Engage on Facebook Engage on Twitter Engage on LinkedIn Engage on GitHub components notes mobile card heart 2 infinite mirror 2 pricing support

Engage: Your DNN and Evoq Experts

Keeping your website up to date is a must to keep it secure

By Dave Gambino

We recently added a new client whose DNN site had become severely outdated. It was 4 major versions behind DNN 9.8. Unfortunately, because of its age, the site had been hacked. While we made short work of fixing it, it was a good cautionary tale reminder worth sharing.

DNN is among the most secure of the CMSs on the market (as evidenced by its use by the United States Department of Defense), but no CMS stays secure without regular updates.

Not updating your CMS version is very much like ignoring the dying battery in a smoke detector in your home. If you don’t continue to change the batteries (despite the annoying beep represented by the “Critical” note on your DNN admin screen), you’re opening the door to a potential problem.

In this client’s case, it was a problem of files injected into his hosting environment that led to his domain being blacklisted. He was unable to send emails and it was causing him a lot of pain. We were able to quickly resolve the issue, but it’s a pain you can avoid.

SaaS (software as a service) platforms are typically updated in the background. There’s no need for you to go through an update process, but that’s not the case for all SaaS platforms or products. Some of them require you to approve the update, i.e. your phone, or perform a specific upgrade process.

And some, like DNN, require that you do the update process. The reason DNN does not upgrade automatically is in part because third-party modules and custom functionality inside your site could break as the result of an upgrade. So, it is always wise to follow a scheduled update plan so that you can coordinate any internal and external resources needed to make sure it goes smoothly.

If you need help updating DNN, feel free to get in touch. If you are managing the upgrade yourself, we highly recommend mapping out a regular schedule and not waiting until you see DNN’s Critical message.

To help you stay up to date, check out these free resources:

Engage: What are the latest versions of the open-source DNN Platform and the licensed DNN Evoq?

GitHub: What is the next version of DNN Platform in the works?

Engage: How do you update a DNN website

DNN Software: DNN CMS Security Center

Planning a DNN upgrade? Download our guide