Text Size

Supporting Joomla 1.5 When Your Host Moves to PHP 5.4

Secure old door

PHP 5.3 has passed its End of Life support period. This means that there will be no more updates to the 5.3 series, even if serious security flaws are found. That's a signal that any minimally competent hosting company should move at least to PHP 5.4, or even 5.5. Hosts have been warning that the days of 5.3 were numbered, and now a lot of people running Joomla 1.5 have been told to upgrade or find another host. The problem is that Joomla 1.5 under PHP 5.4 is a mess. The core code throws hundred of warning messages for every page, and the occasional serious error. Extensions are even worse. If you're lucky, your Joomla 1.5 site is barely recognizable, if you're unlucky, all you get is a white screen (fondly known as the White Page of Death because a PHP Fatal Error has occurred and stopped page processing).

So what do you do? The right thing to do is upgrade Joomla, build a new site, update the look, get your site mobile friendly, and take advantage of the huge number of major features that have been added to Joomla since 1.5. A lot has changed since 2007, and Joomla has done a pretty good job of keeping pace. Its easy to say upgrade but its not so easy to do. First off, the migration path from 1.5 is not the easiest. Then there's the issue of budget. Not many small businesses have allocated funds for a website redevelopment, and few have the time to take a good look at how they want to update their site and refresh their image.

Meanwhile your host is about to force an upgrade and your site is going to break. What do you do? Find a host that understands. With the right security defenses, a host can isolate your site from others on the same server, let you run an older version of PHP, which means you can still run 1.5. With good backups, a host can provide insurance against having your site hacked -- and let there be no question about it, both Joomla 1.5 and PHP 5.3 have security vulnerabilities. The best defenses available merely minimize the risk, but there's no way to reduce it to zero. Over at Abivia we've gone to great lengths to help keep our older customer's sites working for them, but if you are still running Joomla 1.5, its time to start planning for an upgrade. Its an investment that will pay off over time.

Image used under a CC license. Credit: Pero Kvrzica.

When Should You Upgrade Your Joomla 1.5 Site

Rails: end of the line

According to W3Techs, as of the beginning of July 2013, 63% of all Joomla sites are running version 1.x. Of these, some 92% are running version 1.5. That works out to a rather large 58% of all Joomla sites running 1.5! The other 5% are mostly version 1.6 and 1.7. [Aside: if your site is one of those 5% please just upgrade now. It's not going to be that painful and you are a sitting duck for hackers. By "now" I mean stop reading this and go upgrade. Seriously.]

So why is the number so high? There are usually a long list of factors, and most of them are valid. Here are the ones I hear regularly:

Read more: When Should You Upgrade Your Joomla 1.5 Site

Optimizing Web Crawlers for Shared Hosts

Spider image copyright Gio Diaz. Used under a CC-SA license.

Recently I've seen some of our shared servers getting bogged down when web crawlers start processing some large sites. What these sites have in common is that they have sections that need longer database queries to compose a page. For example, one of these sites has a large database for a directory.

From the hosting perspective, a slow shared server is a distressing prospect. It's fine if one site with inefficient queries takes longer to load, but it's not fine when that load affects other sites on the same server. It's pretty common for hosting companies (at least those few who monitor this sort of thing) to react by booting the problematic site, usually recommending a dedicated or virtual server in the process. But this can be impractical or grossly unfair. Why should a web site that has accumulated a large database of information but that has low overall traffic be forced into a much more expensive hosting plan just because of the way web crawlers work?

Read more: Optimizing Web Crawlers for Shared Hosts

Joomla Security: Beware the Forgotten Installation

A sphere within a sphere; installations within installations

It's common practice for developers to put test or new development sites in a subdomain. Most hosting control panels, notably cPanel, default the root directory of the subdomain to a subdirectory of the main site, so if I was going to create a "test" subdomain, cPanel will suggest "/home/youracct/public_html/test" as the root directory (youracct is the name of your hosting account). The problem is that these test installations are soon forgotten and can become a major security risk.

Let's say your client — let's call them client.com — finally has the budget to get off the old Joomla 1.5 site you built years ago. You create a subdomain to hold that shiny new web site. Maybe you call it "new.client.com", or being a leading edge kind of person maybe it's "joomla31.client.com" (Joomla 3.1 will be here very shortly). If you use the default directory and don't password protect it, anyone can see the new site by accessing the subdirectory. Entering client.com/joomla31/ exposes the new site to the world. If you used "new" it's an easy guess. There's a also good chance that backups of your main site are also now a lot bigger (you are backing up the site, right?) because they include also include the new version.

You work away on your spanking new Joomla 3.1.0 site and a few weeks later it's ready for launch. If you have the site in a subdirectory, you make a backup there and restore the new site in the web root. Over time you update the new site, applying security updates, fixing a vulnerable extension... everything is running smoothly. Then months later despite thinking you've done everything right, the site is hacked! What happened?

Read more: Joomla Security: Beware the Forgotten Installation

An Argument for Complex User Interfaces

Credit: Flickr user SWF Photography

User Experience (UX) design is an important aspect of almost every software application. Most users benefit from having a simple, easy to understand interface that offers intuitive choices to achieve their goals. Advocates of the simple approach point to surveys that measure how users respond to the design of an application, where simpler interfaces almost always garner a better rating.

The challenge is that not all applications can be reduced to a simple model. The current trend in UX design is to break a complex task down into a set of smaller, simpler interfaces, and then give the user a method of selecting or stepping through each of these interfaces. In some cases where a lot of this input is required, the user is guided through a sequence of simple steps to achieve a complex goal. This doesn't work. It's the opposite of the one-step checkout process that works so well for commerce sites, and we need a better solution.

Read more: An Argument for Complex User Interfaces