Considering CMSMS for pro-bono charities

General project discussion. NOT for help questions.
Post Reply
jefferis
Forum Members
Forum Members
Posts: 11
Joined: Tue Jun 02, 2009 2:31 pm

Considering CMSMS for pro-bono charities

Post by jefferis »

Hi folks, I normally develop in Wordpress for my paying clients but I have recently been asked to do some work for local charities who have little money or need to better spend what they do have on those in crisis. Anyway, lookin for a cheaper alternative. For WP I always buy all the security features I can, which drives up the cost quite a bit.
So my question is: how secure is CMSMS and how easy is it to use for non-techies? They will be posting and updating.

While I'm at it, is there a plugin feature to allow posts / pages to go automatically to social media, similar to Jetpack does for WP ?

thanks in advance
Jeff
User avatar
DIGI3
Dev Team Member
Dev Team Member
Posts: 1609
Joined: Wed Feb 25, 2009 4:25 am
Location: Victoria, BC

Re: Considering CMSMS for pro-bono charities

Post by DIGI3 »

These questions are all a bit subjective, but here's my two cents.

CMSMS itself is quite secure. The majority of vulnerabilities get fixed fairly quickly, so keeping your install up to date is essential (this could probably be said for any software, really).

As far as I know, the only unpatched vulnerabilities in the current version are those with little to no real world impact. We get "critical vulnerability" reports nearly every day that a user with admin credentials could insert some malicious code. In some cases this could result in privilege escalation, but the admin area is intended for trusted users, with the permissions system being more for convenience than strict security.

There aren't any major security plugins for CMSMS (like WordFence for WP) for a few reasons. One is simply that it's not a big enough product to warrant the attention from developers looking to sell a plugin, or from hackers looking for sites to take over. Because of this, responsibility of securing your website does require a bit of effort from the developer/server administrator. Using the supplied htaccess and your host's recommendations is typically enough, but hiring a competent server administrator for sensitive sites wouldn't hurt.

As for your question about ease of use for non techies: our goal is to make it easy to use for the site owner (content editor) while powerful for the developer. You do need to be somewhat of a techie to make a site in CMSMS - it's not hard, but it's not necessarily as easy as a sitebuilder product. There are some themes available, but for a semi-competent developer with html & css knowledge and a will to learn some Smarty, I've never seen a platform that's easier to make a powerful site.

There are a few social media modules but I tend to just use https://ifttt.com/

TL;DR: CMSMS is easier to create a fully custom site. WP is probably easier if you're wanting to use premade themes and plugins.
Not getting the answer you need? CMSMS support options
Post Reply

Return to “General Discussion”