1 |
On 03/26/2017 04:28 AM, Peter Humphrey wrote: |
2 |
> |
3 |
> Pelican looks interesting; I may follow it up. I didn't say this before (one |
4 |
> thing at a time, eh?) but I need to build a site that another choirman can |
5 |
> take over from me at some time. That seems to rule out anything that smacks |
6 |
> of script writing, because as far as I know, nobody else has the slightest |
7 |
> interest in computers, never mind programming. |
8 |
> |
9 |
> I notice that no-one has mentioned WordPress. I had a look at it, but was |
10 |
> scared off by the Gentoo devs' waving around of garlic and crosses. |
11 |
> |
12 |
|
13 |
Choosing a CMS is a textbook example of "pick your poison." We usually |
14 |
go with either Wordpress or Drupal. |
15 |
|
16 |
The design of Drupal is much better, technically. Every feature is part |
17 |
of a "module" that you can turn off. The API is well-documented, and |
18 |
it's easy to write new modules. A "content type" in Drupal is a thin |
19 |
abstraction over a database table, and you can build pretty much |
20 |
anything you want by creating the right content type and then creating a |
21 |
"view" to display it how you want. |
22 |
|
23 |
The end result can be nicer for end users; for example, you can give |
24 |
them a button to create a new employee, or a newsletter, or a blog |
25 |
entry... and each one of those content types will have separate fields |
26 |
and a separate UI. The trade-off is that nothing works out-of-the-box in |
27 |
Drupal, and it will take you two weeks to get all of that set up. |
28 |
|
29 |
With Wordpress, you get a nice, clean, easy-to-use site in about five |
30 |
minutes. If that site will work for you -- i.e. if all you need is |
31 |
pages, menu items, a contact form, and whatever else you can get from |
32 |
pre-existing plugins -- do that! |
33 |
|
34 |
Wordpress is made for non-technical users but I don't mean that in a bad |
35 |
way. I've been doing Wordpress updates on some sites for over five |
36 |
years, and it's never crashed and made me stop what I was doing to fix |
37 |
it. Plugin updates are similarly easy, but I can echo what Mick said: |
38 |
you need to pay attention to the update notifications, and they come |
39 |
frequently. |
40 |
|
41 |
All CMSes have terrible security records, so the fact that Wordpress |
42 |
gets hacked all the time shouldn't lead you to believe that another CMS |
43 |
would fare any better. You can make any CMS a lot more secure in two |
44 |
simple ways: |
45 |
|
46 |
1. Always update ASAP. |
47 |
2. Don't make your website writable by the anonymous web user. |
48 |
|
49 |
The second one means that you will have to update over SSH, at least as |
50 |
long as you maintain the site, but severely limits the damage that a |
51 |
hacker can do with a tiny exploit. |