Russ Harvey Consulting - Computer and Internet Services

Content Management Systems

“Do-it-yourself” Websites and Blogs

Content Management Systems include blogging software.

CMSs Mask Technology | Security Concerns | Technical Considerations

CMS: A Generic Term

Content management system (CMS) is a generic term applied to “do-it-yourself” web design software.

WordPress is a CMS

Most people aren't familiar with that terminology but they have heard about the world's most popular platform: WordPress.

WordPress was originally developed as a blogging platform but since then it has been widely used to develop websites.

Using CMSs

CMSs provide the framework to post content on a blog or website without having to learn markup languages like HTML or CSS (the backbone of the Web).

Instead, they provide a graphical interface similar to word processing programs:

The WordPress blogging interface is an example of how a CMS appears to the end user

More recently, WordPress has moved to a block editor.

Instead of worrying about the alignment and organization of text, quotes, and images, now every element on a post or page has its own block — and you can focus on creating.
— WordPress Support

The Development Stage

Most clients hire someone to build a CMS-based blog or website, then manage changes to the content.

Some develop their own blogs or websites using templates that are either free or purchased.

CMS Software by Platform

W3Techs compare the market share of CMSs of the top 10 million websites:

The rest of the market share is spread across nearly 200 CMSs.

The CMS Structure

Essentially there are three aspects to the design and maintenance of a CMS system:

  1. the overall framework;
  2. the customization of the format and layout (template); and
  3. the content.

This is augmented by plugins and other addons that provide specific functions:

  • automatically listing recent content;
  • managing spam in comments;
  • emailing or posting updates to your blog to social media; and
  • generating forms or other interactive content.

The CMS Framework

Both blogs and websites can be built and managed using a CMS framework.

CMSs work best where the format and layout are simple and unlikely to change which is why they work so well for blogs.

The overall structure is generally designed by a team of software specialists. They need to provide the framework to interpret the way the CMS integrates and interacts with the Web.

This CMS framework also has to have the ability to manage and interpret templates. This is what makes the CMS customizable.

Templates & Plugins

The next step is the creation of templates and plugins that follow the particular CMS's framework and rules. In this manner the user can import a customized “look and feel” that can be changed without altering the actual content.

Different CMSs use different terminology. These customizations can be called themes, plugins or addons.

Content

The end user is now able to enter content in posts and customizations to generate an unique and distinctive blog or website. If the template they've chosen isn't quite right they can experiment with others knowing that they won't lose their content.

This last part is compelling to users. Many don't have the skills or the funding to hire someone that can develop a professional site. Instead, they use a free (or premium) template.

CMS Load Times

CMSs save content like blog posts or web content into a database (an organized collection of data).

When someone views your blog or website, that content is pulled together by the CMS template then modified by plugins and other content.

This is both an advantage and a weakness.

Content Separated from Layout

The fact that the content is contained in a database allows you to change the structure of the site or blog without altering or destroying the content.

Slow Loading Penalized

However, it also requires the computing power to generate this content on the fly. When the Internet or the CMS service are busy, this can take too long and you may lose site visitors.

Google will simply start holding your website's poor performance against you very soon. Its motive is to put the most relevant, highest-quality content front-and-center for their users.
Media Temple

Google's PageSpeed Insights shows a clear overhead with many WordPress sites:

CMSs can have a significant overhead if not optimized.

If you're going to opt for WordPress or another CMS, you need to build it for efficiency.

Return to top

CMSs Mask Technology

The main advantage to CMSs is that they allow you or your staff to update online content without any technical knowledge.

Few Understand Web Technology

Unfortunately, most people working with CMSs don't understand the process.

Since that fateful day when the idea [that people could manage their own websites] was first pitched to the public, we've seen a stampede of low quality sites emerging. They probably weren't always low quality sites, but I think you will find that, in general there is a direct proportional relationship between the decline in the quality of a site and the amount of time that the site owner has been self-managing it.
9 reasons you should never use a CMS.

You shouldn't blame the designer, but you probably will.

Hidden Costs

If your blog or website is representing a business or organization, you might want to rethink the hidden cost of doing it yourself.

  • You need to learn how to manage the CMS environment.
  • You may not be able to maximize the effectiveness of your website.
  • Technical aspects can be masked, but they exist for a reason.
  • Customizing templates involves additional developer time and fees.
  • Customizations and plugins may require annual subscriptions.
  • CMS-based sites tend to be larger and dependent upon databases which can be corrupted.

High speed Internet and better hardware allows us to deal with bigger file sizes and inefficient content, but Google may penalize your site.

If you're seriously considering a CMS-based site, we should talk.

Call Now

 

Return to top

Security Concerns

Security is an important aspect of maintaining any site because the Internet is very accessible from anywhere.

The average user doesn't understand the CMS they're using nor the technology being masked. Poor choices can make it dangerous to your site visitors.

A vulnerability in the CMS software or the template or the plugins you're using will affect your site or blog security.

Miscreants are also actively targeting content management systems. In recent editions of the Trustwave Global Security Report, we discussed how popular content management systems (CMSs) represent potentially lucrative targets for attackers.

 

When they discover a significant weakness in a widely adopted CMS, it places every installation of that CMS at risk for exploitation, not only before the fix is available but also for considerable time afterward. Attackers use automated tools to find CMS installations to target.
— Trustwave Blog

Password Failures

Poor password hygiene is dangerous in any web-based service, including hosted CMSs.

Weak passwords or security can make your site susceptible to being hacked.

  • Being part of a data breach could destroy your credibility.
  • You could be liable for damages if your site is used to attack other sites.

Not only is your login freely accessible anywhere in the world, but the user name is often your email address.

A unique long and strong password will provide the best protection for your site.

Updates Can be Confusing

Updates to your CMS software can be a headache.

This includes not only any new CMS releases or security updates but also the templates and plugins you've used to enhance your site.

What If Something Goes Wrong?

If the process doesn't go as expected the documentation is usually technical.

If the CMS vendor stops supporting your CMS template or plugin, you'll no longer get security updates. You will need to seek out safer alternatives.

WordPress Vulnerabilities

Various vulnerabilities are often reported for WordPress and its various plugs. However, these are generally fixed with updates.

WordPress is, by far, the most popular way to build a website. That popularity has the unfortunate side effect of also making WordPress sites a juicy target for malicious actors all across the world. And that might have you wondering whether WordPress is secure enough to handle those attacks.

 

Hackers aren't getting in due to vulnerabilities in the latest WordPress core software. Rather, most sites get hacked from entirely preventable issues, like not keeping things updated or using insecure passwords.
Kinsta Blog

Unfortunately, many CMS users build their blog or website then forget to check for updates to the CMS itself.

Maintenance Contracts

Maintenance contracts allow you to ensure your CMS security updates are performed for the best possible price.

If you're seriously considering a CMS-based site, we should talk.

Got Questions? Call Now!

 

Site Need Updating?

Don't struggle with updating your site.

Get professional help.
Call Now

Technical Considerations

If you break the CMS layout, it can be very expensive to restore and you may lose your customizations.

CMSs Load Slower

CMS sites tend to be larger than hand-coded websites, resulting in longer load times.

Unlike a bricks and mortar store, your competition is merely a click away (and probably listed next your site in any search results).

Malformed Links

People tend to assume that the CMS software will interpret links the way a modern browser does by filling in the missing information (e.g., the https:// portion). That isn't true.

Relative & Absolute Links

You need to understand how the Web (and your CMS) handles relative, absolute and root-relative links.

  • Relative links are relative to the current directory:
    agm.html
  • Absolute require a FULL site address:
    https://mysite.com/agm.html
  • Root-relative links are relative to the root of the site:
    ../reports/agm.html

Note: while the addresses may appear to be split between lines in the examples above they are intended to display with no spaces.

Errors are Common

Common errors include entering only the domain where an absolute address is required.

This would be interpreted as a relative link and cause unexpected results.

For example, entering bing.com for a link would be interpreted as https://mysite.com/bing.com.

Not finding bing.com on the site, the server would return an error.

Fixing Errors Costly

I find that I spend more time fixing errors like these than I would have done when simply adding the original content in a hand-coded website.

Maintenance Contracts

Maintenance contracts give you the best possible price.

Related Pages

These other pages discuss the various aspects of designing a site:

 

Return to top
russharvey.bc.ca/cms.html
Updated: March 26, 2022