The Joomla! Community Portal ™

Featured Articles
Joomla Accepted into Google Summer of Code 2014
Written by Chad Windnagle   
Monday, 24 February 2014 19:38

Hello Joomla! Friends:

I’m very excited and pleased to announce to you that the Joomla! Project has been accepted for Google Summer of Code 2014 this year. This makes the third consecutive year that we have participated in GSoC since 2012 and brings our total participation count up to a total of 8 years working with Google and their Open Source offices.

A great deal of effort and preparation has already gone into this year and I would really like to thank all the volunteers for their efforts. Special thanks to this year’s admin team which is being headed up by Robert Vining and myself. We will be continuing to announce details and working towards this summer as we finalize project ideas, get our mentors prepped and ready and start the next phase of the program. The next phase will consist of evaluating the student proposals and finalizing which projects will actually be accepted as Joomla! projects. I hope to continue to share positive progress with the community throughout the summer.

-Chad Windnagle and the entire, talented, wonderful Joomla! GSoC Team!

Unintentional Honey Trap - Checking Logs
Written by Mandville   
Sunday, 13 May 2012 17:59

While checking my site logs, as should be standard practice for everyone, I discovered an unintentional honeytrap.

Q. What is the point of trying to hack an rss feed and is it possible?

To show how bad some of these hack attempts are a quick view over the logs of your site  should highlight some of the basic hacking attempts on vulnerable extensions.

This site has a feed to content using the great feedgator tool that will take the VEL list and insert it into a content item/article/post. Obviously this eventually turns up into a search engine somewhere.

Joomla! Day Chicago - Rehab for Joomla! - The Event of a Lifetime
Written by Gary Jay Brooks   
Tuesday, 26 July 2011 20:22

My name is Gary Brooks and I am an addict... to Joomla!

This is the story of how I met Joomla! and why I cannot break the addiction.  I was introduced to Joomla! a long ago by a close friend of mine, Irfan Moosani.  Irfan said that it was the "best stuff".  I had tried other "good stuff" before like the WordPress, and it was pretty darn good, but I had never tried Joomla!.  I wanted to try new things but I didn't want to try too much.  Next thing I knew I was using Joomla! every day and night.  I was hooked!  Now, my addiction has spread from myself to my team, my family and even my friends now love Joomla!.   
After a while of using the Enterprise CMS I could not take anymore of that fancy GUI and guessing; I had to look to get help with Joomla!  I found many resources to help me learn my new found addiction.  I quickly learned that there were many others like me, addicted to Joomla! In fact, there was a whole community of people addicted to Joomla!. 
joomla day chicago
Are you ready to join our community of addicted Joomla! users?  Then come see us at Joomla! Day Chicago for the web developers’ event of the summer.  Some of the greatest minds of this community will be in Chicago on August 5th and 6th, including some of the original people who created Joomla! and who are still leaders of our community.  You’ll also get to mingle with some board members from Open Source Matters. 
If you have not been to a Joomla! event before, let me tell you: they are amazing.  You feel this power and feeling that you’ve never felt before.  You walk around, talk to people, attend powerful sessions on topics that will make you big money, learn about open source, make deals, show off your code, smile about funny things.  Many times you will see crazy people doing crazy things like throwing frisbees or balls at your head or ending up in the wrong hotel room. 
I find Joomla! Day events to be a meeting of the minds.  What I really love is to see the minds after a few drinks at the pub. :-)  Everyone is always invited to hang out together after the events.  Joomla! Day Chicago is not for the faint at heart.  Seats are limited.  We are going to be hanging out at the Chicago Microsoft offices.  Who would not want to hang out in a “Skype Scraper” for 2 days? (Skype was a joke :)  
If you’re thinking about joining the Joomla! Community, you should attend one of these Joomla! Day events.  We are a very friendly and welcoming people who care about your business and helping each other succeed.
A lot of work has gone into organizing an outstanding cast of over 22 of the most knowledgeable Joomla! experts in the world who will be presenting real world topics that will improve your knowledge and efficiencies. 
As if you didn’t already have enough reasons to attend the Joomla! Day Chicago event, this event also coincides with Lollapalooza, the largest music event in the Midwest.  The music festival is held directly across the street from the Joomla! Day venue.

Iphone App

Last announcement: Joomla! Day Chicago is also the first Joomla! Day event to be sharing an awesome iPhone app dedicated to our event.  The app was donated by one of the sponsors at  We are thankful for their contribution and beautiful tool they have designed for the attendees of this conference.  

Download it today: 


Register now!

If you haven’t signed up for this exciting event yet, please visit for more information. 

Twitter, Facebook, and - Get Social 

#jdaychicago at the event and @jdaychicago
Gary Jay Brooks  - Joomla
Joomla! Community Volunteer

Joomla! Community Volunteer

@Philip DeKoker
Joomla! Community Volunteer


Are JUGs worth it?
Written by Mandville   
Tuesday, 01 February 2011 00:18


Several Joomla User Groups (JUG) have reports of around a hundred people attending, joomladays might have 3-400 people attend. So why in some cases do JUGs only have 4 or 5 attend their meetings and 100 at a national event?

How do you make a JUG successful, is it food? beer? or dancing penguins and a late night disco?

Several JUGs have on an average membership of 40 people, but few ever turn up. Here is an example of trying to get one JUG off the ground. (this is not a JUG I have attended!)

priority vs speed. decent docs & cut and paste
Labels: claire mandville

Written by Mandville   
Friday, 04 June 2010 22:18

I was recently asked via twitter

@mandville how do u cope with the volume @ joomla forums?

My response was priority vs speed. decent docs and cut and paste helps! But let me explain that a bit more.

My first trip into the forums is usually the areas I moderate, mainly the Security (both 1.5 & 1.0) and Showcase. After sifting the reports, I look into the new posts checking for anything breaking the forum rules/community guidelines eg: signatures, self promotion or the latest host-any-file links. Obviously there will be somewhere a hacker kudos  or "contains sensitive info" post that will need to be edited out.

Vulnerability list update.
Written by Mandville   
Tuesday, 10 November 2009 19:24

The new vulnerable extensions list has been released into the wild today. Based at the

The announcement has been made in both the extensions forum and the documentation forum for maximum exposure.

Why has this list been produced?

We find that most users "install and forget" They may upgrade the latest Joomla! version, but dont always update the extensions.

This has replaced the old, seldom updated list that has now been archived.
Reports of vulnerable extensions can be reported to the JED or posted in a security topic clearly showing a vulnerable extension report.

How to use this list

  • All known extensions are the listed in the first column.
  • "Alert Advisory" details in the centre column (the date is in American format mm/dd/yyyy).
  • The link to the advisory notice.
  • Finally a link to the notice about any update or Not Known where none is known.

Any developer who has cleared the vulnerability or discontinued the extension should let us know so that we can mark it on the list. Preferably in the extensions forum topic.

Users, after checking the version of the extension they have installed, please check with the extension publisher in case of any questions over the security of their product if no update link is provided.

This list is compiled from found information and may not be an up to date accurate list. following feedback from people, items will be removed after a suitable period and not on resolution of the vulnerability as some people may still be using old extensions years beyond their shelf life.

Remember, just because its fixed, doesnt mean its not out there or we know about it!


Thank you.


Page 1 of 4