advertisement

Econet restores hacked website, secures it with test software

advertisement
Econet Broadband Site

Econet has switched on its Econet Broadband website www.econetbroadband .co.zw, after more than a month of downtime following a hacking incident in December last year. The site is noticeably still using the popular open source content management system Joomla.

advertisement

Econet Broadband Site

We hope Econet doesn’t suffer this needless pain again. We hope no website suffers this.

advertisement

What we found a bit curious on the restored Econet site is a small red ant icon on the bottom right of the site.  Hovering the mouse over it shows the text “Protected by Biziant Sentry – Joomla Security Suite”. A Joomla extension to secure the site. Good move

BiziAntWell, good move except for one thing; the developer of the extension specifically warns against its use on a production site, referring to the extension as “merely a proof-of-concept” in Early Alpha. Software in early alpha is in a very early stage of testing, hardly suitable for any practical use beyond just testing the software.

For its sake, I hope Econet is not overlooking this.

We’d love to know your take on Joomla security and your opinion on this particular implementation of security after restoration from the nasty hack. Please share in the comments below. How are you securing your Joomla sites?


Quick NetOne, Telecel, Africom, And Econet Airtime Recharge

If anything goes wrong, click here to enter your query.


WhatsApp Discussions

Click to join a Techzim WhatsApp group:
https://chat.whatsapp.com/DOJlKDosfy79t2g9qfh18I

If you find the group full, please notify us on +263 715 071 199 and we'll update the link.


25 thoughts on “Econet restores hacked website, secures it with test software

  1. Econet is a big company, with all the money their making they should pay someone to build a secure site and to secure their servers against attacks.

    1. Maybe they think it’s just a waste of money and time. They would rather pay their developer twice his package to add more features and attract more users….

    2. there is nothing called a secure site and Opensource tech offers the best hope in security that commercially private developed software which are more prone to zero day attacks

      1. Sorry have to disagree with Macd there, as someone with years of web development experience in both Joomla and more recently in secure enviroments for internet banking etc. The open source myth is simply not true.

        While Joomla’s core is very well written and secure the vast list of addons are often made my one man bands or hobbiests. Secure because it is open source is simply not true, this only holds true if it is a massive open source project with many regular contributors.

        If you want a secure site, you are much better off going to a company that specializes in those sorts of sites, or at very least can vet the open source addons you have installed in your site.

        I think many many Zimbabwe websites are insecure and not able to handle load (look at how often the new (Joomla) Herald site is down). These sort of sites need to be handled by professional developers, not someone who can skin a Joomla installation.

        I am not saying dont use open source, simply get someone who knows what they doing to do it.

      2. Sorry have to disagree with Macd there, as someone with years of web development experience in both Joomla and more recently in secure enviroments for internet banking etc. The open source myth is simply not true.

        While Joomla’s core is very well written and secure the vast list of addons are often made my one man bands or hobbiests. Secure because it is open source is simply not true, this only holds true if it is a massive open source project with many regular contributors.

        If you want a secure site, you are much better off going to a company that specializes in those sorts of sites, or at very least can vet the open source addons you have installed in your site.

        I think many many Zimbabwe websites are insecure and not able to handle load (look at how often the new (Joomla) Herald site is down). These sort of sites need to be handled by professional developers, not someone who can skin a Joomla installation.

        I am not saying dont use open source, simply get someone who knows what they doing to do it.

  2. Yeah where does econet put all their money, i mean this is a huge company and they cant even afford a secure websiite!

    1. Can’t load the broadband website right now so no way of telling if it’s still there. It’s possible they may have removed it.

    1. Techzim does use open source and we we love it, that’s why we leave the WordPress credit at the bottom of the site so that we contribute (however small) to spreading the word.

      The problem here is NOT that Econet is using an opensource content management system. What we say we find strange is that they’re are using an early alpha Joomla extension. It may not even be wrong if they know what they’re doing. We’re just pointing it out as against best practice.

      1. the good thing about Open source is that you get the source code and you have every right to enhance or change anything as long as abide by GNU license (not Govnt Of National Unity)

  3. This is because CEO does not provide oversight on ICT Management! Nor do investors hold him accountable. Maybe he and his friends have controlling shares! Where is proper governance here? The removal of the ant is even more perplexing. A case of burying head in the sand. We are still very much in woods in all fronts in Zim!

  4. it’s not that Joomla is insecure as a web app, it’s how it is implimented that makes it insecure. The reason why Econet and most companies do not care much about their websites and security is because the servers do not contain any sensitive content and the website, well, i think they developed it simply because we expect them to have one. Their marketing department is more into offline advertising than online. They are good at spam sms though.

  5. Open source or not, if the baselines were not followed, econet will keep reinvesting in dealing with a stupid issue. They need to ensure that security is fosterd in all applications and makesure that the marketing department does not control the website. Please Mr masiwa enforce security

  6. Some of the basic ways to secure a joomla website are creating SEF urls, this protects you from the common ” in-url” hack, another is , another is writing ur code to prevent SQL Injection which is another common hack method- there’s more but time won’t permit ryt now.

Comments are closed.