Wordpress CMS for For Websites or Blogs
WordPress has evolved substantially especially for its “Back-Office” CMS functionalities which are elegant, well structured, highly customisable and User-Friendly. It can be used for Blogs, Business Websites, and E-commerce.
The WordPress project, begun long time ago, in 2003, and has grown to be one of the largest hosted Web tools in the world. WordPress has become a mature and stable product that benefits from a substantial developer community. It is an excellent semantic publishing platform tool, combining aesthetics, web standards, and usability. WP is an Open Software delivered under GPLv2+.
For Users not knowing web coding and wishing to remain independent in managing dynamic content, WP can be one solution to have a good result at a reasonable price (compared to custom Web development). Nevertheless, a good Front-End development may require intensive work and good knowledge in programming languages such as PHP / MySQL / HTML / CSS / JS.
The WP community constantly updates the core software. Many available themes and plugins can be downloaded directly online from the CMS itself. Nevertheless, like any other CMS, maintenance and monitoring of the software is required to perform regular updates (including security patches).
The WorPress community organise regular WordCamps with well known guests. See WordPress TV.
Security in WordPress
Because of its popularity millions of websites are todays online. When a Open Tool became popular hacker and botnets are always on the lookout for attacks. Recently, even if the WP Community takes security issues very seriously, a lot of XSS attacks (Injections) have taken down thousands of websites. Since the WP CMS is growing every day, hackers will always try to attack in order to insert malicious code to corrupt your core files or your database (by injections).
Unfortunately, regular updates of the core system and related plugins today is not sufficient. Depending of the kind of hosting service you have, several mesures must be taken to avoid this kind of attacks.
Potential security issues may arise if none of the basic security precautions aren’t taken by the webmaster. Therefore maintenance and monitoring of any online website must be done on a regular basis.
These articles will give you some advices for making your WordPress website more secure:
- Hardening WordPress (Server and Files)
- WPScan Vulnerability Database
- OWASP WordPress Security Guideline
The most popular attacks are:
- Cross-site Scripting (XSS) attacks.
- SQL Injections.
- Filesman backdoor.
- .htaccess Hacking.
- PHP malicious code injection.
- And many more.
A WP developer must take into account all these parameters to secure any website at best. Moreover, patches and updates must be applied regularly (Server side and Front side). And old PHP version can become quickly obsolete and have many functionality corrupted. Plugin must be chosen carefully because no sustainability is guaranteed.
ARTELABS provides maintenance and monitoring services for all the sites it develops and which are hosted on its servers.
Approximate WordPress Development Process
Tests and Optimisations
ADVANTAGES USING WORDPRESS
- Open-Source Free software and Multi-Platform (Web Application)
- Community developers assure better innovation and higher security
- Universal access. Users are not locked in to using a single vendor’s system
- Developers can modify and adapt the software for their own business requirements
- Front-End completely separated from the Back-End in order to perform updates without touching at the Core System
- It has proven sustainability because it evolves and has not stop since 2003
DISADVANTAGES USING WORDPRESS
- Because there it is not a commercial product, many Plugins (“Widgets”) and Themes (“Templates”) can tend to evolve more in line with developers that wish to advertise their work. This is the case when you have plugins developed by real experts (pro).
- Some “plugins” may contain annoying Embedded-ADS or tracking scripts for the developer statistic purposes.
- No guarantee of sustainability of the available Plugins. Some may contain critical vulnerabilities related to security, bugs or malfunctions. When a plugin become obsolete it must be replaced by another one compatible.
- Although WordPress software is itself mostly free, there may still be some indirect costs involved, such as need for external support. That is why ARTELABS provides maintenance and monitoring for all WordPress it develops.
- Although having an Open System means there are many people identifying bugs and fixing them, it also means malicious users can potentially view the code and exploit vulnerabilities. The WordPress community is in charge of validating available plugins.
- Because of the way it has been developed, Open-Source software can require more technical know-how than commercial proprietary systems. That is why a developer is always useful, especially for customisation or Ad-Hoc extensions.