- Joined
- Oct 7, 2014
- Messages
- 460
- Likes
- 684
- Degree
- 2
Edit: LOL at Wordpress. I am not going to say I told you guys so, but...
It does make you wonder what kind of bone-heads they hire there.
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
Edit: LOL at Wordpress. I am not going to say I told you guys so, but...
Worth what? What are you looking for here to warrant a switch to a new CMS?Would switching to another cms like Joomla etc be worth it?
Would switching to another cms like Joomla etc be worth it?
if you have WP, make no mistake, people are attempting to hack your site repeatedly, on an ongoing basis. It's not an if with WP, it is a when. That alone, especially from a business standpoint, is a massive risk.
Static Site = Flat File
Same thing, just different names. Hugo has a good degree of support, with a decent number of people actively developing it and contributing. The nice thing with Hugo is, the content is stored in Markdown files. Markdown is nice in that it's relatively simple and fairly universal for platforms that support it, so you're not really tied in to anything proprietary. WP has plugins for Markdown as well. The idea here would be, if you start using a more "portable" content format, it would be much easier to experiment with other CMS / static site generators. With a pure Markdown file, you could try Hugo. You could also try Jekyll. There are also a number of other CMS that it will work with as well.
I totally get your point, Darth, and I do agree much of the time. Time spent developing is often to the detriment of ROI-generating marketing efforts. The flip side of this, however, is when you are tied to a CMS that really demands that you maintain frequent updates to minimize security vulnerabilities, which correspondingly adds additional management overhead of ensuring nothing breaks in the process. On top of this, if you have WP, make no mistake, people are attempting to hack your site repeatedly, on an ongoing basis. It's not an if with WP, it is a when. That alone, especially from a business standpoint, is a massive risk.
Imagine living in a neighborhood where you know that it is pretty much guaranteed at least 1 to a few times per week, someone was going to attempt a home invasion on your house... Would you continue shoring up your defenses, hardening your home... Or would you just MOVE and bypass the problem entirely.
Why is wordpress targeted so much ? Is it because it's easy to hack and popular ? Any tips on how to reduce the chance on being hacked, without going too hardcore and spending weeks securing the site ?
It's a 5 minute job to secure Wordpress.
It's a 5 minute job to secure Wordpress.
It's a 5 minute job to secure Wordpress.
WordPress's biggest vulnerability is they let 3rd party users create plugins
IP restricted such that only my IP should be able to access the server
order deny,allow
deny from all
allow from <your ip>
<Limit GET POST>
GeoIPEnable On
SetEnvIf GEOIP_REGION CA AllowState
order deny,allow
deny from all
allow from env=AllowState
</Limit>
I'm going to weight in here and say I'd recommend something like Jekyll that generates static HTML pages. While, yes, generators do have access to the files themselves, using the generator on the server is not best practice and not how I'd recommend doing it. What normally happens is the generator "lives" locally on the machine of the marketer/developer (or a VPS somewhere). The static HTML files that are generated locally are normally checked into a git repo for both the version control capability and also to ease deployment. For deployment, there are various methods, but it's pretty much as easy as logging onto the server and just pulling the changes from the git repo (this is normally automated, lots of options out there). This makes deployment lightning fast as only the changes are being pulled across. The general rule of modern deployment is, if you have to use a SFTP program, you're doing it wrong.
I know this is easy in .htaccess if you've got a static IP
My ISP changes my IP often enough that I had to abandon this.Code:order deny,allow deny from all allow from <your ip>
But you got me thinking that this is doable with a little tweaking for people with changing IPs:
particularly when you need to delegate work to others and the CMS has a nice GUI.