1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Reply to: Bullet Proof CMS system. (Literally!)

Collapse

You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:

  • You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
  • You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
  • If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.

Previously on "Bullet Proof CMS system. (Literally!)"

Collapse
  • bobspud
    replied
    Originally posted by Sysman View Post
    There are tools like Octopress out there which don't use any PHP at all, instead producing totally static code. No integrated search engine, but there are other tools for that.

    Octopress is probably not the right tool in its out of the box form, since it involves CLI stuff, but I imagine with some front end wrappers it could be made quite user friendly. It also has code for Twitter and all the other social stuff, but that's easy enough to comment out.
    Thanks. i will take a look at it. i am not affraid of cli's I grew up in unix land. It's the pluggins that concern me, because they are a high risk.

    Leave a comment:

  • Sysman
    replied
    Originally posted by bobspud View Post
    I certainly don't want to get them in a situation where they get hacked becasue the PHP sucks.
    There are tools like Octopress out there which don't use any PHP at all, instead producing totally static code. No integrated search engine, but there are other tools for that.

    Octopress is probably not the right tool in its out of the box form, since it involves CLI stuff, but I imagine with some front end wrappers it could be made quite user friendly. It also has code for Twitter and all the other social stuff, but that's easy enough to comment out.

    Leave a comment:

  • b0redom
    replied
    If it's just for file storage, then you need to _tell_ them not to use CMS. VPN is really the best way forward.

    Leave a comment:

  • bobspud
    replied
    Originally posted by b0redom View Post
    Really depends on what you're doing and who for, and the sensitivity/classification of the protected documents. If I were in your position I wouldn't connect it directly to the Internet, I'd use either a VPN or private key based SSH port forwarding via a bastion host.
    Thats kind of what I was thinking. I am also of the mind not to use CMS because the sort of people they are dealing with are not going to take getting hacked in light humour. Its a well paying bit of work however the risks are very high.

    Leave a comment:

  • b0redom
    replied
    Originally posted by bobspud View Post
    A mate has some dicy chaps that need a website for storing sensitive documents while they are working abroad. I really don't think that a normal CMS is what they need, and I certainly don't want to get them in a situation where they get hacked becasue the PHP sucks. Normally I would make the site two different things and have a web site for clients and a private mega secure FTP server for client documents... But they want to combine the sites...

    What is the tightest CMS out there today? I don't want to get shot dead...
    Really depends on what you're doing and who for, and the sensitivity/classification of the protected documents. If I were in your position I wouldn't connect it directly to the Internet, I'd use either a VPN or private key based SSH port forwarding via a bastion host.

    Leave a comment:

  • bobspud
    started a topic Bullet Proof CMS system. (Literally!)

    Bullet Proof CMS system. (Literally!)

    A mate has some dicy chaps that need a website for storing sensitive documents while they are working abroad. I really don't think that a normal CMS is what they need, and I certainly don't want to get them in a situation where they get hacked becasue the PHP sucks. Normally I would make the site two different things and have a web site for clients and a private mega secure FTP server for client documents... But they want to combine the sites...

    What is the tightest CMS out there today? I don't want to get shot dead...
    Tags: None

Advertisers

  1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
Working...
X