Security of Open Source CMS environment
When we are looking into security of Open Source CMSes it is important to not forget elements like the server stack, add-on modules, encryption systems and human errors. These elements surround the CMS environment and can also be considered as part of the system as a whole.
Securing a server application like Open Source CMSes can be a difficult task. The nature of any public server application is to be available for visitor and attackers, 24/7. We normally compare the security of an public application to secure a house without locks, open 24 hours a day for robbery.
We will look specifically into security of add-ons to Open Source CMSes later, but it is important to have a clear overview of all aspects that can compromise the overall website security.
