In today's fast-paced digital world, security threats are ever-present and constantly evolving. At Covington Creations, LLC, we remain vigilant and informed about the latest vulnerabilities and potential threats to ensure our clients' safety and peace of mind.
Starting in January 2017, any website with a "login" form visible (e.g. Client Logins, Shopping Carts, etc) will show an "insecure" message in the browser's address bar if the site does not have an SSL certificate properly installed and configured.
Particularly for my clients that are security-minded, it's important to consider how to proceed with this information. Some of my clients already have SSL certificates running on their sites, even ones that don't process credit cards. For clients who already process credit cards, their sites already have the necessary SSL encryption certificate (https), so this is a non-issue.
I noticed that after installing the Joomla 3.6.4 security patch, the background color of the /administrator control panel login screen changed. It seems that with today's release of Joomla 3.6.4, and ease of which the exploit can be executed, it's really bad timing to make it so easy for hackers to see whether or not a site has been patched. This latest Joomla exploit allows for a person to do two things:
I just encountered an issue after upgrading a client's site to Joomla 3.6.4. I was presented with the following error message on both the front end and back end of the site:
Error displaying the error page: Illegal mix of collations (utf8_unicode_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation '=' SQL=SELECT id, home, template, s.params FROM #__template_styles as s LEFT JOIN #__extensions as e ON e.element=s.template AND e.type='template' AND e.client_id=s.client_id WHERE s.client_id = 0 AND e.enabled = 1: Illegal mix of collations (utf8_unicode_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation '=' SQL=SELECT id, home, template, s.params FROM #__template_styles as s LEFT JOIN #__extensions as e ON e.element=s.template AND e.type='template' AND e.client_id=s.client_id WHERE s.client_id = 0 AND e.enabled = 1
Background:
In order to allow for safer electronic communication, I've finally set up my own PGP encryption for sending email.
Don't ask for your privacy. Take it back.
"Mass surveillance is illegitimate. I'm taking steps to take my freedoms back and I expect governments and corporations to follow in my footsteps and take steps to stop all mass government surveillance."
Below is my PGP Key...
Monday - Friday 9-5 ET
570.508.6881
Wordpress, Drupal, Joomla
New custom websites
Bespoke themes and extensions
Redesigns, upgrades, migrations
Let us optimize and manage your overall online presence. We offer full service monthly SEO as well as one-time projects.
White glove monthly backups, security updates, maintenance and testing for your Wordpress, Drupal, or Joomla site.
Bring your web & marketing performance to the next level: monthly blog post roundup via email.