From a user/viewer perspective, CMSs are often a lot slower than static. In fact, it's hard for me to see how they wouldn't be. My main concern is my user/viewer/reader, so unless we need functionality only possible in a CMS, I go with a static. FWIW, since you can do a lot of simple JS in a static web page, it's super easy to add Disqus, etc., for commenting and some other basic functionality.
Thanks Ryan, I like the sound of it in a number of scenarios. Pretty agnostic on this stuff overall.
In general a cms is spitting out a static cached page mostly so they can be fast but most devs throw some Gfont embed, ga, a few plugins, db bloat & suddenly the site is garbage.
My site is not fully optimized, but is usually <1s. WP (& php) has a bunch of advanced stuff that i'd have to code already. There are many annoying {solvable} CMS related issues.
I am not using very many 3rd party services anymore unless requested as there is no need for a handful of players to have control of everything. My users are being respected (mostly) & I am enjoying working on my stuff under those circumstances (this is not that relevant to the sitegen but it's where growth is).
What static gen do you use? (I will make some things to see how it suits my needs).
Also, I've seen CMSs and I've seen CMSs. They're not all the same.
For static gen, I've only used Jekyll, actually. It's a bit of a new world to me.
For CMSs, my favorites are Joomla!, Drupal, Ghost (oooooh, love it), and a little known one called BrightSpot. There are some lightweight ones that are also pretty good, if simpler.
Sec is not a CMS thing (I get the db, but that's not really a big concern).
I don't know what this means, but I recently had to fix up a Wordpress blog which had been hacked because of an insecure plugin. There were ads inserted as posts, and links hijacked to go to really bad sites. The administrator didn't notice for quite a while because the malware was smart enough not to appear if you were logged in as a user.
It's hard to imagine that happening to a static site. With a static site there are just files on a server. What is there to hack? Only the SSH connection to the server itself.
Yeah, my first one was an injected encrypted footer links with useragent & tore down a set of top ranking sites (long time ago). I didn't mean to dismiss CMS sec, it's a pain.
"Sec is not a CMS thing" just meant: Lots of the serious stuff (beyond annoying defacing) is social engineering & lower down the stack. The CMS or db is one part of many.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Ryan,
This answers all my questions as well as possible tbh.
Dev heavy markup, injection, intrusion are good reasons (I was wondering if it was worth losing the breadth of options). I'll try a couple.
Appreciate the explanation, thanks.
From a user/viewer perspective, CMSs are often a lot slower than static. In fact, it's hard for me to see how they wouldn't be. My main concern is my user/viewer/reader, so unless we need functionality only possible in a CMS, I go with a static. FWIW, since you can do a lot of simple JS in a static web page, it's super easy to add Disqus, etc., for commenting and some other basic functionality.
Thanks Ryan, I like the sound of it in a number of scenarios. Pretty agnostic on this stuff overall.
In general a cms is spitting out a static cached page mostly so they can be fast but most devs throw some Gfont embed, ga, a few plugins, db bloat & suddenly the site is garbage.
My site is not fully optimized, but is usually <1s. WP (& php) has a bunch of advanced stuff that i'd have to code already. There are many annoying {solvable} CMS related issues.
I am not using very many 3rd party services anymore unless requested as there is no need for a handful of players to have control of everything. My users are being respected (mostly) & I am enjoying working on my stuff under those circumstances (this is not that relevant to the sitegen but it's where growth is).
What static gen do you use? (I will make some things to see how it suits my needs).
Yeah, absolutely.
Also, I've seen CMSs and I've seen CMSs. They're not all the same.
For static gen, I've only used Jekyll, actually. It's a bit of a new world to me.
For CMSs, my favorites are Joomla!, Drupal, Ghost (oooooh, love it), and a little known one called BrightSpot. There are some lightweight ones that are also pretty good, if simpler.
I don't know what this means, but I recently had to fix up a Wordpress blog which had been hacked because of an insecure plugin. There were ads inserted as posts, and links hijacked to go to really bad sites. The administrator didn't notice for quite a while because the malware was smart enough not to appear if you were logged in as a user.
It's hard to imagine that happening to a static site. With a static site there are just files on a server. What is there to hack? Only the SSH connection to the server itself.
Yeah, my first one was an injected encrypted footer links with useragent & tore down a set of top ranking sites (long time ago). I didn't mean to dismiss CMS sec, it's a pain.
"Sec is not a CMS thing" just meant: Lots of the serious stuff (beyond annoying defacing) is social engineering & lower down the stack. The CMS or db is one part of many.