One of the issues that our users encounter in making the transition to YourSites from the myJoomla online service - is cleaning up the database tables left behind when uninstalling the myJoomla plugin from their client sites.

15 October 2019

YourSites version 1.1.0 includes a few security enhancements - these are summarised below.

Elmination of Timed PHP Hash Comparisons

YourSites version 1.1.0 improves the way we validate calls from the YourSites server to the client sites so as to avoid a theoretical timing attack (see http://php.net/manual/en/function.hash-hmac.php#111435). This risk was, however, negligible in version 1.0.0 since each hash was only used once (see below for more detail) and due to the high variability of timing of web requests.

30 May 2019

Version 1.4.4 introduces 3 security enhancements to YourSites

The security of your data with YourSites is always at the top of our minds. We are therefore pleased to introduce some security enhancements in YourSites version 1.4.4. These address completely theoretical security risks in versions 1.4.3 and earlier.

In addition to these security enhancements we have added a new documentation article all about how to make your YourSites server/configuration as secure are possible. See Setting up a Secure YourSites Server for more detail.

30 May 2019

We love every single one of our users, without you YourSites simply couldn't happen! So we would love a review at the Joomla! JED so we can let others know about us too, please take a minute to write a review:

https://extensions.joomla.org/extension/yoursites-manager/

If you feel you have something negative to say, we would implore you to speak to us first, as we really really don't want anyone to be unhappy!

STAY CONNECTED