We continue series of analytical articles about amazing world of Joomla! This article is devoted to Joomla! versions used by the most popular sites. How many sites use the latest Joomla! version? Are there many sites still using the oldest one? Which Joomla! version is the most popular? Do top site administrators pay enough attention to their site security? Find the answers below.

Recently Joomla! 3.1 has been released. At the same time many Joomla! sites continue using older versions, including Joomla! 1.5 and even Joomla! 1.0. In June JoomPlace undertook a special study to find out which Joomla! version is used by the most popular sites. To define CMSs we used the same methodology as we did in our previous analysis, researched Alexa Top Sites By Category.

To find out which version Joomla! sites use we checked if the administrator/manifests/files/joomla.xml file was available and accessible*. If the Joomla! version couldn’t have been defined we checked other files in general access which were specific system files of different Joomla! versions with Joomla! reference inside.

*Actually, it’s not secure when this file is accessible. It helps to find out which version of Joomla! the site is built on, and as a result to detect vivid vulnerabilities to hack such sites. So, it’s considered to be a done thing to hide or protect more efficiently any requests to /administrator/ related addresses (URLs).

2,113,765 items were examined. 82,435 Joomla! sites were indicated and included into our analysis. See its results on the infographics below.

Joomla Versions in Alexa Top Sites Catalogue

More than a half (51,2%) of Joomla! top sites still use Joomla! 1.5 version released in 2008. 23,5% use Joomla! 2.5. And only 1% of top sites use Joomla! 3.x, released quite long time ago (September, 2012).

In general, it’s no wonder that so few sites use Joomla! 3.0, as it recommended staying on Joomla! 2.5, until Joomla! 3.5 is released.

But why so many sites built on Joomla! 1.5 aren’t upgraded to the Joomla! 2.5? The main reason is huge costs to migrate the site to the new Joomla! version while sites built on Joomla! 1.5 work thick and fast.

Nevertheless our study reveals a very important issue which isn’t given due consideration. Is your Joomla! site fully protected?

The statistics above shows that not all top site administrators follow the well-known recommendations regarding Joomla! site security. They don’t update their sites to the latest maintenance release version in the major version site developed, endangering their security. For example, a lot of sites built on Joomla! 2.5 are not updated to the latest maintenance release version (2.5.11). Moreover, there’re still top sites using short term support versions (Joomla! 1.6 and Joomla! 1.7) instead of the long term support one (Joomla! 2.5), while it’s almost one-click action!

Come to think of it, if top site administrators don’t make enough effort to protect their sites, what can we say about others?

So, the results of our study show that the vast majority of top sites still use Joomla! 1.5, while very few use Joomla! 3.x. A lot of site administrators don’t pay enough attention to the subject of their site security, not updating their sites to the latest maintenance release version in the major version site developed.

And what about you? Which Joomla version does your site use? Is your Joomla! site completely protected? Do you have any questions? Please contact our support team.

We’ll continue monitoring the issue regarding Joomla! site security. After a while we will publish the results of our new study. Hope they will be more positive. Stay tuned on social media.