joomla on high traffic site? - GoFuckYourself.com

crockett · 03-22-2007, 07:40 AM

Has anyone used or tried the CMS Joomla on a high traffic site? I know alot of these open source CMS's are ok on small sites but can easily kill a server on anything of size.

The site would likely have around a 100k page view per day. Anyone ever try it on a site of that size?

Babaganoosh · 03-22-2007, 07:42 AM

It should handle it assuming you use the caching feature. If you have to issue a mysql query for every pageview it won't work.

psychomantis · 03-22-2007, 08:05 AM

I've heard of it doing massive sites in the past, however the caching feature must be enabled as said. I don't know of any documented cases though unfortunately.

Pimpin_J · 03-22-2007, 08:07 AM

Should work, but better keep an eye on the exploit lists. Those mambo/joomla stuff is vuln as fuck..

Code:

2006-11-17 	MosReporter Joomla Component 0.9.3 Remote File Include Exploit 	3748 	R		 D 		 Crackers_Child
2006-08-19 	Joomla <=1.0.10 (poll component) Arbitrary Add Votes Exploit 	6550 	R		D 		trueend5
2006-08-18 	Joomla Kochsuite Component <= 0.9.4 Remote File Include Vulnerability 	4047 	R		D 		camino
2006-08-18 	Joomla Link Directory Component <= 1.0.3 Remote Include Vulnerability 	4847 	R		D 		camino
2006-08-18 	Joomla Artlinks Component <= 1.0b4 Remote Include Vulnerability 	4480 	R		D 		camino
2006-08-17 	Joomla Mosets Tree <= 1.0 Remote File Include Vulnerability 	3080 	R		D 		Crackers_Child
2006-08-17 	Joomla com_jim Component <= 1.0.1 Remote File Include Vulnerability 	3867 	R		D 		xoron
2006-08-13 	Joomla Webring Component <= 1.0 Remote Include Vulnerability 	5063 	R		D 		xoron
2006-08-07 	Joomla JD-Wiki Component <= 1.0.2 Remote Include Vulnerability 	3221 	R		D 		jank0
2006-07-30 	Joomla LMO Component <= 1.0b2 Remote Include Vulnerability 	3982 	R		D 		vitux
2006-07-30 	Joomla com_bayesiannaivefilter Component <= 1.1 Inclusion Vulnerability 	4369 	R		D 		Pablin77
2006-06-17 	Joomla <= 1.0.9 (Weblinks) Remote Blind SQL Injection Exploit 	15005 	R		D 		rgod
2006-04-19 	Mambo <= 4.5.3 , Joomla <=1.0.7 (feed) Denial of Service Exploit 	7508 	R		D 		trueend5

Code:

2007-03-21 	Mambo Component nfnaddressbook 0.4 Remote File Inclusion Vulnerability 	1112 	R		 D 		 Cold Zero
2006-11-26 	com_flyspray Mambo Com. <= 1.0.1 Remote File Disclosure Vulnerability 	4128 	R		D 		Dr Max Virus
2006-10-22 	MambWeather Mambo Module <= 1.8.1 Remote Include Vulnerability 	3197 	R		D 		h4ntu
2006-09-16 	Mambo com_registration_detailed <= 4.1 Remote File Include 	4599 	R		D 		k1tk4t
2006-09-14 	Mambo com_serverstat Component <= 0.4.4 File Include Vulnerability 	4636 	R		D 		xoron
2006-08-19 	mambo com_babackup Component <= 1.1 File Include Vulnerability 	3445 	R		D 		mdx
2006-08-19 	Mambo com_lurm_constructor Component <= 0.6b Include Vulnerability 	2778 	R		D 		mdx
2006-08-19 	Mambo cropimage Component <= 1.0 Remote File Include Vulnerability 	4231 	R		D 		xoron
2006-08-18 	Mambo MamboWiki Component <= 0.9.6 Remote Include Vulnerability 	2810 	R		D 		camino
2006-08-17 	Mambo a6mambocredits Component 1.0.0 File Include Vulnerability 	2517 	R		D 		Cmaster4
2006-08-17 	Mambo phpShop Component <= 1.2 RC2b File Include Vulnerability 	2832 	R		D 		Cmaster4
2006-08-17 	Mambo mambelfish Component <= 1.1 Remote File Include Vulnerability 	2540 	R		D 		mdx
2006-08-16 	Mambo CopperminePhotoGalery Component Remote Include Vulnerability 	4039 	R		D 		k1tk4t
2006-08-14 	Mambo Peoplebook Component 1.0 Remote File Include Vulnerability 	3366 	R		D 		Matdhule
2006-08-14 	Mambo mmp Component <= 1.2 Remote File Include Vulnerability 	3900 	R		D 		mdx
2006-08-10 	Mambo Remository Component <= 3.25 Remote Include Vulnerability 	3197 	R		D 		camino
2006-07-30 	Mambo User Home Pages Component <= 0.5 Remote Include Vulnerability 	4925 	R		D 		Kurdish Security
2006-07-29 	Mambo mambatStaff Component <= 3.1b Remote Inclusion Vulnerability 	3071 	R		D 		Dr.Jr7
2006-07-29 	Mambo Colophon Component <= 1.2 Remote Inclusion Vulnerability 	3674 	R		D 		Drago84
2006-07-28 	Mambo MGM Component <= 0.95r2 Remote Inclusion Vulnerability 	3277 	R		D 		A-S-T TEAM
2006-07-28 	Mambo Security Images Component <= 3.0.5 Inclusion Vulnerabilities 	4865 	R		D 		Drago84
2006-07-27 	a6mambohelpdesk Mambo Component <= 18RC1 Include Vulnerability 	3592 	R		D 		Dr.Jr7
2006-07-24 	PrinceClan Chess Mambo Com <= 0.8 Remote Inclusion Vulnerability 	3359 	R		D 		OLiBekaS
2006-07-23 	multibanners Mambo Component <= 1.0.1 Remote Inclusion Vulnerability 	2652 	R		D 		Blue|Spy
2006-07-23 	Mam-Moodle Mambo Component alpha Remote Inclusion Vulnerability 	3326 	R		D 		jank0
2006-07-23 	MoSpray Mambo Component <= 18RC1 Remote Include Vulnerability 	3384 	R		D 		Kurdish Security
2006-07-17 	pollxt Mambo Component <= 1.22.07 Remote Include Vulnerability 	2884 	R		D 		vitux
2006-07-17 	Sitemap Mambo Component <= 2.0.0 Remote Include Vulnerability 	2576 	R		D 		Matdhule
2006-07-17 	HTMLArea3 Mambo Module <= 1.5 Remote Include Vulnerability 	2370 	R		D 		Matdhule
2006-07-17 	com_hashcash Mambo Component <= 1.2.1 Include Vulnerability 	2242 	R		D 		Matdhule
2006-07-17 	MiniBB Mambo Component <= 1.5a Remote File Include Vulnerabilities 	2808 	R		D 		Matdhule
2006-07-17 	perForms Mambo Component <= 1.0 Remote File Inclusion 	2443 	R		D 		endeneu
2006-07-17 	pc_cookbook Mambo Component <= 0.3 Include Vulnerability 	2063 	R		D 		Matdhule
2006-07-17 	com_loudmouth Mambo Component <= 4.0j Include Vulnerability 	2634 	R		D 		h4ntu
2006-07-17 	com_extcalendar Mambo Component <= 2.0 Include Vulnerability 	3647 	R		D 		OLiBekaS
2006-07-17 	SMF Forum Mambo Component <= 1.3.1.3 Include Vulnerability 	8557 	R		D 		ASIANEAGLE
2006-07-17 	com_videodb Mambo Component <= 0.3en Remote Include Vulnerability 	2919 	R		D 		h4ntu
2006-07-08 	com_forum Mambo Component <= 1.2.4RC3 Remote Include Vulnerability 	4780 	R		D 		h4ntu
2006-07-08 	SimpleBoard Mambo Component <= 1.1.0 Remote Include Vulnerability 	6723 	R		D 		h4ntu
2006-07-04 	galleria Mambo Module <= 1.0b Remote File Include Vulnerability 	5136 	R		D 		sikunYuk
2006-06-27 	Pearl For Mambo <= 1.6 Multiple Remote File Include Vulnerabilities 	5004 	R		D 		Kw3[R]Ln
2006-06-26 	CBSMS Mambo Module <= 1.0 Remote File Include Vulnerability 	5117 	R		D 		Kw3[R]Ln
2006-06-22 	Mambo <= 4.6rc1 (Weblinks) Remote Blind SQL Injection Exploit (2) 	5917 	R		D 		rgod
2006-06-17 	Mambo <= 4.6rc1 (Weblinks) Blind SQL Injection Exploit 	7532 	R		D 		rgod
2006-04-19 	Mambo <= 4.5.3 , Joomla <=1.0.7 (feed) Denial of Service Exploit 	7508 	R		D 		trueend5
2005-11-22 	Mambo <= 4.5.2 Globals Overwrite / Remote Command Exection Exploit 	10884 	R		D 		rgod
2005-06-21 	Mambo <= 4.5.2.1 SQL Injection Exploit 	7213 	R		D 		RusH
2005-06-15 	Mambo 4.5.2.1 Fetch Password Hash Remote Exploit 	8201 	R		D 		pokleyzz

Damian_Maxcash · 03-22-2007, 08:13 AM

I moved it to a 25K site with no problems on a virtual server - but I had vids streaming from a dedicated.

Have a look at your template - there will be a load of things you can get rid of that you wont really miss.

crockett · 03-22-2007, 08:31 AM

Quote:

Originally Posted by damian2001

I moved it to a 25K site with no problems on a virtual server - but I had vids streaming from a dedicated.

Have a look at your template - there will be a load of things you can get rid of that you wont really miss.

Yea that's cool, I was going to have a custom set up. I'm going to try it out on a new site and see how it goes and then decided if I'll put it on the other site.

03-22-2007, 07:40 AM	#1
crockett in a van by the river Industry Role: Join Date: May 2003 Posts: 76,806	joomla on high traffic site? Has anyone used or tried the CMS Joomla on a high traffic site? I know alot of these open source CMS's are ok on small sites but can easily kill a server on anything of size. The site would likely have around a 100k page view per day. Anyone ever try it on a site of that size? __________________ In November, you can vote for America's next president or its first dictator.

03-22-2007, 07:42 AM	#2
Babaganoosh ♥♥♥ Likes Hugs ♥♥♥ Industry Role: Join Date: Nov 2001 Location: /home Posts: 15,841	It should handle it assuming you use the caching feature. If you have to issue a mysql query for every pageview it won't work. __________________ I like pie.

03-22-2007, 08:05 AM	#3
psychomantis Registered User Join Date: Mar 2007 Location: Chicago Posts: 27	I've heard of it doing massive sites in the past, however the caching feature must be enabled as said. I don't know of any documented cases though unfortunately. __________________ Njoy!

03-22-2007, 08:13 AM	#5
Damian_Maxcash So Fucking Banned Join Date: Oct 2002 Location: MaxCash.com Posts: 12,745	I moved it to a 25K site with no problems on a virtual server - but I had vids streaming from a dedicated. Have a look at your template - there will be a load of things you can get rid of that you wont really miss.