When I started in web dev, I built my own framework that progressively became more sophisticated over time, but it wasn't a well thought out product. It worked well enough, but it was quickly over shadowed by the likes of WordPress and Drupal.
Unfortunately, after many years in service, one of my clients got hacked. I hadn't sanitized a file upload well enough, and the auth was too weak. I had already abandoned my custom framework by the time this happened.
With the big open source projects, you get the benefit of many eyes. Commercial projects (presumably) have security teams. I am curious, how do you plan to ensure your CMS remains secure, both from current and emerging threats?
Even WordPress gets hacked, so the big project card doesn't fly here.
It's simple, really:
A. Use (actually use it) it yourself. If you make something but never use it, there's a disconnect which contributes to the problem.
B. Give a fuck. Found an issue? Fix it. Someone else found an issue? Merge the code.
C. Make it public.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
When I started in web dev, I built my own framework that progressively became more sophisticated over time, but it wasn't a well thought out product. It worked well enough, but it was quickly over shadowed by the likes of WordPress and Drupal.
Unfortunately, after many years in service, one of my clients got hacked. I hadn't sanitized a file upload well enough, and the auth was too weak. I had already abandoned my custom framework by the time this happened.
With the big open source projects, you get the benefit of many eyes. Commercial projects (presumably) have security teams. I am curious, how do you plan to ensure your CMS remains secure, both from current and emerging threats?
Even WordPress gets hacked, so the big project card doesn't fly here.
It's simple, really:
A. Use (actually use it) it yourself. If you make something but never use it, there's a disconnect which contributes to the problem.
B. Give a fuck. Found an issue? Fix it. Someone else found an issue? Merge the code.
C. Make it public.