WordPress and Joomla are both content management systems, and while both have been around for years, WordPress has surged ahead of Joomla in popularity and add-on functionality.

Look at the numbers. With nearly 2 billion (that’s billion with a B) sites online, WordPress controls 30% of those, and approximately 60% of sites built with content management systems. Where is Joomla? In second place at 7%, followed by Drupal at 5%.

Both are available for quick installs via Softaculous.

Softaculous is a great auto-installer having 446 great scripts, 1115 PHP Classes and they are still adding more. These scripts cover most of the uses a business owner or entrepreneur could ever use. It covers a wide array of Categories so that everyone can find just the right script to power their website.

Why Joomla? How will it help your business?

Joomla is an open source platform on which Web sites and applications can be created. It is a content management system (CMS) which connects your site to a MySQLi, MySQL, or PostgreSQL database in order to make content management and delivery easier.

Joomla 4 new features:

• Bootstrap 4 Integration
• More friendly Back-end User Interface
• Coding improvements
• New front-end template and back-end template
• New Media manager
• Simplified installation process
• Faster page loading times
• Features to improve Search Engine Optimization

Why we recommend WordPress.

WordPress was designed for everyone, not just developers. That’s HUGE! You don’t have to be tech-savvy to use it, so forget stressing over learning code. Do you want the ability to tweak your website after its initial development? Compared to Joomla, WordPress shines in this department. It’s user friendly, it’s versatile and it flat out works. One word of caution – hackers love WordPress, so keep those themes and plugins up-to-date, and install some sort of security software.

WordPress 4.9.8 Features

The talk of the day is Gutenberg (a new editing environment) and while it still doesn’t hold ground against Elementor, prepare yourself as it is soon to become part of the WordPress core. Gutenberg lays the groundwork for incredibly exciting developments.

Gutenberg is at stage one of a three-pronged roll-out strategy. First, WordPress will get a redeveloped editor, and after that the project will focus on page templates, then in the final stage it will become a full site customizer. As you can imagine, this will empower developers with endless possibilities.

A Core Remote Code Execution Vulnerability (CVE-2015-8562) in the popular content management system (CMS) Joomla! was recently discovered. The vulnerability affects all versions of Joomla! prior to 3.4.6, and while updating the CMS to the latest version will patch the bug, there are still plenty of unpatched targets out there and Symantec has observed attackers actively scanning for and attacking vulnerable servers.

With over 50 million downloads Joomla! is one of the most widely used content management platforms and is used by some very popular websites, meaning the vulnerability potentially puts millions of users at risk. In an attack scenario, an attacker can use this vulnerability to execute commands on the server, tamper with the website or database contents, host malware on the server, or even redirect visitors to  other malicious websites.

How attackers find and exploit vulnerable servers
The exploit code is relatively easy to deploy and doesn’t require much skill, all that is needed is a single HTTP request. According to our telemetry, the methods attackers are using to scan for vulnerable versions of Joomla! is similar to methods we covered in a recent blog on an RCE vulnerability in the vBulletin platform. Attackers are scanning for servers running vulnerable versions of Joomla! by attempting to call a phpinfo() function or printing out an MD5 of a predetermined value. As with the vBulletin RCE exploit attacks, it is likely attackers are scanning and documenting vulnerable web servers for exploitation at a later time.

Let’s take a look at how attackers are doing this.

In one method used by attackers, if the targeted server is vulnerable, the MD5 hash for the value 233333 is printed in the response sent by the server.

Figure 1. MD5 hash printed in the server response

Another method involves the attacker attempting to execute the eval(char()) function and waiting for any output from the die(pi()); function in the response. If this response is received it tells the attacker that the server is vulnerable.

Figure 2. Server response from eval(char()) function

System administrators can look for the methods described previously as possible indicators of attack (IoA) or indicators of compromise (IoC). By examining web access logs, administrators can look for the requests and, if found, compare the time they were made to the time the server was patched to determine if the system was likely to have been breached.

Malicious script injection
Once a system is found to be vulnerable, the attackers can then proceed to the main attack. This usually involves the installation of a back door to enable the attackers to gain full access to the compromised computer.

The section of code shown in Figure 3 is part of an encoded PHP back door which is used against vulnerable Joomla! servers. Once the back door is established on the server, the attacker can execute commands, tamper with websites hosted on the server, or upload and download files at will.

Read the full article at Symantec