One reason I’ve begun to prefer WordPress over Joomla is that WordPress has made the upgrade process so much easier than Joomla. To upgrade Joomla 1.x to 1.5, you have to use special tools and again if you go from 1.5 to 2 or version 3, be prepared for a different toolset and migration path. Ugh! Worse still, Joomla Extensions have become very version specific due to a lack of backwards compatibility. WordPress on the other hand allows one to simply put the new code in place, and so long as there is not a conflict with a Plugin, the code takes care of everything else for you, including updating the database.
Perhaps it is only because I haven’t tried to migrate a very customized WordPress site that I feel this way, or that my more complicated older sites are nearly all in Joomla. So long as I keep a copy of the changes I’ve made to styles or any core files, I’m able to keep things up to date really quite easily with WordPress. As noted above, sometimes an entire system isn’t easy to replace though. There are times a client has invested heavily into very specific Joomla module or tool — only to have these items not become readily available to the newest versions of Joomla. (I am not finding this to be true of WordPress Plugins — another reason to go with WordPress today.) So the problem to deal with is securing older versions of Joomla that have known security issues. What exactly can one do to make an older Joomla site more secure? Let’s take a look at securing Joomla.