Farcry CMS 6.2.8 + security + CF2018

#1

So… Its been a long time since I have posted anything here!

We have a legacy website running on 6.2.8. having come up thru the years from 4.x.

I know its vintage but it runs perfectly and does a great job so its been left to do its thing - serve up a lot of content to a handful of users, but after a (not so) recent acquisition, we have a new Director if IT security digging in to the nooks and crannies. I realize 6.2.8 is way beyond its life support, but I hope a few questions may be answerable.

So a few questions.

  1. Anyone running 6.x on CF2018?
  • I see Sean’s post here
  1. Any known security/vulnerability issues? If so patchable?

Thanks all. I’ve enjoyed using this platform for like 13+ years!

Chris

#2

I’d recommend upgrading to the latest version of FarCry Core 7.2.x (head of p720 if you like). There are most definitely security fixes in 7.x that are not in 6.x.

Moving from 6.x to 7.x is probably the easiest of the major version upgrades. Usual steps would be to back up your DB, then in your dev environment upgrade Core (see How do you upgrade from FarCry 6.x to FarCry 7 (codename: SHINY)?), upgrade any relevant plugins, and test your site.

Depending on what your site does the whole process might be a couple of hours at the most.

If you have a bunch of forms that are generated with FarCry formtools then you’d need to be aware that there is a “form theme” config in the webtop so that you can still use the old Uniform markup in the frontend for 6.x sites, whereas the webtop or newer frontends would use Bootstrap. If you’re using Core’s built-in JS libraries for things like jQuery by calling <skin:loadJS id="jquery"> in the front end then it should still work, but if you’ve registered your own libraries then you should be careful to load those first in your header and then Core’s libraries last (avoids conflicts on the $ variable, etc).

Give it a try and if you have any major issues let us know :slight_smile:

1 Like