I've previously extolled the virtues of using a content management system, or CMS: it allows for the categorization, manipulation, and preservation of data. It also makes blogging a heckuva lot more fun: why deal with ugly code and clunky FTP clients when you can use a slick WYSIWYG editor and AJAX interface?
But all these improvements don't come for free. There's a cost, and it's complexity. Instead of a single password for your FTP account, now you also have a mySQL database password and a CMS administrator password, if not more. You'd think more passwords would mean more security, but the opposite is true. It's sort of like the observation Dr. Pulaski made about Klingon physiology: multiple redundant organs (two livers, three lungs) may look good on paper, but it only increases the chances of organ failure.
As an example, I offer my own recent experience, when a blog post I wrote was unexpectedly made popular at Digg, a social networking site. My hosting company was unprepared for the influx of traffic and responded by moving not just the blog in question, but all 13 of my domains from a "production server" to a "stabilization server".
Meant as a courtesy to keep my sites running, this transition instead proved devastating. Normally, when a visitor accesses my site, her Web browser makes a request for my site's content. My CMS processes that request and serves the content that is displayed in the browser. All that magic is done in a language called PHP. Whether by design or not, this secondary server did not support PHP. The result was that visitors saw not the requested content, but the PHP code that normally handles the request. In my case, that PHP code included my database names and passwords.
Fortunately, the damage was mitigated by the fact that access to my databases is limited by IP address. For example, given the right username and password, someone might be able to access my data from a computer at Emerson, but not one at Mohegan Sun. All 13 of my sites were still completely inaccessible for the most popular 40 hours of their lives, but at least when they came back up, I wasn't too worried about they integrity.
Still, just to be sure, I spent the next weekend signing a contract with a new hosting company, changing all my usernames and passwords and uploading all my sites to their server. I've also explored ways to make sure that sensitive PHP code is never served to a site visitor, no matter the circumstances. It was definitely a learning experience.
Would all this have happened if I was using static HTML files instead of complex PHP code? Probably not. Is it worth the risk? Definitely. Thanks to the power of the CMS, I could've imported my sites into any number of other systems, including Blogspot and Drupal. Try doing that with plain HTML. (Oh, wait — I already did.)
Leave a comment