CMS customisation | ELbuild

CMS

CMSs are powerful tools that can be used to create websites and e-commerce quickly. That being said, over time, our experience has led us almost entirely to move away from this type of solution.

What is a CMS?

Open source tools for website creation and content management

A CMS (Content Management System) is a ready-made software tool designed to facilitate the management of a website's content, releasing people from requiring the technical knowledge of web development to work with this content. Following installation and the initial configuration, the majority of operations required to create and update web content can be carried out through a dedicated user interface without having to touch the system code. In addition, there are now numerous free or fee-based themes that allow you to establish the graphics and structure of a new website rapidly.

WordPress and Magento are currently the two most popular CMSs and are used respectively for the creation of "showcase" and e-commerce websites.

When do we use a CMS?

Showcase websites or simple e-commerce websites

A CMS is usually the first choice in situations requiring common functional elements (showcase websites or B2C e-commerce websites for retail products) or in those cases where a private individual or a small company wants to proceed independently. The latter might possess minimal technical knowledge and not have the budget or the time necessary to rely on a specialised company. A popular choice in these cases is to rely on an open source CMS and configure it to suit your needs.

The advantages of a CMS

CMSs offer the advantage of speed and simple tools for creating content.

A product like WordPress unquestionably allows you to get a new website online quickly. It isn't difficult to achieve a pleasing and professional appearance, especially with the acquisition of a pre-designed theme. There are different types of themes that are already specialised for shops, professional studios, businesses, etc. These types of tools allow maximum flexibility regarding the site map of a website, allowing you to easily add new pages, sections and menus. The WordPress editor is among the most advanced to date and allows you to create articulated pages, with multimedia content and a fair amount of control over graphics-related aspects, even without in-depth knowledge of HTML and CSS.

The disadvantages (and risks) of a CMS

An apparently easy solution that features hidden pitfalls.

The most obvious problems with this type of solution are the difficulties in expanding the website and the lack of security.

WordPress is probably the right solution if you wish to publish a website online very quickly and allow the content to be updated by a non-technical person. However, don't make the mistake of thinking that adding additional features immediately or at a later time will be as straightforward. While there are many plugins made available by the community, and some are really well done and easy to insert and configure, the plugins are designed and built in a certain way. It isn't easy to make plugins function in a different way, despite it "resembling" what you wish to achieve. Furthermore, if you use a small number of targeted plugins to create well-defined features, these work very well, but if you assemble several different plugins together, these can create conflicts and lead to complicated situations that are difficult to debug .

The construction of ad hoc plugins is always a possibility and not complicated. However, if you plan on designing plugins with a structured and complex logic, selecting a CMS might not be the most suitable option, and you'd do better to evaluate the creation of a tailor-made system.

Moreover, the security aspects should not be underestimated: an open source product is not inherently less secure than a commercial product. On the contrary, community exposure allows you to find any faults more quickly and resolve them promptly. However, quickly applying every update or patch released is essential; otherwise, widely known and easily exploitable flaws are exposed. The presence of any plugins complicates the situation even more because these may not be updated with the speed with which the core is maintained and, therefore, constitute an easy access point for an attacker. Furthermore, the possible presence of outdated plugins can also cause problems with the core updates, which could cause these plugins to stop working

.

CMS technologies

Server-side generation of web pages

Most of the CMSs widely used today (WordPress, Magento, Drupal, Joomla, etc.) are based on a LAMP stack that is formed by Linux, Apache, MySQL and PHP. These technologies are easily found in free or low-priced hosting services and are, therefore, an excellent choice in situations where you want to build your website independently. However, if this stack could have been a valid alternative to enterprise stacks a few years ago (at least in a certain number of situations), nowadays, the server-side page generation technology is largely outdated, and all its intrinsic limitations are emerging. Consequently, the technological aspect shouldn't be underestimated when choosing a tool of this type.

Our approach to CMS

A story that evolves over time

We owe so much to these types of tools; they allowed us to meet the demands of our clients in the past when our team was smaller and less experienced. Over the years, we've gained a fair amount of experience in configuring and customising these products, as well as creating ad hoc plugins to implement new features and integrating these systems with third-party services or systems designed by us.

Nevertheless, it was precisely our in-depth knowledge of these technologies that led us to understand that they are not currently the most suitable tool to implement the projects we carry out. Over time, the birth of new technologies, the limits of CMSs and security problems have pushed us to almost always opt for different types of systems.

Especially with regard to the Magento CMS, a situation has arisen linked to version transition in which there are numerous plugins available for the old version, which has become obsolete and unsecure, while the new version lacks features (see our e-commerce solutions here).

It goes without saying that we don't necessarily want to reinvent the wheel continuously. In fact, sometimes the use of a CMS is the best solution, but our typical customer usually presents us with requirements that, in order to be satisfied with this type of tool, would lead to excessive forcing and suboptimal work.

When do we use CMSs?

Sometimes there is no need to reinvent the wheel.

There are some specific cases in which we still use CMS-type solutions, taking advantage of these products' editing and content management capabilities and integrating them with ad hoc plugins created with state-of-the-art technologies.

One such case is when advanced features have to be integrated into existing websites, with a structure and editing processes such that it becomes disadvantageous to reimplement them with different technologies.

In general, a choice of this type is made where the content management component is strictly necessary and not divisible from the rest of the features.

In particular, we've developed a solution based on WordPress in synergy with Vue. This pair of tools allows us to create plugins that leverage client-side technologies and allow us to connect to the logic provided by an API while residing in the pages of the CMS, taking full advantage of the potential of the two worlds.

Malware removal and CMS remediation

Services for victims of an attack on a CMS.

Sometimes the presence of unresolved vulnerabilities, especially in the case of outdated systems, translates into the possibility for malicious users to carry out attacks aimed at stealing data (emails, orders, personal data), compromising the security of your website by inserting it into a botnet or other networks or simply damaging its user interface. In these cases, the only solution is to rely on a developer with cybersecurity skills able to clean up the code and remove its vulnerabilities.

We work with various processes on a case-by-case basis; there is no one solution that fits all cases. We have successfully recovered Drupal instances affected by the Drupageddon vulnerability, Magento websites compromised at the admin level and WordPress websites that were defaced due to one or more vulnerable plugins.

Migration from a CMS solution

Switch to a more modern solution without losing your data.

Considering the widespread use of CMSs in the past, it isn't uncommon to find situations in which companies that implemented web services using this type of solution want to switch to a different technology. In these cases, one of the company's concerns is to preserve their current data and possibly restore it on the new system. Let's consider an e-commerce website, for example, which sometimes involves the enormous task of creating a product catalogue; we certainly don't want all that hard work to go to waste.

In these cases, our solution doesn't only involve the design of a new system incorporating the new requests with all the features present on the old website; we also conceive a way to migrate data to avoid losing any of the work carried out.