Once in a blue moon, I am summoned to work on a Joomla 1.5 website. It’s always one of those sites that’s got problems. Backend not loading. Entire site not loading. Everything looking like it was developed in Wordpad on Windows 3.1.
Or, in today’s case, a user getting hundreds of mysterious e-mails about mails that couldn’t be delivered. Courtesy of Joomla 1.5 user registration.
Joomla 1.5’s User Registration was enabled by default. While Joomla offers you a few options to create a neat registration form – either through a module or a menu item – that was hardly necessary. If you entered the proper URL you could register yourself an account.
Of course spammers know that. They seem to know better than I do what you can and can’t do with a Joomla website. And they’ve been abusing this “feature” for as long as I can remember. The problem is that I mostly forget about it. These days, with Joomla 3.x you’ve got to consciously enable User Registration. And while you’re at it, you enable fun stuff like Recaptcha or CSFRShield in AdminTools.
I don’t know what the point of this post is, really. There is a reason I only write about Joomla 1.5 once in a blue moon, when a site blows up that the client doesn’t want to (read doesn’t want to pay to) upgrade. Because it’s a relic of the past. Surpassed by Joomla 2.5 and 3.x. Let’s not talk about 1.6 and 1.7. Crazy stuff happened back in those days.
If you are still using Joomla 1.5, you should be aware that it’s a ticking time bomb. Plugins haven’t been updated for years. Your website has aged. Who knows what unmatched exploits are lurking under the hood or hidden in your template.
It’s time to move on. And if your clients aren’t willing, you better be making regular backups of their website that is still “working perfectly fine.”