A business recently approached us to perform a site upgrade. In January, their site was hacked and the hackers were using it to send spam email (one of the many uses of a hacked website.) In response, their web host took their site down and refused to put it back up until they fixed the issue. Eventually, they were able to restore to a pre-hacked backup of the site, but it was only a matter of time before it would be hacked again because the version of Joomla in use was out of date and vulnerable. This scenario happens all the time. In fact, the first question we ask businesses who want a quote for an upgrade is if they have been hacked. They almost always say, "yes," because typically this is the only time that someone has told them they need to upgrade the site.
In this blog post, I'll explain the link between hacked sites and Joomla 2.5 reaching "end-of-life", why else upgrading is important, how to upgrade, and how to keep your site up-to-date and running smooth.