CMS

Content Management System Categories

When we visit sites we often don't consider the file structure and how the files are managed by the developers. However these Content Management Systems can open up several vulnerabilities to what may have been an otherwise secure webserver.

A CMS is a tool that was originally designed to allow you to easily manage the hundreds or thousands of files that may make up your website. For example if you want to change the font on every webpage in your site, rather than manually editing that in every CSS file you have, the CMS can do that for you. The web developer would pick the font from a GUI dropdown and let the changes propagate. Over time these have grown to be full on website building engines with feature rich plugins to let you go from no site to a modern e-commerce website all without typing a line of code. (although most developers will)

Every Plugin added to a CMS adds another vulnerability vector that will have to be managed and patches as POCs and Exploits are discovered for them.

3 Most Common CMS:

WordPress
Drupal
Joomla

Many WebApps and Flat File sites will not use CMSs as they are a one time setup or too small to make a CMS worth wile.

PreviousSSL Cert Generation NextWordPress

Last updated 2 years ago