Local Search Marketing

Website Design & Build

E-commerce

Web Hosting


Starfish Websites

We specialise in website design & build and Local Search Marketing for businesses in the property and construction industries.

Blog

News from the beach hut
Joomla 4.2.8

The Joomla! Security Strike Team (JSST) have just made this announcement and we've updated our client's websites accordingly.

Joomla! 4.2.8 is now available. This is a security release for the 4.x series of Joomla! which addresses a critical security vulnerability in the web services API. We strongly recommend that you update your sites immediately.

I cannot remember the last time there was a High Severity, Critical Impact update required for Joomla, which just goes to show what a reliable and secure content management system it is, trusted by over 1 million organisations around the world and more than 35,000 in the UK.

This is due to a highly committed and well-organised team of security experts dealing with these security issues and rapidly releasing fixes.

Due to the severity of this security issue, it is essential you update your Joomla 4.x site without delay as we have just done for our clients.

The JSST have also strongly advised the following:

After the release, we strongly advise you to renew the passwords for all credentials that are stored in the global site configuration, namely:

database
SMTP
Redis
HTTP proxy

So here are my tips on how to change the database user password without potentially breaking your website:

  1. Using an FTP client (FileZilla is great), download a copy of configuration.php and edit it, changing the value of public $password = 'xxxxxxxxxxxxxxxxx'; to a new password and save this file.
  2. Rename it configuration-edit.php and upload back to the server.
  3. Edit the database user password in cPanel->MySQL® Databases page.
  4. Now using your FTP client, delete the configuration.php file on the server and rename configuration-edit.php to configuration.php.
  5. Very important - Change the file permissions of configuration.php now to 444.
  6. Check the website still works!

We maintain numerous Joomla websites for our clients, ensuring they are always secure and performing well.

If you need any help with maintaining your Joomla website or want a quote to upgrade it to Joomla 4, please contact us below.

Contact us to discuss your project

You can be the next to join our happy clients
Call
+44 (0)7968 063027

Office Hours: Mon-Fri 9:00am - 5:30pm

Based in Brighton & Hove, East Sussex, United Kingdom

Serving all local, national and international SMEs