As we reported last week on our blog, our colleagues at Akeeba released an update — version 4.5.0 —for their flagship backup solution that enforces more stringent authentication when performing frontend backups.

Specifically, Akeeba now checks if the secret word — the key used to validate the remote/frontend backup feature — may be easily guessed. If the secret word is too simple, it must be updated for backups to continue successfully. 

A small number of Watchers have reported failed backups after updating to Akeeba Backup 4.5.0. Although the fix — updating the secret word — is trivial for one site, Watchers with tens or hundreds of sites to have a problem on their hands. They must update the secret word  for all their sites both in Akeeba Backup and their Watchful dashboard.

Given how busy things are this time of year, we thought we’d lend a hand by making it easy to mass-update all your Akeeba sites with just a few clicks, all from your Dashboard.

To achieve this, we wrote a free component that Watchers can install on all their sites — including Joomla 1.5, 2.5 and 3.x — using Watchful’s remote installer.

The component will check for a weak secret word in the Options of Akeeba Backup. If a weak secret word is found, a more secure one will be automatically generated and updated in both Akeeba and Watchful. 

Who should use this component to harden Joomla backups

Anyone using both Watchful and Akeeba Backup can use this component. If you use a weak secret word, (especially if the same one is used on all your sites), we strongly recommend using this component.

How do I use this component to harden Joomla backups

  1. Ensure you have recent backups for all your sites.
  2. Install the Strong Secret Word component on all your Joomla 1.5, 2.5 and 3 using Watchful’s remote installer.
  3. Upgrade to the latest Akeeba Backup, version 4.5.0 or greater.
  4. Test backups on all your sites.
  5. Re-apply the component to any sites that show backup failures, or manually update the secret word in Akeeba and in Watchful.

Leave a Reply

Your email address will not be published. Required fields are marked *