Joomla! Web Security is a new book from Packt that provides a concise overview of all the parts needed to construct and implement strong security measures for their Joomla! website. Written by Tom Canavan, this book teaches developers to secure their website by setting up an SSL and implementing disaster recovery features and using real-world tools to protect against hacks on their website.

Joomla! is one of the most powerful open-source content management systems used to build websites and other powerful online applications. While Joomla! itself is inherently safe, misconfigurations, vulnerable components, poorly configured hosts, and weak passwords can all contribute to the downfall of a website. This book will help conquer all these limitations and will show how to secure a website from security threats.

Drupal 6.5 and Drupal 5.11 were released yesterday.  These new versions of Drupal are maintenance releases fixing problems reported using the bug tracking system, as well as critical security vulnerabilities.  If you take a look at the release notes, you'll find that Drupal's core developers and security teams have been hard at work improving this open source content management system.  With all the hard work done for you, it only makes sense to upgrade your Drupal site today (yes, we're running Drupal 6.5).

Details and download links can be found at Drupal.org.  

ComputerWorld: "Probably the simplest and most effective change that will come with PHP 5.3 is a modification to the way that $_REQUEST superglobal variables are handled. After several years of known vulnerability, it seems that the PHP developers are finally addressing one of the most risky elements of the scripting language."

Complete Story

Eddy Nigg: The new Firefox 3 browser is approaching fast its final release to the public and millions of fans will download the new product from Mozilla this month. For me this is a very exciting event and a great opportunity to show you which changes and improvements will effect us, specially in relation to SSL secured web sites.

Complete Story

A few days ago, I mentioned that "Drupal 6 feels ready to me" for public release. Evidently, that was more than feeling as Drupal 6 was released early Wednesday morning.

As a user of Drupal, let me start by saying thank you to all the developers and advocates that brought Drupal 6 to light. I've been watching Drupal 6 grow from a distance this past year and have made some observations. There is a lot more sweat, tears, and love put into Drupal than most outsiders realize. Those of us that have used Drupal during the past six years owe a lot to those of you active in the Drupal community.

You can check out the release announcement at Drupal.org for all the new features and enhancements that have been rolled into Drupal 6. Let's look at some of the highlighted features in Drupal 6 which I've listed below.

"HTML
frames (FRAMESETs and IFRAMEs) are a feature of all modern web browsers
that enable content from multiple pages to be displayed within a single
view. Historically, frames were primarily used to enable partial page
updates, where page navigation was contained in one frame, and page
content was contained in another. Over time, use of frames expanded to
include advertising, mashup, and AJAX scenarios. Today, the majority of popular websites use IFRAMEs for myriad reasons.

From a security point of view, frames can help increase
the security of web applications by creating isolation between content
delivered from different sources."

Complete Story

"WordPress
2.4 will feature a new format for authentication cookies and a new
password hashing algorithm. Cookies will be based on the secure cookie
protocol described here."

Complete Story

"One of the most important activities we do in the software industry is service our customers through software updates. Like any other binary software, ActiveX controls often need to be updated with bug fixes and new functionality. So what is the best way to get updates to our customers?

Steve, from our Silverlight team, and I were just chatting about good update practices for ActiveX controls, and we want to share them with you. Most of these practices are already in common use among ActiveX controls; we thought it would be helpful to list them all in one place."

Complete Story