting to explode in terms of being hacked or exploited.
I am using Joomla! 2.5.x on my account, will I be affected by this?
No. We are not going to be disabling any Joomla! 2.5 accounts – not yet anyway. Although, we do encourage you to consider upgrading to Joomla! 3 before Joomla! 2.5 reaches end of life. Eventually, perhaps January 2016, we will probably do the same thing with Joomla! 2.5 scripts as we are doing with Joomla! 1.0 and Joomla! 1.5 scripts. But for January 2015, Joomla! 2.5 based web hosting accounts are exempt from this sunsetting.
What is the exact date that you will be sunsetting these Joomla! accounts?
We don’t have an exact date for this and likely never will, but we are planning for this to happen sometime in January 2015, more than likely towards the middle of January 2015. But it is in your best interest to not wait around, upgrade your Joomla! script as soon as you can so you don’t have to worry about this and so that you do not have to worry about your web hosting account being exploited.
Steven