Call us on: 09 448 1215

COVID-19 Update

We’re working hard to support our customers both old and new with their online requests through these uncertain times.

Our team are available, if you need urgent assistance contact us on +64 9 4481215 or via the contact form here

"The crew is super easy to deal with throughout the whole process and delivered everything as they said they would. If you're after a website of any sort I wouldn’t hesitate to use these guys they kick ass!" - D. Watkins. Reel Factory

" Working alongside Koda on various projects was both easy and seamless, making the whole experience enjoyable! Koda are understanding, patient and know their clients "

" During the design and development process they translated all the “tech speak” into information we could understand and made the process as pain-free as possible! "

"We wanted to replace our website with a new, modern, hassle free, mobile friendly site that we could easily manage ourselves and wouldn’t cost the earth."

" Koda Web acted as a real partner, not only through to the launch of our website but in the following months and they continue to do so. "

"Quick and easy process from start to finish.  The team at Koda listened to us and delivered a website that met our brand guidelines and exceeded our expectations.  We are really happy with the result."

"The team at Kodaweb were exceptional. They listened to what we needed and were very responsive throughout the development process integrating our additional needs seamlessly as the project progressed. We are delighted that we chose Kodaweb to design our new school website." 

"I would like to thank the Koda web team and especially Simon Jones for his caring and professional approach when redeveloping our business website."

"We are live! Check out our new website. Thanks to Koda Web for your amazing work and being so easy to deal with"

The Importance of Patching


The importance of patchingA month or so ago I wrote about the importance of patching your content management system and the advantage we believe exists with Open Source content management systems versus those offered by proprietary systems.

At the time of writing I had no idea of the relevance it had with an issue identified within the Drupal Content Management system. On the 15th October 2014 the Drupal security team released a security patch for a fairly serious vulnerability they had identified, details available here:

The threat allowed a hacker to take control of Drupal website and potentially access content and utilise functionality that exists on the site for their own purposes.

The notification itself has caused considerable discussion within the Drupal community as not only did it alert webmasters, site administrator and developers to the need to patch, it also alerted would be hackers to the potential vulnerability. As a result there was a 7 hour window established within which a Drupal site had to be patched before it was fairly certain it had been hacked. For many this window was too short and as a result further remedial effort was required to ensure the integrity of the Drupal website.

At Koda we managed to patch all sites in our care within this window, unfortunately not everyone was able to do so.


One of the chief concerns raised was that by sending the security notification it alerted hackers to the vulnerability, I don't believe there was any choice. The issue was found by the team, a patch developed and the communication sent. If they hadn't found it and notified us it could have been exploited by a hacker without us being aware. I believe the real issue the event has raised is the need to partner with a developer and hosting company that can proactively monitor the security patches released by the Drupal team and to ensure the sites in their care are regularly patched.

The Drupal security team have an alerting service available, you just need to register on the website and subscribe to the security notifications.

This is a great example of the benefit of using an open source content management system for your website that has  large community of developers supporting it and a dedicated security team reviewing it 24x7. Drupal has a large dedicated team of contributors, we all work actively to ensure the platform remains as stable as possible.

I'm not sure how easily an issue such as this would have been identified and resolved on a proprietary content management system, where financially and logistically it is not viable to proactively review code within the application.  


What it does reinforce however is that once your website is built there is still an ongoing requirement to proactively assess the state of the environment, apply updates as required, and definitely to apply security patches as they become available.

To find out more about the Koda support offering check out our Drupal support page, or contact us and a member of out team will be happy to discuss support options.

Koda - Web made easy

Have any Questions? We can help you today.   Send Us An Email