I have seen an increase in the number of exploited Joomla! scripts on our servers. This exploit may be through an extension, component, or addon for Joomla! but I am seeing a lot of outdated Joomla! scripts on our servers.

I am going to be going through our servers in the next few days and look for outdated Joomla! scripts. You may receive an e-mail notice with this information.

It is important that you have your contact information up-to-date so that you can receive this notice and any other notice. To insure that your contact information is up-to-date with us, use the Update your Contact Information link at:

http://www.amshelp.com

If you know for certain that you have Joomla! installed on your account, now might be a good time to make sure that it is being kept up-to-date. If you have any extensions, components, or addons for your Joomla! script make sure they are being kept up-to-date as well.

For information on how to update your Joomla! script see:

Upgrading a Joomla! installation

Attention Fantastico Users: If you installed Joomla! through Fantastico, you can upgrade your Joomla! script through the Fantastico interface in your cPanel.

The latest version of Joomla! is version 1.5.15. I am seeing a lot of Joomla! installations based on the Joomla! 1.0.x tree. Please understand that the Joomla! community is no longer supporting Joomla! 1.0.x. You can read more about this from their blog post.

Fantastico is still distributing the Joomla! 1.0.x tree. We are going to look into disabling this because Joomla! 1.0.x does not need to be used. If you are installing Joomla! please install from the 1.5.x tree. Currently there is not an upgrade mechanism in Fantastico for updating a Joomla! 1.0.x install to the Joomla! 1.5.x tree. If you are using Joomla! 1.0.x then you need to upgrade to Joomla! 1.5.15, the Joomla! community has some instructions here.

If you have questions regarding Joomla! and how to upgrade your install, I would highly recommend that you visit their forums:

http://forum.joomla.org

because they will have a much, much better understanding of their software than we will.

It may become necessary to disable Joomla! scripts if they are not updated. If you do not have your contact information up-to-date or if you ignore our notices to update your Joomla! script, then we may have no choice but to disable the scripts. A vulnerable Joomla! script affects the entire server and we must consider the security of the overall server.

For updated posts concerning this, click here.

Steven

Some of you may have noticed the changes being brought about in cPanel 11.25. We have not yet updated all of our servers to cPanel 11.25, but are in the process of rolling this update out to all of our servers.

Some changes are being made as a result of this upgrade. These are detailed below.

New cPanel/Webmail Login
The login system for accessing your account has changed. For more information see the link below
New cPanel Login System

User Backup System
We have redesigned the user backup system so that you can create a backup of your account and keep it in a safe place. For more information see the link below
User Backup System

Secure FTP over TLS
Our servers now support secure FTP sessions for securely transferring your files. This replaces our SFTP system. For more information see:
FTP over Explicit TLS

These are just some of the changes that are coming about with the cPanel 11.25 update.

Steven

We hope to begin rolling out new cPanel updates on our servers this week. We have been running a new version of cPanel on some of our test environments for the past week and have not noticed any problems. The next step is to roll this out to all of our servers.

This new cPanel release will bring about some new features and changes. We will detail these in a later post.

Steven

Lately we have received a few messages from concerned users about the FTP Notification messages (mentioned in this post) and about the messages coming into the mail Inbox. First, let me state that the messages are for your information. In the past week or so we have had about 10 issues raised where users experienced hacking or malicious code being placed on their website, and these were all traced back to unauthorized FTP access. I cannot stress enough that had the users received these FTP notification messages, then some of these issues may have been avoided.

The purpose of the FTP notification messages are to let you know when someone access your account through FTP. Since the system cannot know what is legitimate and what is not legitimate, notices are always sent (once per hour, per IP, per FTP username). Reviewing these messages can greatly help you identify when your FTP information has been compromised. When you receive one of these notices and you know for a fact that you have not accessed your account via FTP, then this should set of alarms to you that something may be going on with your account.

With all of that being said, if you feel that the messages are cluttering up your Inbox, I recommend that you set up an e-mail filter or rule to deliver those messages into a separate folder in your e-mail program. Then review that folder and those messages on a regular basis. For information on how to set up an e-mail rule using Window’s new Windows Mail program see:

Organize e-mail using rules and folders

For example, you could set up a filter such that if the Subject line contains FTP Connection Alert – then move that message into a new folder named FTP Connections.

Setting up the filter is not really recommended because we feel it is best to be informed as soon as possible when there is a potential unauthorized FTP login. Setting up a filter may cause you to not recognize the login as soon as you would if it were delivered to your main Inbox. Still receiving the messages and filtering them out at least gives you a log of the incidents.

You can also find information for setting up filters for Outlook, Outlook Express, and Thunderbird.

Steven

Version 2.8.6 of WordPress has been released. The release notes are linked below:

WordPress 2.8.6 Security Release

While this release does not appear to be a critical update, it is still recommended that all users update, just so there is no chance for possible exploitation. Users who have multi-author blogs are most affected by this.

Fantastico has not yet released an update with this. We will post again when Fantastico has updated.

Steven