What is the best Content Management System?

Read the article or watch the video (2mins 20sec) you choose,

Yesterday I attended a networking event. There were several web developers and designers there and they all produce their sites on Joomla. One of them in no uncertain terms said to me how she would never consider WordPress as it was only a blogging platform refusing to put the one client she had produced a site for on her portfolio. I wasn’t aware that there was still such stigma against WordPress and this got me to thinking, does actually matter what CMS you use.  My conclusion if you care what the best content management system is, you’re missing the point.

The only thing web designers and developers should be focusing on is meeting a businesses objectives. This is likely selling more products, generating leads an enquiries. The point here is that by focusing on the tool your missing the objective. All Modern CMS’s have strengths and weaknesses but is ultimately down to how you use them which is important.  I used to build all our sites in Joomla in fact the last Joomla site running was the old Brand Aspect site which was live until January 2014. The other point here is slagging off other systems which ever one is counter productive since  if you’re not using it all you can speculate on what you have read elsewhere.

The skill is to get as efficient and creative as possible with tool you choose to use. Understand it’s limitations and it’s strengths and that’s how you’ll succeed.

So if you were expecting a list of features and benefits I’m sorry that this blog has not met your expectations. However if you are a web designer starting out try a few out see which one you like first and foremost, the one you can understand the template system/theme designing environment and the one that that has a community you can get on board with.  Then start learning how to use it by using it.

So if you agree with this, then please like it and share it and if you don’t then leave a comment, I’d be very grateful to hear you’re opinions.

Shellshock, “bash bug” and your website hosting environment

If you website is built upon Linux or Unix hosting then it could be at risk from the so called Shellshock or “bash bug”. The hole in bash was noted on Wednesday, 24 September, 2014, and has been named “CVE-2014-6271: remote code execution through bash” by SecList. The threat level for this has been set at 10 it’s highest threat level.

Now just for clarity Shellshock / Bash Bug is a hole which has existed for 25 years affecting unix and linux systems including Mac OS X, infact I even did a quick check to see if it affected on my 1990 commodore Amiga 500 just to prove that point but thats an aside. The fact is, it’s pretty widespread however the conditions required to affect an attack are fairly specific so immediate you can avoid immediate panic.

Shellshock is one of the most prolific security floors discovered in recent times since it has the potential to affect a vast majority of webservers through apache. Note that I used the word ‘potential’, the reason is that in order for an attacker to gain access to your system they would need to be able to insert a malicious environment variable in to a pre-running program that happened to have been spawned by the bash environment or a sub-command that uses bash. breaking that down a level, what that means is you would need to inject some code in to a bash program and the most likely candidates would be diagnostic CGI scripts and php scripts running in CGI mode that call out to the system().

If you are a website owner hosting with a third party, unless you have a virtual server that you have created yourself it is unlikely you will be able to do much, it will be your web hosts responsibility to get the latest bash patches. Take a look at any php scripts that run cgi keep your software and site as up to date as possible. If you don’t have a backup of your site now would be a good time to get one and if that site is wordpress than a tool like backwpup is one of the best solutions i know of. The reason is that if you are on a shared hosting platform all it could take is one account unassociated with you to be compromised and your site then becomes vulnerable because of sharing the same server environment.

Some actions to take if you are responsible for a web hosting environment
So if you run apache on your servers and run php and cgi scripts things like cpanels /cgi-sys/defaultwebpage.cgi, then take a look at any php or cgi that run the system variable and assess how necessary and secure they are, silo them if they aren’t completely necessary. Use a port scanner like masscan to look for telnet ftp or older versions of apache. These are the things that should come as highest priority to patch or disable.

How to embed video in wordpress quickly and without code.

Below we will go through the easiest way to embed a video in your WordPress website and works from version 2.9 onwards.  Specifically this will show how to embed Youtube and Vimeo videos although the process will work with any oembed compatible site, so you can also use this for slide presentations, polls, surveys and other document types. For a full list see.

If you have a YouTube or Vimeo video the quickest way is to use the ‘oembed’ feature.  All you need to do is copy the address of the video and paste it in place. This means no head aches dealing with embed codes, WordPress will do all the work for you.  The only downside is that you loose some control in sizing and video player functions you would have when using traditional video embeding html.  Lets go through this with a YouTube example.

Stage 1: Go to Youtube and find the video you are looking for

Find a video on youtube
Find a video on youtube

Stage 2: Copy the link to the video

Copy the Url or link in the address bar
Copy the Url or link in the address bar by selecting Ctrl + C on the PC or Cmd + C on the Mac.

Stage 3: Paste the video link in to your page or post note: it makes no difference if you are in the visual editor or the text editor mode.

paste the link
paste the link where you want it in the page

Stage 4: Finally test this by either saving and publishing or ideally clicking preview just incase you encounter an issue.

Preview your embeded video
preview and test your embedded video before publishing

This technique will also work if you have a YouTube video playlist you are looking to embed in the website, If you are using vimeo simply find the video and go through the same process.