Many of our websites utilize open source applications such as Drupal, Joomla, OS Commerce, or WordPress. These applications enable a more fully functional site, but if they are not maintained, they can introduce risks to the site. Most of the time, these risks can be avoided by ensuring that the version of the application that you are running is up-to-date and that your account is secured by a strong password.
Know Your Version
The benefit of using open source applications is that these apps benefit from many users utilizing the code in different ways and providing input that makes the code more versatile for users around the world. However, that same broad use means open source code is a popular target for hackers looking for an efficient way to compromise large numbers of sites. As these vulnerabilities are found, they are addressed with new versions of the code that includes security patches as well as enhancements. This is why it is critical to ensure that the version you are running is up-to-date. Otherwise, your site may be vulnerable.
Finding the version of your open source application is easy. If you have access to your control panel, log in to check the version of your application. If you need assistance in locating the current version, please refer to our Support Center article: How to Log Into Common Open Source Applications and Check Their Versions. If you did not build your site and are unfamiliar with logging in to the administration section of your open source application, reach out to the person who did, and they will be able to confirm what version you are running. To keep up-to-date on the latest version, check the sites of each of the application providers and follow their advice on what the latest version you should have installed. Upgrading is not necessarily difficult, but if you are many generations behind the most recent version, there is the possibility that you may see changes to your site that require fixes (e.g., broken images, alignment issues, etc.). Often it is helpful to have someone on hand who is able to fix your site in the event of a break. Should you need assistance with any of the recommended upgrades or with fixing your site after upgrading, it is recommended that you contact your Web developer.
Make Sure Your Password Is Secure
Occasionally, you will see news articles about “brute force attacks” aimed at Open Source platforms. These are attacks that are not aimed at a particular site or individual but rather at the platform as a whole, but you can defend against these attacks by ensuring that your password is strong. For more about the value of a strong password and steps that you can take to change your password on these platforms, please review A Strong Password Is Your Best Defense.
If you are using open source applications, stay alert. These tools are great for use on websites of all kinds, but they need to be maintained to ensure your site performance and security.Google+