Since the beginning of our small hacking competition, the http://hackme.compojoom.com page got around 200 comments all trying to inject malicious code and eventually win some cash and one of the 5 salvusalerting subscriptions that we are offering. Unfortunately 6 of the comments made what they intended - they managed to exploit several XSS holes and found a LFI vulnerability. Those problems were all found from Jeff Channell and right now here is going to get 200€ and 1 salvus subscription :).
The ideaLast week I had a client that had his site hacked. The usual story – outdated Joomla version and outdated extensions… The work that I invested on that website fixing the damage that the cracker did was tough. It made me realize that I prefer to prevent possible cracker attacks, than to spend hours repairing the broken pieces left.
Security is importantAt Compojoom we invest a lot of time writing secure software, but we also are well aware of the fact that we don’t know everything. We want to make sure that CompojoomComment is as secure as possible, that is why we are starting this small hacking competition. pus
We were working for a customer that has a highly visited website (50 000+ users/day). As you can imagine the joomla cache is your friend in such situations. However if you are using a template that generates a different view for users coming from a mobile device, then your worst dream may come true :). We were faced with a situation where a desktop user gets the mobile version of the page and the mobile user gets the desktop version. Why does this happen?
Have you ever heard of Hotspots? It's an awesome google maps marker manager for Joomla. This extension was developed by Yves Hoppe from lunajoom.de . Unfortunately as it happens with a lot of extensions out there the developer doesn't have to time to develop and support the extension.
There it is! The new stable version of compojoomComment.
I know that some of you are waiting impatiently for it. Why? Well, because it doesn't only bring the option to use jomSocial's avatars, but also jomSocial's User Point and Activity stream. Did I say, that with this version you are now going to be able to use compojoomComment as a wall application in your profile?