Hello There, Guest! Login Register
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5

To CMS or not to CMS that is the question!

#17
Joomla is actually very customizable; you just have to know enough PHP and HTML to build a site template. From there, it's up to you how it works, is laid out and functions.

The issue about security with any CMS as previously hinted is in the fact that many developers are clueless about security, and you're trusting them by adding their product to your site.

Example: I had a client a few years ago, on a CMS, who added a Component of a particular flash gallery so they could add photos to their site in a fancy slideshow. This components, while looking pretty on the front end, had a nasty issue: the upload form that the admin used to add photos was easily exploited. A bot could scan the site and find the component in use, then use that form's POST abilities to save files to the server. Why is that scary? The server is of course the same server of the main web site. So the bot that affected my particular client was able (and did) to overwrite all PHP files on the site with "You've been hacked" style messages. Luckily, I keep a backup of my clients' sites every hour... so we were able to have them back up and running instantly, removed that component and told them to be more careful.

Unless you learn to code things yourself, you simply have to be extremely selective about what components you choose to add to your site. Don't tinker on a live site. Setup a test site on a separate user (without file access to your real site) and do your testing there. Put it behind htpasswd so even if bots were to try and scan it, they couldn't. And then when you find components you want, add them to your main site after testing. But never forget, you're trusting that app's developer with all your data on the site.
Robbie Ferguson // The Bald Nerd

Did I help you out? Appreciate what I do? Please consider saying thanks:
 Reply
 
Messages In This Thread
To CMS or not to CMS that is the question! - by ajamison - 03-18-2012, 10:23 PM
RE: To CMS or not to CMS that is the question! - by Robbie Ferguson - 03-19-2012, 12:35 PM
RE: To CMS or not to CMS that is the question! - by ajamison - 03-19-2012, 01:14 PM
RE: To CMS or not to CMS that is the question! - by Robbie Ferguson - 03-19-2012, 04:18 PM
RE: To CMS or not to CMS that is the question! - by ajamison - 03-19-2012, 05:45 PM
RE: To CMS or not to CMS that is the question! - by tordeu - 03-20-2012, 07:26 PM
RE: To CMS or not to CMS that is the question! - by Garbee - 03-20-2012, 07:30 PM
RE: To CMS or not to CMS that is the question! - by Robbie Ferguson - 03-21-2012, 11:02 PM
RE: To CMS or not to CMS that is the question! - by Garbee - 03-24-2012, 12:09 PM
RE: To CMS or not to CMS that is the question! - by Robbie Ferguson - 03-25-2012, 07:30 AM
RE: To CMS or not to CMS that is the question! - by Garbee - 03-25-2012, 10:13 AM
RE: To CMS or not to CMS that is the question! - by Robbie Ferguson - 03-25-2012, 12:07 PM
RE: To CMS or not to CMS that is the question! - by ajamison - 03-25-2012, 04:06 PM
RE: To CMS or not to CMS that is the question! - by Garbee - 03-25-2012, 05:59 PM
RE: To CMS or not to CMS that is the question! - by ajamison - 03-25-2012, 07:32 PM
RE: To CMS or not to CMS that is the question! - by Garbee - 03-26-2012, 06:38 AM
RE: To CMS or not to CMS that is the question! - by Robbie Ferguson - 03-26-2012, 12:18 PM
RE: To CMS or not to CMS that is the question! - by chaslinux - 04-10-2012, 08:18 PM
RE: To CMS or not to CMS that is the question! - by Garbee - 04-11-2012, 09:23 AM
 
Forum Jump:

Users browsing this thread: 1 Guest(s)