Joomla. Is it secure?

In the past, opponents to open source technology would state a lack of security as the first reason not to use it. The source code is freely available to every hacker on the planet to analyse, strip apart and find security holes. This is true but it's a good thing.

Is it secure? You bet it is

In the past, opponents to open source technology would state a lack of security as the first reason not to use it. The source code is freely available to every hacker on the planet to analyse, strip apart and find security holes. This is true but it's a good thing.

Every now and then, potential security holes are found in Joomla. Usually, within 24 hours or so, the relevant Joomla working group will release a patch to the community.  No commercial, closed source application could ever come close to the amount of real world testing and scrutiny that Joomla does. Nor can they match it's support.

It's not just Joomla. Open source technology is improving at such a rate that the vast majority of the web is running on open source applications. Apache is the server software, MySQL runs the databases, Linux provides the operating system and PHP is the core server side code. And on the desktop Mozilla Firefox is overtaking Microsoft's Internet Explorer with an increased share ever year.

While we are talking about Microsoft... Microsoft have been trying to rule the web for years but have been plagued by security issues and bugs that has left them in the dust of open source applications and companies like Google who freely share a lot of their code and applications.

In this blog post by Bill Vass from Sun Microsystems Bill states

"...when Sun open sourced Solaris - Solaris previously had the highest rating in security that the government offers in enterprise operating systems and still does today. Plus it is certified by the federal government, reviewed by all the best experts in Sun (there are a lot of smart of people at Sun) the intelligence agencies and lot of other smart people out there in the community. When we released the code, within one month we had 28 new vulnerabilities identified by the 160,000 people that are in the Solaris community, and we were able to fix them before some one used them to do something bad."

Bill's post then goes on to show actual statistical data on the security of various open and closed source applications.

john-pitchers-avatar smAbout John Pitchers

John Pitchers is co-founder and lead developer at Joomstore where his primary role is the design and development of Joomla websites. He is also the developer of the FocalPoint maps extension for Joomla. John has been building CMS based web sites since 2004, originally working with Mambo before it forked into Joomla. When not writing PHP, Javascript or CSS you'll find John carving up the hills around Baldivis on his longboard (long before Walter Mitty made it famous).

Find out more about John on his About.me page and . Follow John on Twitter.

These posts may interest you...

Leave a comment