Just enough J!1.5 sites have been hacked in my orbit of sites in a short period time to lead me to conclude that it’s a pattern, not random.
Joomla 1.5 is not supported by the Joomla Project. Hackers know that these sites are sitting ducks for hacks. There is code on these sites that is vulnerable to hacks. Joomla 1.5 sites are soft targets for hard hacking.
I look back and think that I should have been extreme with my Joomla 1.5 installations. The benefit of hindsight, for sure. Instead of just taking Joomla 1.5 as-is and installing it as-is, I should have actively managed Joomla 1.5 itself.
This is my own checklist for going back to Joomla 1.5 sites. It’s a list of things that can be done today, without clients thinking I’m dreaming up excuses to invoice ‘em:
Keep managing your going-concern Joomla 1.5 sites!