When you ask your clients what they expect of their site, they sometimes say the strangest things. Some time ago, one client had an interesting request. I wasn't there for the conversation but figure it went something like this.

Them: "We want to use an image of a tree on the top."
Designer: "Sure, no problem."
Them: "Great. We also want to change the image as the seasons change!"
Designer: "Ehmmm... let me see what I can do." 

After doing some research we found a way that makes this super easy to do.  It would be a shame if we didn't share that tip with you!  The trick is to use some module magic, powered by Advanced Module Manager by Nonumber. If you are insterested in finding out how to publish a different module for each season, then read on.

Earlier today, Joomla! users were urged to upgrade to Joomla! 2.5.3 immediately after a serious vulnernability has been reported.  Following simple steps, a user could gain access to your site and do all sorts of nasty things to you site. If you're using Joomla! 1.6, 1.7 or any 2.5 version PLEASE UPDATE TODAY.

Maybe you're trying to postpone it, by saying "How bad could it be?"  Want a demonstration? Then read on.

Hacked under 2 minutes

To hack my own site, I needed the following:

- Firefox in combination with Firebug. This is VERY, VERY BASIC stuff.

- knowledge of the exploit (obviously)

- An editor to create a "Hack site". (Just a harmless site).

In less than two minutes, the exploit allowed me to gain access to the 2.5.2 site that I set up moments before.  Once I had access, I managed to redirect visitors to a (harmless) site I control.  This page doesn't do anything, but try using some imagination following the steps below.

• Let's try to visit http://www.toralkoweb.net/joomla25nl , which is your business website.
• What's that? That's not your Joomla! site. It's a hacker site! And it's kicking your puppies!
• You're now panicking, worrying that ultra leet hackers hacked your site.

You'd be right to panick. Not so right on the leet part. Anyone could use this exploit to deface your site in 2 minutes. 

Update in less than two minutes

Know what takes less than two minutes, and which will keep your site safe? Updating your site to the latest version. We suggest using Admin Tools as it's the easiest way to do so.

He who hesitates, meditates on why he didn't do updates! 

Did you know that Joomlareporter isn't just using any hosting? No, we're using "Joomla! As A Service" hosting by CloudAccess. Shameless plug of one of the best Joomla! hosters? Yes.

We're mentioning this, because we've once again seen proof that it does matter which hosting you use for your Joomla! site. 

When reading my Twitter stream, I often hear a fellow Joomlaist moan that their client didn't make any back-ups. Their client thought their hosting company would take care of that.

It's true that many hosting companies advertize that they back-up your site. Most of them probably do. But is it wise to rely on their back-ups only?  Are the many people out there using Akeeba Backup to create back-ups themselves (including myself) wrong or just plain paranoid?

There's a saying in Beerland that goes a bit like this: If you want something to be done properly, you should do it yourself.  Let me tell you a story of a time, when I still thought relying on my hosting company was good enough.

Planning to buy a new template for your Joomla! site? Then watch out! Some template clubs try to sneak in hidden links - and possibly other nasty code - in their templates, to improve their ranking.  Which isn't a very ethical thing to do. But unfortunately, Joe or July average often isn't aware of this.

That's why we're pleased to see Brian Teeman has stepped up again, by allowing Norm Douglas (from TeachingJoomla.com) to point out Joomlaspirits' blackhat SEO practices.

You can read the full article on Brian's blog.