There are various CMS systems available out there, such as phpnuke, IPB
portal, VB portal and so on. Sure they are great, but they have a few
problems.
1) Not original
It's not really original to just slap a script on, make a few changes and boom, you have your very own site...that someone else coded. It's always more fun to put some work into your site and get a unique result out of fully custom code.
2) They have security flaws
Allot of these portals are known to have security flaws. PHP Nuke for example has quite a few, and so does vB Portal, and while I never heard of any for IPB portal, I'm sure it has some too.
3) Most likely to have known security flaws
Having security flaws is one thing, and not as dangerous as having known security flaws. Basically, anything can have a security flaw. Heck maybe this article system has one that enables people to give it GET queries to execute code on the server (I highly doubt, don't bother trying) but it's not as dangerous as a known flaw in say, PHP Nuke. Because these systems are used by many people, and available to download by anyone, security flaws are more known, and can easily be found and targeted.
By making your own CMS system, you will minimize the chances of having security flaws (it will most likely be less complex, as it will be made simply for your very own needs), you will minimize the chances of script kiddies finding flaws, and you will make your site much more original. Script kiddies won't really be able to know how the back end of the site operates, because it's completely your own code, so if there are security flaws they will be nearly impossible to find without putting a bunch of noticeable stuff in your logs that will enable you to catch attempts at trying various things, before they have a chance to find a way in (most likely).
Another good security-related reason to make your own CMS is that you be much more familiar with it's code structure, because you made it.
In this article we'll go through the process of creating a very simple content management system. It will feature the following:
- Certain pages only viewable by registered members
- User can log in and out
- Ease of template editing - header, footer will separate from actual pages
While this will be a very simple CMS, it will give you an idea how you can make one, and add on more features from there, such as different permissions per user, email registration validation etc...
On the post we'll take a look at the process of loading a CMS page from this basic system.
1) Not original
It's not really original to just slap a script on, make a few changes and boom, you have your very own site...that someone else coded. It's always more fun to put some work into your site and get a unique result out of fully custom code.
2) They have security flaws
Allot of these portals are known to have security flaws. PHP Nuke for example has quite a few, and so does vB Portal, and while I never heard of any for IPB portal, I'm sure it has some too.
3) Most likely to have known security flaws
Having security flaws is one thing, and not as dangerous as having known security flaws. Basically, anything can have a security flaw. Heck maybe this article system has one that enables people to give it GET queries to execute code on the server (I highly doubt, don't bother trying) but it's not as dangerous as a known flaw in say, PHP Nuke. Because these systems are used by many people, and available to download by anyone, security flaws are more known, and can easily be found and targeted.
By making your own CMS system, you will minimize the chances of having security flaws (it will most likely be less complex, as it will be made simply for your very own needs), you will minimize the chances of script kiddies finding flaws, and you will make your site much more original. Script kiddies won't really be able to know how the back end of the site operates, because it's completely your own code, so if there are security flaws they will be nearly impossible to find without putting a bunch of noticeable stuff in your logs that will enable you to catch attempts at trying various things, before they have a chance to find a way in (most likely).
Another good security-related reason to make your own CMS is that you be much more familiar with it's code structure, because you made it.
In this article we'll go through the process of creating a very simple content management system. It will feature the following:
- Certain pages only viewable by registered members
- User can log in and out
- Ease of template editing - header, footer will separate from actual pages
While this will be a very simple CMS, it will give you an idea how you can make one, and add on more features from there, such as different permissions per user, email registration validation etc...
On the post we'll take a look at the process of loading a CMS page from this basic system.
Thanks for the information.
ReplyDelete