1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Bullet Proof CMS system. (Literally!)

Collapse
X
1 to 6 of 6 Previous template Next
Collapse
Reply to Thread
  •  
  • Filter
  • Time
  • Show
Clear All
new posts
1 to 6 of 6 Previous template Next
    #1

    Bullet Proof CMS system. (Literally!)

    A mate has some dicy chaps that need a website for storing sensitive documents while they are working abroad. I really don't think that a normal CMS is what they need, and I certainly don't want to get them in a situation where they get hacked becasue the PHP sucks. Normally I would make the site two different things and have a web site for clients and a private mega secure FTP server for client documents... But they want to combine the sites...

    What is the tightest CMS out there today? I don't want to get shot dead...
    Tags: None
    #2
    Originally posted by bobspud View Post
    A mate has some dicy chaps that need a website for storing sensitive documents while they are working abroad. I really don't think that a normal CMS is what they need, and I certainly don't want to get them in a situation where they get hacked becasue the PHP sucks. Normally I would make the site two different things and have a web site for clients and a private mega secure FTP server for client documents... But they want to combine the sites...

    What is the tightest CMS out there today? I don't want to get shot dead...
    Really depends on what you're doing and who for, and the sensitivity/classification of the protected documents. If I were in your position I wouldn't connect it directly to the Internet, I'd use either a VPN or private key based SSH port forwarding via a bastion host.
    And the lord said unto John; "come forth and receive eternal life." But John came fifth and won a toaster.

    Comment

      #3
      Originally posted by b0redom View Post
      Really depends on what you're doing and who for, and the sensitivity/classification of the protected documents. If I were in your position I wouldn't connect it directly to the Internet, I'd use either a VPN or private key based SSH port forwarding via a bastion host.
      Thats kind of what I was thinking. I am also of the mind not to use CMS because the sort of people they are dealing with are not going to take getting hacked in light humour. Its a well paying bit of work however the risks are very high.

      Comment

        #4
        If it's just for file storage, then you need to _tell_ them not to use CMS. VPN is really the best way forward.
        And the lord said unto John; "come forth and receive eternal life." But John came fifth and won a toaster.

        Comment

          #5
          Originally posted by bobspud View Post
          I certainly don't want to get them in a situation where they get hacked becasue the PHP sucks.
          There are tools like Octopress out there which don't use any PHP at all, instead producing totally static code. No integrated search engine, but there are other tools for that.

          Octopress is probably not the right tool in its out of the box form, since it involves CLI stuff, but I imagine with some front end wrappers it could be made quite user friendly. It also has code for Twitter and all the other social stuff, but that's easy enough to comment out.
          Behold the warranty -- the bold print giveth and the fine print taketh away.

          Comment

            #6
            Originally posted by Sysman View Post
            There are tools like Octopress out there which don't use any PHP at all, instead producing totally static code. No integrated search engine, but there are other tools for that.

            Octopress is probably not the right tool in its out of the box form, since it involves CLI stuff, but I imagine with some front end wrappers it could be made quite user friendly. It also has code for Twitter and all the other social stuff, but that's easy enough to comment out.
            Thanks. i will take a look at it. i am not affraid of cli's I grew up in unix land. It's the pluggins that concern me, because they are a high risk.

            Comment

            Reply to Thread
            1 to 6 of 6 Previous template Next

            Advertisers

            1. Contracting
              1. General
                1. Brexit
              2. Business / Contracts
                1. Coronavirus Assistance
              3. Accounting / Legal
                1. Umbrella Companies
                2. HMRC Scheme Enquiries
                3. The Future of Contracting
                4. IR35 Reform
              4. Technical
              5. Welcome / FAQs
            2. Social
              1. Light Relief
              2. Social / Events
            Working...
            X