Joomla 4.2.4 is now available. This is a security release for the 4.x series of Joomla which addresses 2 security vulnerabilities.
Security issues fixed
- [20221001] Low Severity - Critical Impact - Disclosure of critical information in debug mode (affecting Joomla! 4.0.0 - 4.2.3)
- [20221002] Low Severity - Low Impact - RXSS through reflection of user input in headings (affecting Joomla! 4.0.0 - 4.2.3)
As the main issue focuses on the site having its debug mode set to Yes, the quickest way to help your site while backing up and preparing for the update is to simply switch "Debug System" to No if it is switched currently on.
Debug is located in the Global Configuration area of your site under the System tab.
If you are running a publicly accessible Joomla 4.x site which had debug mode enabled for a significant timeframe, we strongly recommend checking the site for suspicious activity as the issue has been observed to be exploited in the wild by at least one actor.
At the point of pushing the changes, some of the bug fixes that were intended for the next planned release made their way into this release.
Visit GitHub for the full list of 4.2.4 fixes
Click here for full release information.
It's extremely important to keep your Joomla installation, and extensions up to date to minimise the risk of your site being compromised, you should also check that you are not using vulnerable extensions by visiting Joomla! Vulnerable Extensions List.
Many site owners are totally unaware of the status of their Joomla websites, databases, and hosting environments, the potential risks of being compromised, and the implications of private personal data held. Also many site owners are paying extortionate hosting fees for below standard services running on out of date and insecure hosting environments.
What Joomla Support Services do you provide?
Supporting, building, hosting, maintaining and optimising and all kinds of Joomla websites since 2005 we have gained vast experience. This combined with our Joomla Website Support System enables us to work very efficiently with any Joomla related project.
We have worked on several hundred Joomla websites ranging from sites with a few pages to sites with several hundred thousand pages including multi language sites. Taking on all kinds of Joomla related projects, including;
- Adding additional functionality.
- Adding content delivery networks.
- Adding E-Commerce along with shopping carts.
- Adding multiple anti-spam solutions.
- Adding payment gateways.
- Adding user management and subscription memberships.
- Building new Joomla websites.
- Customising Joomla extensions.
- Customising Joomla templates.
- Developing all kinds of forms including API integrations and auto field population using GeoIP services.
- Developing custom Joomla extensions.
- Developing custom Joomla templates.
- Implementing GDPR compliance.
- Implementing HTTP security headers.
- Joomla Extension Installation and configuration.
- Joomla Installation and configuration on your hosting.
- Joomla search engine marketing,
- Joomla search engine optimisation.
- Joomla site backup restoration on your hosting.
- Joomla version updates
- Joomla website speed optimisation.
- Making Joomla websites responsive and mobile friendly.
- Malware removal including file and database cleanup.
- Migrating existing websites to Joomla including WordPress and none CMS websites.
- Producing AMP versions of Joomla websites.
- Resolving security-related issues.
- SSL certificate installation.
along with support and training, and anything required to keep Joomla Websites fast, functional, secure, and stable.
Once you become a customer you get access to a Highly Experienced Joomla Developer and;
- Access to our secure private support helpdesk site where access credentials are kept along with tasks and changes which are documented in detail.
- Use of our ticketing system where bugs can be reported, questions asked, and additional features can be requested.
Do you take backups?
Yes, prior to making any changes to your Joomla website;
- We ensure you have an adequate backup system in place and take a backup of the site and database. Our preferred backup component is Akeeba Backup Professional for Joomla! (Commercial License $55), If your site doesn't already have it we will Install and configure it on your website.
- When a site has major issues or requires major extension upgrades, major Joomla version upgrades, template or template framework upgrades, major PHP version changes etc.. we clone the site and produce a test site to test changes prior to making changes to your live site. We are very experienced and understand which updates are safe and which updates cause problems. We prefer to put a test site on a sub domain to achieve some separation from a live site but this all depends on your hosting setup.
We have several VPS servers including a development Ubuntu/Plesk server with big storage attached where most Joomla sites we manage transfer an encrypted backup to each day. Apart from backup storage this is very useful to spin up a copy of a site for development, Joomla or PHP updates etc. This is useful if your host only allows one database for example and a test site is required for major updates, also on some occasions we have set up an older PHP version that most hosts don't allow so we can restore an old broken site for development.
Can you update our Joomla version and extensions?
Yes, for Joomla version updates order our hourly Joomla Specialist Support and Maintenance service, press the add to cart button, select a minimum of one hour and submit a ticket on our helpdesk.
Once you become a customer you get access to a Highly Experienced Joomla Developer and;
- Access to our secure private support helpdesk site where access credentials are kept along with tasks and changes which are documented in detail.
- Use of our ticketing system where bugs can be reported, questions asked, and additional features can be requested.
Once an order is placed for the first time and paid for we create you a user account on our secure private support helpdesk site where we will request information which you can provide securely, Your access credentials will be emailed to you as soon as your account is created.
Prepaid support it given high priority, with all of our hourly support time is charged in 10 minute increments and the week ends each Sunday at midnight UK time. All time is logged in your private area on our secure private support helpdesk and detailed invoices are issued weekly along with account statements.
What about major Joomla updates, rebuilds and redesigns?
If you are considering major updates and getting your site stable, fast, secure and to the Latest Joomla version see our Joomla Website and Hosting Audit service. Our full audit of the Joomla Website and Hosting including extensions, templates, overrides, SEO status, page delivery speed status, configuration and security.
Following the audit and testing you will receive a detailed report including the status of your site and your hosting along with detailed recommendations and options for updating your site including templates and extensions.
You can then address the issues yourself, use your existing developer or use our Joomla Specialist services to ensure that your site is stable and secure and your hosting is adequate and configured correctly.
Once you become a customer you get access to a Highly Experienced Joomla Developer and;
- Access to our secure private support helpdesk site where access credentials are kept along with tasks and changes which are documented in detail.
- Use of our ticketing system where bugs can be reported, questions asked, and additional features can be requested.
I have an Urgent Joomla website problem, can you help?
Yes, we have a Joomla Website and Hosting Diagnostics service for these situations. We analyse the Joomla website errors if web pages are broken or a site is down and create a detailed report with a list of recommendations for resolving issues on the site. If we have a solution that can be applied quickly even as a temporary fix we will fix the issue for you.
Based on the analysis you will be provided with a detailed report and a list of recommendations for resolving issues on the site. You can then address the issues yourself, use your existing developer or use our Joomla Specialist services.
Includes;
- Access to our secure private support helpdesk site where all analysis, testing, recommendations, and changes are documented in detail.
- Use of our ticketing system where bugs can be reported, questions asked, and additional features can be requested.
Once an order is placed for the first time and paid for we create you a user account on our secure private support helpdesk site where we will request information which you can provide securely, Your access credentials will be emailed to you as soon as your account is created.
Please note that even though we produce and maintain Joomla websites in multiple languages for multiple clients worldwide our native language is English.
Do you provide ongoing Joomla Support and Maintenance?
Yes we provide ongoing Joomla Support and Maintenance Services to keep your Joomla website and extensions up to date. Once a site is added to our support system we usually agree a maximum monthly spend which will never be exceeded without prior authorisation and the site is kept up to date on a regular basis.
Contact us to discuss ongoing Joomla Support and Maintenance Services.
Related Content
Let's celebrate! Today is an important day for the Joomla! Project. We're celebrating six months of hard work by our volunteers, who had the vision to...
The Joomla! Project is pleased to announce the release of Joomla 5.0.3 and 4.4.3. This is a security and bug fix release for the 5.x and 4.x series of...
We are proud to announce the release of Joomla 3.10.14. This version backports the security fix for CVE-2023-40626. This is a commercial security rele...
You can now order our remote Joomla Website Support Services online and pay in GB Pounds, Euros or US Dollars by credit/debit card or by bank transfer...
