Recently there has been a large increase in security issues with Joomla 1.5. Joomla 1.5 was first released in January 22nd 2008 which ended in its development in Joomla! 1.5.26 in March 27th 2012. Joomla documentation states, "Joomla! 2.5 is the current LTS (Long Term Support) version. The previous LTS version, Joomla 1.5, is still widely used and will be supported with security fixes only until September 2012." (Click here for more information)

IMPORTANT!! If you are running Joomla 1.5 you will need to upgrade. You will also need to completely remove and delete any components that are not being used anymore. For example, the "dvmessages" plugin. The "dvmessages" plugin is not compatible with anything past 1.X; So, when you upgrade from 1.5 to 2.5, the files are just left in place, and your site can still get hacked causing outbound DDOS Attack.

Critical vulnerabilities for Joomla 1.5 extensions

Joomla has a list of vulnerabilities affecting extensions that are specific to Joomla 1.5. This list is no longer going to be supported in security fixes and developers for these extensions are no longer making patches. Below is a link to the docs.joomla.org that contains a list of all the known extensions with security exploits.

Vulnerable Extensions List

Tips for Securing Joomla! 1.5

There are several tips to keep in mind when you are securing your Joomla 1.5 website.

Along with reading this article, I recommend checking the Official Joomla 1.5 Security Forum for important information. Also check the Official Security and Performance FAQ.

  • Check the Joomla Security Checklist, to make sure you are adhering to their recommendations.
  • Perform regular backups of your Joomla 1.5 website, and store them on your local computer or external hard drive, so if an issue occurs your site can be recovered/restored.
  • Before using a Joomla Extension, check the list of Vulnerable extensions to ensure it is safe.

Joomla Security news and forums

Joomla does have a security Forum and News page where you can get tips and the latest news for securing your Joomla website. Even though Joomla 1.5 is still not supported, you may be able to get some forum discussions with information on fixes or Joomla may have news announcement with critical information that may help. Below are the Joomla Forum and News site links.

The Joomla Security Forum

Joomla Developer Network - Security News

Options to upgrade Joomla 1.5

With the various security risks in running Joomla 1.5, it is highly recommended that you upgrade your Joomla version. The upgrade process is much more a migration than a simple upgrade due to major changes in the core code. Below are links to help you with migrating your site from 1.5 to 2.5. It is not recommended to upgrade to 3.0 at this time due to slight instability in the 3.0 release.

Creating a backup for Joomla 1.5

As with any program, you should always create a backup of the site before performing any migration or upgrade. You can use the standard backup tools found in the cPanel or use a third party program such as xCloner.

Backing up your site files in cPanel

Backing up your database in the cPanel

xClonder backup tool

Migrating your Joomla 1.5

Once you have the backups generated, you are ready to begin your backup. Below are links to the official Joomla 1.5 - 2.5 migration documentation as well as a link to the jUpgrader extension that many use for migrating their site.

Official Joomla documentation

jUpgrade Pro extension

Additional help with Joomla 1.5 migration

There are videos on YouTube that also help guide you through a 1.5 - 2.5 migration.

How to migrate Joomla 1.5 to Joomla 2.5 - [Part 1]

How to migrate Joomla 1.5 to Joomla 2.5 - [Part 2]

Did you find this article helpful?

We value your feedback!

Why was this article not helpful? (Check all that apply)
The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
How did you find this article?
Please tell us how we can improve this article:
Email Address
Name

new! - Enter your name and email address above and we will post your feedback in the comments on this page!

Like this Article?

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Joomla Community Google+ Hangout #3

June 3rd, 2014

Thank you @RustyJoomla for letting me speak on the Joomla Community Google+ Hangout!

Click here to watch!

2013-03-29 2:52 am
That’s because there are hackers who are aiming at your joomla website to hack and use your server to make their fortune. Not sure that many of the website owners realize that they are running their website in Joomla 1.5. 100’s of people are upgrading to Joomla 2.5 or 3 every single day.
2013-11-25 6:57 am
I agree that migration to the newest version is the necessary thing. Each new version includes many useful upgrade to improve functionality of the site and protect from hackers. As for me, the easiest way to upgrade Joomla is to move data from the current site to the fresh installation. I'd suggest to use migration service called CMS2CMS http://www.cms2cms.com/supported-cms/joomla-update/ It's quite simple to use and works quickly. I used it and was really satisfied by the quality.
n/a Points
2014-03-24 1:01 am

This is wonderful article. It helps me a lot.

Post a Comment

Name:
Email Address:
Phone Number:
Comment:
Submit

Please note: Your name and comment will be displayed, but we will not show your email address.

3 Questions & Comments

Post a comment

Back to first comment | top

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!