Jump to content
xisto Community
inverse_bloom

Lightweight Cms For Blogging

Recommended Posts

Hi, does anyone know a secure lightweight CMS that is useful for for blogging and RSS functionality? I'm looking for something that is SEO friendly.?

Share this post


Link to post
Share on other sites

I suggest you to check out CMSMatrix if you want to check the features of CMS and lightweight CMS for your self.In my opinion, tumblr is one lightweight CMS but hosted on their server. You can try "Habari" as well. It is less cluttered CMS. Also do look for anti-spam plugin or feature in those CMS as you need it sooner or later.

Share this post


Link to post
Share on other sites

Thanks fellas,I looked at sNews CMS what a fantastic little CMS. The only problem is i coudn't determine if it would be secure enough for my needs. Habari looks like the better option, but i cant find any thing which details "how" SEO friendly it actually is. I presume because it is made by some of the same people who made wordpress, it would be pretty darn good for SEO concerns.

Share this post


Link to post
Share on other sites

Search for "Meta SEO" plugin for habari. While searching for SEO plugins on google i stumbled on that name. There is nothing about it in the wiki. So not sure from where to get that SEO plugin. You have to ask ito habari support or community for that.

Share this post


Link to post
Share on other sites

Actually ive tried getting habari working since i last posted, but to no avail. The main idea is the current Habari version 0.6.3 doesnt work on xampp 1.7.0 (as indicated in Habari forums). I have xampp 1.7.1 but i appear to have the same issue they describe. Theres not enough documentation to indicate how to get it up and running on xampp in a timely fashion so ill let it go. Apparently there is no issue running it of your web server and updating it, but that isnt a good solution and it doesn't suit me. I'll just go for Wordpress i think and find some tools to "lean" it up a bit.

Share this post


Link to post
Share on other sites

Although many things have said about CuteNews and how terrible it is/was, I'm still going to offer CuteNews as one of the lightest and one of the only flatfile CMS.

But, I know that CuteNews is no longer in development. And the forum and project leaders have moved on to newer, spinoff version of CuteNews called UTF-8 CuteNews http://jalu.ch/coding/utf8-cutenews/

They, UTF-8 CuteNews, claim higher security than CuteNews, majority or all of bugs worked out. I like the one upgrade UTF-8 made: login attempt block out. I wrote my own login ban for original CuteNews. I should have upgraded to UTF-8. However, I decided to keep CuteNews because of all the mods I insterted to CuteNews. I was told mods I installed to CuteNews most likely not work with UTF-8.

Share this post


Link to post
Share on other sites

sNews is very nice for a very simple and straight forward blog, but its theming and customization is the easiest. If all I want is a basic blog I would definitely go for sNews, customizations like adding bookmarking feature etc are not difficult to implement. I actually like this very much, because I can play and tinker with it as much as I want, still knowing exactly what I am doing and how and where the things flow in the script.I need to know, what are the various reasons wherein a script becomes insecure? As long as the admin and post creation urls are secured (hidden/unreachable by suspecting visitors), there shouldn't be any other means of them getting in, isn't it? Because I cant seem any other means of them getting in. It would be nice if someone could tell about the security issues.

Share this post


Link to post
Share on other sites

I need to know, what are the various reasons wherein a script becomes insecure? As long as the admin and post creation urls are secured (hidden/unreachable by suspecting visitors), there shouldn't be any other means of them getting in, isn't it? Because I cant seem any other means of them getting in. It would be nice if someone could tell about the security issues.

When using a database based script, the first insecurities are the username and password. But the second and sometimes most common are SQL injections. If a script/program is not written with all possibilities of exploiting the script and without their counter measures, your database can come to a halt, reveal information including passwords or crash the very server that's running your website--and when your "site" becomes compromised it can spread to others who are sharing your "server."

So, developers test and retest (debugging) scripts they wrote in hopes that security holes like that would not exist. But, when a script is free or virtually exists for end user's pleasure (the programmers gain nothing) generally, the program will have many security holes and it will not be patched up.

Some quick searches...

http://forums.xisto.com/no_longer_exists/

you can have unauthorized access to admin password reset feature and other ones,after that you can upload a php file and launch commands


function notification($error, $errNote, $link) { $errNote = !empty($errNote) ? '<br />'.$errNote : '';
echo '<h2'.(!empty($error) ? ' class="error">'.l('admin_error').'</h2><p>'.$error.$errNote.'</p>' : '>'.l('operation_completed').'</h2>');
echo (!empty($link)) ? '<p><a href="'.db('website').$link.'" title="'.l('back').'">'.l('back').'</a></p>' : '';
}
...

funny! there is no exit() or die()...

I'm not sure if this is an actual security flaw but an unstable/bad coding

Share this post


Link to post
Share on other sites

Hi!@inverse_bloomI would recommend WordPress for pretty much any blogging-related websites because of the popularity and support you can get from other developers who constantly patch bugs as they arise. The new features that keep coming up, and the whole lot of plugins that are available for WordPress make it a rather good choice.I'm not sure WordPress meets your criteria for lightweight due to the features that it offers, but it certainly is secure and SEO friendly. WordPress can generate SEO friendly URLs, it has got all kinds of metadata from META tags to REL attributes on links to provide hints to search engine crawlers and indexers about the content of the website.Additionally, the recently-released version 2.9 of WordPress offers some interesting features, including the ability to perform basic editing of images right from within the WordPress dashboard. You can edit the source code of plugins and themes from the dashboard too - and that comes with syntax highlighting and a function reference of the WordPress API.I do sometimes wonder why a couple of plugins that are near-essential for every install did not make it into the core of WordPress and instead require me to install them each time I install WordPress, but I have had a rather good experience with WordPress so far.@BuffaloHelpOne of the other reasons you would want to move to the newer version is the availability of bug fixes, and possibly SEO optimizations in response to trends in web development. I would rather switch over to a different platform than maintain software for which there is no support. When faced with the task of supporting a WordPress-based blog, I inherited a codebase that contained an old and modified version of the WordPress core and in an attempt to migrate to a newer version, I turned as much functionality as possible into a set of add-ons with the slow and painstaking process of performing a diff on each of the files to look for modifications to the core. After moving from WordPress 2.6 to WordPress 2.7, I was away on holiday while another developer took over and - yes, you've guessed it - there were more modifications to the WordPress core files. As soon as I returned, I moved all of the code out of the core and into plugins and themes (moving the code into the theme was a bit of laziness on my part, but it's better than having the code within the core) and was able to successfully demonstrate an upgrade to WordPress 2.8. Now, I didn't get a chance to deploy the system running on WordPress 2.8.6 yet due to the feature requests that I had been getting, but when I was finally ready to go live, WordPress 2.9 arrives on the scene. Fortunately, I don't have any core modifications so all I need to do is find incompatibilities between my plugins and themes, and WordPress version 2.9 before completing the switch.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.