What is a CMS? | CMSs Mask Technology
Security Concerns | Site Maintenance
Content management system (CMS) is a generic term applied to “do-it-yourself” blogging and website software.
Most people aren't familiar with that terminology but they have heard about the world's most popular platform: WordPress.
WordPress was originally developed as a blogging platform but since then has been widely used to develop websites.
CMSs provide the framework to post content on a blog or website without having to learn markup languages like HTML and CSS (the backbone of the Web).
They use a graphical user interface similar to word processing programs:
WordPress has now moved to a block editor.
Instead of worrying about the alignment and organization of text, quotes, and images, now every element on a post or page has its own block — and you can focus on creating.
— WordPress Support
Without understanding the concepts of web design and how websites work behind the scenes, it is difficult to develop a decent website on your own.
Most people hire someone to build a CMS-based blog or website, then manage changes to the content although some use free or purchased templates to build on their own.
My experience has been that few continue working on their own. Unless they are technically inclined, they find the learning curve too steep or run into problems they cannot resolve.
There are dozens or hundreds of CMSs, but WordPress is by far the most popular:
WordPress is used by 43.4% of all the websites, that is a content management system market share of 62.5%.30.5% of the websites use none of the content management systems that we monitor.
— W3Techs
Essentially there are three aspects to the design and maintenance of a CMS system:
This is augmented by plugins and other addons that provide specific functions:
Both blogs and websites can be built and managed using a CMS framework.
CMSs work best where the format and layout are simple and unlikely to change. This is why they work so well for blogs.
The overall structure is generally designed by a team of software specialists. They need to provide the framework to interpret the way the CMS integrates and interacts with the Web.
This CMS framework must have the ability to manage and interpret templates. This is what makes the CMS customizable.
The next step is the creation of templates and plugins that follow the particular CMS's framework and rules. In this manner the user can import a customized “look and feel” that can be changed without altering the actual content.
Different CMSs use different terminology. These customizations can be called themes, plugins or addons.
The end user is now able to post content and customize the site to generate an unique and distinctive blog or website. If the template they've chosen isn't quite right they can experiment with others knowing that they won't lose their content.
This last part is compelling to many users. They have neither the skills nor the funding to hire someone that can develop a professional site. Instead, they use a free (or premium) template.
CMSs save content such as blog posts or web content into a database — essentially an organized collection of data.
When someone views your blog or website the CMS pulls together that content “on the fly” using the CMS template which then modifies the content using style sheets, plugins and other variables.
This is both an advantage and a weakness.
The fact that the content is contained in a database allows you to change the structure of the site or blog without altering or destroying the content.
It also makes it possible to refer to any page by a single identifier after the domain:
yourdomain.com/staff
rather than the typical website address:
yourdomain.com/staff/index.html
CMSs require a lot of server computing power to generate this content in “real time.”
Usually this includes a huge chunk of styling markup at the top of each page to define general layout and style followed by styling information on every line:
A leaner page emerges if the style content is moved to an external style sheet which is loaded once per session for the whole site:
That example assumes that the paragraph style is defined in the external style sheet.
If specific paragraph styles are required you can refer to a specific class (e.g., “margin”) included in that external style sheet:
<p class="margin">Duis autem vel eum iriure dolor in hendrerit in vulputate velit esse molestie consequat.</p>
This is explained in more detail in Cut ’N Paste HTML
When the Internet or the CMS service are busy, CMSs can take too long and you may lose site visitors.
Google will simply start holding your website's poor performance against you very soon. Its motive is to put the most relevant, highest-quality content front-and-center for their users.
— Media Temple
Google's PageSpeed Insights shows a clear overhead with many WordPress sites:
If you're going to opt for WordPress or another CMS, you need to build it for efficiency.
The main advantage to CMSs is that they allow you or your staff to update online content without any technical knowledge.
Unfortunately, most people working with CMSs don't understand the process.
Since that fateful day when the idea [that people could manage their own websites] was first pitched to the public, we've seen a stampede of low quality sites emerging. They probably weren't always low quality sites, but I think you will find that, in general there is a direct proportional relationship between the decline in the quality of a site and the amount of time that the site owner has been self-managing it.
— 9 reasons you should never use a CMS.
You shouldn't blame the designer, but you probably will.
If your blog or website is representing a business or organization, you might want to rethink the hidden cost of doing it yourself.
High speed Internet and better hardware allows us to deal with bigger file sizes and inefficient content, but Google may penalize your site.
People tend to assume that the CMS software will interpret links the way a modern browser does by filling in the missing information (e.g., the https://
portion). That isn't true.
You need to understand how the Web (and your CMS) handles relative, absolute and root-relative links.
agm.html
https://mysite.com/agm.html
../reports/agm.html
Note: while the addresses may appear to be split between lines in the examples above they are intended to display with no spaces.
Common errors include entering only the domain where an absolute address is required.
This would be interpreted as a relative link and cause unexpected results.
For example, entering bing.com
for a link would be interpreted as https://mysite.com/bing.com
.
Not finding bing.com on the site, the server would return an error.
I find that it takes more time to fix errors like these than it would have if you'd paid me to add the content into a hand-coded website.
Get professional help.
Call Now
Security is an important aspect of maintaining any website because it is accessible from anywhere.
The average user understands neither the CMS they're using nor the technology being masked. Poor choices can make it dangerous to your site visitors.
Various vulnerabilities are often reported for WordPress and its various plugs. However, these are generally fixed with updates.
WordPress is, by far, the most popular way to build a website. That popularity has the unfortunate side effect of also making WordPress sites a juicy target for malicious actors all across the world. And that might have you wondering whether WordPress is secure enough to handle those attacks.Hackers aren't getting in due to vulnerabilities in the latest WordPress core software. Rather, most sites get hacked from entirely preventable issues, like not keeping things updated or using insecure passwords.
— Kinsta Blog
Many CMS users build their blog or website then forget to check for updates to the CMS itself.
A vulnerability in the CMS software, the template, or the plugins will affect your site's security.
Miscreants are also actively targeting content management systems. In recent editions of the Trustwave Global Security Report, we discussed how popular content management systems (CMSs) represent potentially lucrative targets for attackers.When they discover a significant weakness in a widely adopted CMS, it places every installation of that CMS at risk for exploitation, not only before the fix is available but also for considerable time afterward. Attackers use automated tools to find CMS installations to target.
— Trustwave Blog
Poor password hygiene is dangerous in any web-based service, including hosted CMSs.
Weak passwords or security can make your site susceptible to being hacked.
Not only is your login freely accessible anywhere in the world, but the user name is often your email address.
A unique long and strong password will provide the best protection for your site.
If you're seriously considering a CMS-based site, we should talk.
Call Now
If you break the CMS layout, it can be very expensive to restore and you may lose your customizations. WordPress and its plugins are frequently updated.
Updates to your CMS software can be a headache.
This includes not only any new CMS releases or security updates but also the templates and plugins you've used to enhance your site. If the process doesn't go as expected the documentation is usually technical.
If the CMS vendor stops supporting your CMS template or plugin, you'll no longer get security updates, requiring you to seek out safer alternatives.
Don't struggle with updating your CMS-based site. Maintenance contracts allow you to ensure your CMS security updates are performed for the best possible price.
The design process and the factors involved are laid out on these pages:
Return to top
russharvey.bc.ca/cms.html
Updated: September 14, 2024