For all TYPO3 website operators with version 9 (or even lower): This version has expired. It will no longer be provided with security updates.
WACON is now offering updates to versions 10 and 11. At the same time, we are conducting a GDPR-Audit and donating 5% of the order to Ukraine.
Why do TYPO3 (and PHP) versions need to be updated?
TYOP3 is an open source software for operating and maintaining websites (more on TYPO3).
he software is free of charge and can be used and expanded by anyone. The source code is open, i.e. anyone can see it. Unfortunately, this makes open source software - despite all its advantages - a potential target for attack by hackers - if regular (security) updates are not carried out. For this purpose, security updates are provided free of charge for three years for each major version (9, 10, 11, use.). For version 9, this period has expired. Security updates must now be ordered for a fee from TYPO3 GmbH. We therefore recommend an update to TYPO3 version 11 and a simultaneous changeover to PHP 8.
PHP is the programming language with which TYPO3 was developed. The same applies to PHP as to TYPO3, except that no security patches are available for outdated PHP versions (i.e. no security patches are available for a fee). PHP must be operated from version 8 as of December 2022.
Further information on the versions (so-called "roadmaps") is available:
In addition to a more modern technological basis, TYPO3 v11 contains further additional functions and features such as:
+ a configurable dashboard with an overview of the most important system events. + faster, more intuitive work in the backend + analysis of cookie selection (how often which cookie options were chosen by visitors) + 2-factor authentication for the backend (optional) + better support for OnPage search engine optimisation
Additional services from WACON
As part of the update, we generally also carry out a security audit. This means that we check the website for possible security gaps and violations of the GDPR.
A very common error is the integration of external resources without consent. This includes, for example:
the integration of fonts from external servers
the integration of external maps (e.g. GoogleMaps)
embedding external videos (even without cookies!)
embedding social media contributions (not to be confused with mere linking)
the embedding of external newsletter providers
Embedding of external content via an iframe (weather, real estate offers, etc.)
Lead tracking with Google Ads
the use of Content Delivery Networks (CDNs) to accelerate websites
the integration of external CAPTCHA functions as SPAM protection
Furthermore, we check the correct functioning of the cookie consent box and evaluate compliance with other criteria.
Note: With the introduction of the Telecommunications Telemedia Data Protection Act in December 2021, there will be additional requirements for the operation of a data protection-compliant website.
We programme against war
Together with you we would like to help the people in Ukraine. We will transfer 5% of the order value resulting from our update work to the donation account "Nothilfe Ukraine":