Open-Source CMS Platforms

Too many times I've heard the argument that open-source CMS platforms are not secure because they requrie security patches, or because security holes are publicized.
An open-source CMS does not place your website in greater danger than any other platform. It comes down to the quality of the platform being used.

A closed-source/proprietary website can have just as many security holes, the problem there is... who knows about it? Did a change to the server software create a new security hole in the website software? Is anybody patching these holes?

Open-source CMS platforms have large communities that probe the platforms for issues, warn users of possible threats, report the found threats and even create fixes for them. 
Some open-source platforms also have designated security teams to ensure the security of the infrastructure.

I've also seen website maintainers install numerous plugins/extensions as if they were candy at a gift shop, without even thinking about the security of the extension, the background of the extension or the extension developer, or how it is going to interact with other extensions already in the system. For example, just because a piece of software is listed in the Wordpress Plugin Directory, or the Joomla Extension Directory, does not guarantee it's safety.

Your website is only as secure as your weakest link

There are many factors that come into play when it comes to website security. Is the hosting platform secure, who has access to the systems (ie. website, hosting account, database), what are their permissions, are they using secure passwords, do they have the ability to "accidentally" create a security breach? YES, simply using an insecure password is the fastest way to "accidentally" create a security breach.

The bottom line is, it doesn't matter if it's open-source or proprietary, all website software and platforms are susceptible to security breaches. What matters is who is maintaining your website and do they have the knowledge and experience to ensure it's security.

 

 

What is ADA Compliance?

Americans with Disabilities Act (ADA) Standards for Accessible Design published by the Department of Justice (DOJ) in September 2010. 
These standards state that all electronic and information technology must be accessible to people with disabilities.

Who needs to follow these requirements?

The ADA standards apply to commercial and public entities that have “places of public accommodation” which includes the internet.

How do I comply with the ADA?

The ADA encourages self-regulation of accessibility standards. Organizations are encouraged to use the WCAG 2.0 level AA guidelines as a guide on how to become accessible until the DOJ defines the regulations. The Department of Justice is currently developing regulations to provide specific guidance to the entities covered by the ADA.

 

More Information

Statement of Interest of the United States Department of Justice in NAD v. Netflix
Case 3:11-cv-30168-MAP Document 45 Filed 05/15/12 Page 10 of 22

"The Department is currently developing regulations specifically addressing the accessibility of goods and services offered via the web by entities covered by the ADA. The fact that the regulatory process is not yet complete in no way indicates that web services are not already covered by title III."

Americans with Disabilities Act Title III Regulations
Part 36 Nondiscrimination on the Basis of Disability in Public Accommodations and Commercial Facilities
(current as of January 17, 2017)

"Although the language of the ADA does not explicitly mention the Internet, the Department has taken the position that title III covers access to Web sites of public accommodations. The Department has issued guidance on the ADA as applied to the Web sites of public entities, which includes the availability of standards for Web site accessibility"

Let's face it, the internet has been around long enough for people to know how to click links, and what clicking a link does. We no longer need to tell people how to use a webpage.

But the real problem here is accessibilty

Website accessibility has been entering the spotlight lately, mainly because there have been numerous lawsuits brought about due to inaccessible websites. Imagine a visually impaired user using screen reader software to browse your website. These users often tab through the links on a website, and if they tab through to a link that is simply "Click Here", they have no idea what they are supposed to click there for

And SEO

Everybody wants SEO for their website, top rankings, how can I get Google to find me and list me at the top...

Well, much like our screen reader users, Google (and all other search engines), use scanning software to crawl websites. 

Straight from support.google.com:
Avoid: Writing generic anchor text like "page", "article", or "click here".

Do you want to be ADA Compliant AND bring your SEO rankings up? Stop saying "Click Here".

Are you a small business owner? Do you have a website?

If you are a small business owner without a website, chances are people may not be taking you seriously.

When I am looking for a service provider, I search the internet, I look at reviews, and most importantly I want to see the company's website. This helps me to determine the level of professionalism, whether or not the company offers the actual service I am looking for, hours of operation and the best way to contact the company.

Sure there are sites out there like Yellow Pages or Manta that llist your business, and may provide some of the information that I'm looing for, but really, how accurate is this information. And, maybe this is just my opinion, but in this day in age if you don't have a website then you are not very serious about your business. Therefore, how serious are you going to be about providing me with the services that I need?

So maybe you do have a website and you're thinking that this does not pertain to you and you can stop reading now. If you are serious about your business, read on.

© 2019 Shannon Davenport - DBD