Lately I’m seeing a lot of spam user registrations here at iandouglas.com which of course raises the question of whether using a third-party application such as e107 is beneficial to my needs, or if there’s some inherent flaw/exploit/vulnerabili…
Lately I’m seeing a lot of spam user registrations here at iandouglas.com which of course raises the question of whether using a third-party application such as e107 is beneficial to my needs, or if there’s some inherent flaw/exploit/vulnerability that someone’s trying to take advantage of.
I see a lot of this kind of behavior on client sites who have third-party apps running that advertise the CMS/forum software along with version numbers, like phpBB where spammers have learned to read the default ‘captcha’ image and register accounts so that posting spam comments is easier. All they need to do is go to Google and search for “phpBB” with a version number with a known exploit, and Google will happily serve up a list of sites that proudly proclaim “powered by phpBB v1.0.0″ or whatever.
I’m currently using the latest release of e107, but I’m starting to think, again, that a home-grown solution might be more beneficial. There’s so much bloat in third-party apps as CMS engines try to be “all things to all people”. Like my struggle with buying a cell phone that’s JUST a cell phone, CMS application developers keep cramming in features I’ll never use, and offer no easy way to strip them out or disable them.
I’m seriously debating just going back to the ol’ drawing board, like Wile E. Coyote, and just design my own CMS software. I’ve started it in the past and usually gave up because it was a pretty daunting task. Now, with tools like Symfony, it’s a lot quicker and simpler to build scaled applications like that.
It’s not like I need anything terribly fancy either, just a place to write my blog articles, manage my file downloads, and let users register to leave comments. Barely anyone uses my forums any more for support help on the software I write, so I’ll likely take that completely offline in the near future.
Of course, with a new CMS comes the chore of writing a fistful of .htaccess rules to ensure search engines and bookmarks to my site still work by bouncing browsers and bots over to the new URLs. Overall, that’s the easy part of the job…
0 Responses
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.
You must be logged in to post a comment.