Well... another day in the Stupid Section' (Security) of the forum. The cycle still continues though, and it's been a few weeks since I blogged about it, so it's that time again.
First off, WHY oh WHY do people not read the stickies and the forum note in this section? If they did, they would start off with this post and then follow this link to the Security Checklist. Are these links not clear enough? Do people these days, in the modern world, lack the ability to use the big box up the top right - SEARCH?
My personal favorite (insert other word of your choosing) post for today is this one. These people *think* that a feature of Joomla! is an admin password expiry. Instead of bothering to consider that such a feature makes no sense at all, and perhaps entertain the fact that their site and/or host may well have been compromised they claim that we (Support) are hiding something from them.
Anyway... that subject for another day, the one that we, the Joomla! Community should (obligated, must, have to, help me now) be providing free support to people.
Seriously though, have you seen how extensive and well written the Security Checklist is? Is it too hard to find? Perhaps we should close the entire security forum, as these days 99% of the posts come back to 2 things (the same two I have blogged about many times):
1. Users keeping their sites updated/patched and
2. Secure Hosting setup (php5, suphp, among other things).
Are we not doing enough to educate people? Or are the webhosts to blame such as the one spoken of here. Surely it is not too much to expect that users will at least *try* to help themselves before they blame the Joomla! Community? Surely peoples hosting providers have a part to play also in placing the blame in the correct place (usually with the user or the provider) and if need be, learning from it?
Maybe I live in a different world.. or maybe we should just lock all threads in that forum from now on? People don't read the stickies or the notes up the top, what good is it?
Proof there is a problem:
- How to make joomla very secure ?
- User login error linked to security update for 1.5.7
- Hacked By X
- Hacked - Please be merciful
.. actually.. just read the entire forum. I can't find a single thread on the first page that is not down to one of the 2 issues I posted above. I can't find a single thread there either where the user would not have benefitted from using ultra-hidden-blend-into-the-rest-of-the-forum search box.
Now it's time I go and find a drink to calm myself down.
Previous posts of mine:
- Hosting Companies with Joomla Users: Listen up!
- Joomla! Security, do you take it seriously like we do?
- Hosting providers - Isn't it time?