Looking for a secure CMS

g3n · Guru Joined: 13 Dec 2003 Posts: 543 Location: México

I'm starting to develop a CMS but i don't know what security holes this kind of software has, i would like to see some code of a secure cms or if anyonw can provide orientation on cms security it would be appreciated.
_________________
--[G]--

dejima · Posted: Tue May 24, 2005 9:58 pm Post subject:

By CMS do you mean something like phpNuke?

If you mean something like this then I would suggest postNuke which is coded in a better way.
Also I would also suggest ezpublish found in http://www.ez.no/community which is much more advanced from al the Nukes.
Check out also mambo and typo3.

bone · Posted: Tue May 24, 2005 10:22 pm Post subject:

I was part of the DEV/Admin team for postnuke up until 2 years ago. 2 of the 3 surviving founders and 90% of the DEV team left the project to fork xaraya (www.xaraya.com) because of vision differences with the remaining founder. I have seen both phpnuke and postnuke have security flaws, (I hate to toot our own horn) of which the same problems were not encountered with xaraya. If I were to suggest a CMS, this would be the one.

jt

bixit · n00b Joined: 30 Nov 2002 Posts: 6

You should take a look at eZ Publish http://ez.no/community

There is also a demo at http://ez.no/ez_publish/demo

DaveHope · Posted: Wed May 25, 2005 7:17 am Post subject:

Rather than looking for secure code to comapre yours with and risk claims that you have copied code, why not get a pen test done on the software when it's complete ? - I'm sure there are plenty of peple in the Gentoo community which would lend a hand.

g3n · Guru Joined: 13 Dec 2003 Posts: 543 Location: México