We should be clear from the very first moment that it is very important to keep your movable type publishing platform updated to the most recent release.
The movable type publishing platform often offers upgrades with new releases.
Most of the upgraded versions contain new features and bug fixes, but sometimes there are critical security issues that you should immediately address.
Since Six Apart Japan purchased movable type from the former Six Apart US, the japanese crew continued and actually intensified the effort to make movable type an even better platform. They've decided to review the product whole source code and as a result they came up with an important number of fixes and mandatory security updates.
As a movable type developer, consultant, partner and consumer myself, I've been pleased to see that apart from the fixes and security fixes I've mentioned above, Six Apart continues to further develop the project with juicy new features focus both on productivity, as well as security.
Since January 2010, when Six Apart announced movable type v5 (more precisely v5.01) and until mid 2012 the movable type platform was available as two products. One called movable type v4.38 and which was continuing the v4.x series, but limiting to only implementing security fixes and the other called movable type v5.x with its latest v5.2.13 version.
Starting from December the 31st, 2013, movable type v4.38 reached its 'end of life' cycle. Then, on September the 30th, 2015, movable type v5.2.x reached its 'end of life' cycle. It is now the time for movable type v6.3.x to reach its 'end of life' cycle on May the 16th, 2019.
Movable Type v7.x was launched on May the 29th, 2018 and some may want to upgrade directly to it. However, since it is a completely new product, some users may try to keep running movable type v6.x for a while and for them Six Apart decided to launch Movable Type v6.5 which is going to continue the Movable Type v6.3.9 development and will last until 2022.
If you're running an older version, it is extremely important to upgrade either to movable type v6.8.7, or to movable type v7.9.5.
Why do you have to upgrade? You won't imagine how important is to keep your installation secure and how hard and time consuming is to clean up after a security issue being exploited.
How long would v4.38 last?
After mid 2012, Six Apart decided to stop offering movable type v4.38 for download and to continue offering only movable type v5.x, this being a normal action in the product evolution.
According to the movable type product life cycle policy announced at the end of December 2012 (right on the Christmas as a kind of Christmas gift), movable type v4.3x would be considered to have reached the end of its life span on December the 31st, 2013.
Six Apart initially planned to consider movable type v4.38 as having reached its life span at the end of December 2012, but I'm glad that they gave a grace period of one more year.
This is the right time to upgrade your movable type installation to the 6th series, more specifically to v6.8.7 or to the 7th series, more specifically to v7.9.5.
Need help upgrading your movable type installation?
Get in touch and let us do it for you at an as low as 149.95 USD flat rate or simply order your movable type upgrade service here.
Avoid Being Exploited, Address Security Issues!
Some people would think that a security exploit won't happen to them. They probably think this way because they imagine that a badly intentioned person launches this kind of attacks manually and only if they have a dispute with somebody else.
Unfortunately things are a lot more dangerous because these e-criminals are scanning for vulnerabilities and would penetrate automatically those resources where their scanning methods identify vulnerabilities.
You won't like to know what experience I've had with I've seen the first customer being attacked. It all started with a vulnerability being exploited in the same way Sony and Public Broadcasting Service (PBS) have been attacked in June 2011.
Some website pages were injected with malware, some others with open door scripts and trojans and that made Google mark the site as dangerous. When arriving to the site, people were seeing a large red window warning them that the site is dangerous and could infect their computers.
The client was getting lots of phone calls and emails from visitors, some alerting him about this problem and some others complaining that they fear that their computers have been infected. There were visitors that were to upset that they've told my client they will never visit his website again.
At that time I didn't have experience with such things. I've been a very experienced and talented developer with excellent results in my work, but with no experience at all about website attacks and exploits and that might be also because I've always insisted with my customers to upgrade their installations, especially when the upgrade included security fixes.
Though I've had a very busy schedule, I had to ask some of my customers if we could delay a little bit the jobs we were working on and spend time on this critical matter. They've been very kind, appreciated the way I work and the quality of my work, as well as the fact that I'm respecting customers and I want to help one of my customers which was risking to kill his business.
This was the moment when the hide and seek game started. I've studied the vulnerabilities and learned how to fix all of them. When I was saying that the cleanup is done, within 2 hours the exploit was back. At some point a person was playing with the server files and folders and that was disturbing also other people's projects. I've seen it with my own eyes when I've renamed a folder that the hacker was cloning into „_name - WHO" and a few minutes later the jerk renamed the folder into „_name - HACK". That was the moment when I've got very nervous!
Apart from the above, we've noticed that the website was hijacked to pharma sites selling all kind of medicine like viagra, cialis etc. This diminuished the search engines placement and forced Google to almost exclude the site from its index, basically pushing it very far from the first page because it considered it a spam site.
The battle took a total of 120 hours, within this time frame being includes also a few white nights of study and experiences on how to secure each and every vulnerability. In the end all vulnerabilities were closed, the person that attacked localized and the data sent to the client which decided to address it with FBI's Cyberterrorism division.
When I look back at this story I'm glad that it forced me to learn a lot of things about how to secure data, to investigate an attack, to study and to fix vulnerabilities. When it happened, it was a disaster both for my personal life (very long hours and a couple of nights with absolutely no sleep at all), for my schedule, as well as for my customer.
Since then my customer had no more problems and I've had the chance to be engaged on other similar tasks of fixing vulnerabilities, not only for movable type, but also for other platforms.
How Much Does It Cost To Upgrade Movable Type?
Upgrading movable type with us costs as low as 149.95 USD.
What's the Cheapest Movable Type Upgrade Fee?
This is the last thing you should consider when you intend to upgrade your movable type installation.
Six Apart, which is the company behind Movable Type, was charging 249.95 USD for the upgrade service, but later decided to pass the service to a competitor of mine which is charging 449.95 USD.
We're charging only 149.95 USD and I'm pretty confident that you won't find a cheaper deal for this service with another movable type service provider.
A serious service provider is that consultant who really knows what he/she is doing and takes all the safety measures so that in case of any unpredicted events your current movable type release could be restored.
Movable Type Upgrade Safety Guideline
The technical team at PRO IT Service and I myself, Mihai Bocsaru, Chief Web Developer and General Manager, are prepared to offer you a 100% safe upgrade service.
Avoid headaches and let us do this job for you professionally.
The upgrade service is not a simple process if you diligently try to follow, as we do, all the recommended safety measures to achieve a risk free solution.
The way we do this job is to:
- Backup your Movable Type database;
- Backup your Movable Type existing version files;
- Backup your Movable Type-driven Web site;
- Upgrade your Movable Type version;
- Check your Movable Type templates and eventually update coding if/when some tags are no longer supported or provide a change in functionality;
- Implemented the necessary security tweaks, where applicable.
Movable Type Upgrade Quality Assurance (QA)
PRO IT Service only delivers work that has been checked and assures a good quality service for you and the right image for your website.
To give you an idea about what this entitles, we are going to check all the templates to make sure that there are no obsolete tags, rebuild your entire Web site and make sure that all your Web page types are displaying in the same way as with your previous installation.
Many times we've had to replace certain movable type tags with other movable type tags to maintain the same functionality within your movable type web site.
What About Your Current Movable Type Installation Tweaks?
Some publishers may be tweaking their publishing platforms.
Yourself may be using certain plugins, hacks or may have hacked or nicely said 'tweaked' certain movable type core files to extend the movable type default capabilities.
Through the service we offer we are able to check, inventory and extend (port) all tweaks to the new publishing platform version.
What about a Movable Type Upgrade Failure?
While this never happened so far, in exceptional circumstances we might face unpredictable issues or events such as:
- technical problems during the upgrade;
- major bugs or bad new version files;
When this happens you have nothing to worry about as we can immediately restore your initial configuration and, of course, not bill you for the upgrade trial until you are satisfied with it.
The benefit to you here is that you can with 100% confidence safely upgrade your Movable Type publishing platform and benefit of any new features, bug fixes or major security issues fixes.