A long long time ago, I started working on a prototype project for a mobile payment system using PHP. If memory serves me right, it was PHP3. Almost a decade later, I am back to PHP. It was not fun. Between these times, I have worked mostly on Java and have got use to the ecosystem around the Java language, and it was not easy letter or those go.
I have been listening to the StackOverflow podcast, and Jeff Attwood cannot seems to contain his hatred for the PHP language. I am not a big fan of weakly typed language or scripting language used in large scale applications. And this is exactly what I am faced with now. My companies website is using Joomla + VirtualMart + a whole bunch of plugins, and long and behold, it was hacked recently. Some module with remote exploitable flaw was load on the website and it wasn't long until some hackers program found us and dumped a JPMorgan Chase phishing site on our page.
It was long until RSA contacted our hosting provider and they shut us down. We haven't updated our Joomla installation for quite a while and it came back to bite us. After a day of work to try and remove the phishing site and purge the hackers code, our site was shutdown again because I was unable to purge it properly. It appeared the hacker also manage to turn our server into a SPAM server. After a few more hours of struggle, I decide to conclusively patch the existing site from all malware is going to be futile and went about upgrading our Joomla installation.
Boy it was a pain ...
It is getting late, I should rant about this some other time.
No comments:
Post a Comment