What Is a CMS? Which One Should You Use for Your Website?


– What is a CMS, and
which one should you use? We’re talking about it on “The Journey.” – All right, so today
we have a special guest, Alycia from Sucuri. Thank you so much for coming on today. – Yeah, thanks I’m happy to be here. – Awesome, so we’re
talking about what is a CMS and which one should you
use for your website. Can you tell us a little
bit about what a CMS is? – So CMS stands for
content management system, and it’s basically an easier way to put pages live on your
website, or blog post, manage your image media
library, all that kinda stuff. – Awesome, and now let’s
go over the top three CMSs. I’m gonna be a little bit
biased in this episode. That’s my disclaimer right there. I’m gonna start with WordPress. WordPress is the most popular
content management system out there today, powers
over 1/3 of the internet. It has tons of plug-ins, tons of options, and it’s pretty resourceful. And probably my favorite
reason for why I use WordPress is the community behind it. They’re such a large community that, that just all comes
together, there’s meetups, there’s wordcamps, and everyone just helps each other out. For sure, and I mean, with
40,000 plugins almost, like, you have no end to the kind of functionality you can add to your CMS. – Absolutely, so what are some other CMSs that we can possibly use? – For sure, yeah, ’cause everybody’s heard of WordPress, so.
– Yeah. – Drupal is another very popular one. It’s been described to me as
kinda like a Swiss cheese, you need to be a bit more
technical to use Drupal, but it does have a lot
of different features compared to WordPress, it has
a different user experience, and ultimately, it’s been
used for a lot of things like government websites
and that kinda thing because of its ability to be a little more secure in some areas, yeah. – Yeah, and it’s definitely
one not for, like, the smaller business type sites, as Enterprise or large
corporation type sites, right? – Yeah, yeah, for sure. Yeah. Joomla is another really
popular one as well. It’s got a really good
community and it’s got, I think the second highest
market share after WordPress. Although, WordPress is
like 30% and I think like, – It’s a giant. – Joomla’s like 6%, so just,
a little bit of a gap there between the top two, but Joomla’s also a really awesome CMS to use. You wanna make sure that you’re using the most latest version if possible. There are two active versions
available that you can use. Yeah, you definitely wanna stay on the most recent branch
of any CMS if possible. – Yeah, that’s just a best practice there. All right, let’s talk
about, really, figuring out which one should you use, right? Like, what are some of the first
steps we wanna think about? – Definitely you wanna
make sure that you know what your requirements
are for your website. So how does it need to
be for your users to use? How are you gonna go about
actually creating posts, and what are the processes that you’re gonna use as part of that. And then once you have all that, you can kinda look at each CMS and see what are the extensions and
themes that are available, And see if they’ll match the
requirements that you have for your website. – That makes sense, and
it all comes down to figuring out what’s right for you. Like, I will stand by WordPress all day, but WordPress may not be
right for your situations. Figuring out those requirements,
with those applications, are super important. – Yeah, and usually a
lot of the CMS websites have a great community,
because they are open-source. – So tell us a little about open-source. – Yeah, for sure, so all
those top three CMSs, they’re open-source, they’re also free, which is very important. Open-source basically
means that the source code used to build WordPress,
or Drupal, or Joomal, it’s all open and available, and anybody can contribute to it as well. – Right on. – So that just means, it’s
constantly being improved, by the community, and the
community’s also checking to make sure that what’s
being added is secure. – All right, so we want our
website to look good right? So is that something to think
about when we’re choosing what platform we use, and how easy it is to create those sites. – Totally, so different themes will have different attributes, like
they may have a sidebar on the left or the right. Or they may be all one column, in a never-ending scrolling website. Different themes will
allow you to accomplish maybe what you need, by
having custom backgrounds or custom menus, so you
wanna look at the options for your theme and you also don’t wanna discount, like, premium themes. A lot of premium themes out there will add extra functionality. So you’re essentially
paying for the theme, even though the CMS is free. That’s an awesome option,
there’s premium plug-ins as well. Depending on what you
need, the default themes that come with it are
sometimes a little restrictive, so you wanna take a look at
what the default themes are. Try some different free themes, and see what the options are to get your site to look
the way you want it to. – Yeah, and what was kind
of controversial at first, in WordPress and 5.0, remember Gutenberg? – Oh yeah. – Gutenberg, is essentially
the new WordPress editor. The whole point is to kinda mirror the printing press of just
blocks and everything else. – Yeah, what you see is what you get. So as you’re typing– – Whizzy wig!
– Yeah, whizzy wig! Thank you. – So as you’re typing,
yeah you see exactly what you would see on the website. So that comes default by WordPress. It has made the experience,
especially for first-time users, easier to create. Then there are page
builders like Elementor, or Beaver Builder, or WPBakery Builder, that makes that user-experience
a little bit easier. If you’re going on the WordPress realm, and really want something
that’s pretty customizable, you don’t have to be a
web developer or guru to build that website. – For sure, CMSs are having to
make things a little easier. You know there’s a lot of
different places out there that are creating website builders that are super easy for people to use, and so it’s helpful for
these open-source CMSs to make the user-experience a little easier. – All right, so another thing we probably have to think about
is the hosting requirements. We’re gonna need for our applications. Talk us through a little
bit of what that looks like. – For sure, so most of
these are running on PHP, so you want the most
updated version of PHP, especially if you want
the latest features, and to make sure that you’re
getting those security updates. – Yes. – So that’s really important,
a lot of hosting companies will offer one-click
install for most of these major CMS applications. Some hosting companies,
especially when I first started creating websites and I
was on a super budget, but also a very secure host, it took me a long time,
it took me like three days to install WordPress, and they have a famous 5-minute install. You wanna look and see and maybe talk to your hosting company
about what the options are for getting this CMS
installed on your server. – Right, ’cause, taking three
days to get a website going, just the beginning, is not
something you wanna do. There’s a lot of places out there that will do managed hosting,
especially with WordPress. There’s managed WordPress, that has just already, automatically installed some extra security features. And then what most people
end up going with is like a cPanel type Hosting,
since it does have that one-click install, with
Installatron or Softaculous. Whatever they’re using. – Totally.
– Couple of clicks of a button, and then it’s there. You can start building and
designing, however you want. All right so, the real
reason I brought you on to this episode is: really talking about security with CMSs. They’re open-source, you
constantly have to update them so there’s lots of things
that we need to really think about, to make sure
our stuff’s protected. – Totally, well, with
it being open-source, not only are all the good
people contributing code, but all the bad people can
also look at that code as well, and find vulnerabilities. So that’s something that a lot of people are concerned about,
especially with WordPress being so popular, it is a large target. The CMS itself is actually quite secure, because there’s a great
community checking things out. You wanna make sure that you’re
not installing more plug-ins than you need. Trying to make sure that you’re keeping everything up to date, if you have a managed solution,
they’ll do it for you. Which is awesome.
– Yup. – You wanna make sure
that you have something, some kind of security plug-in
that’s monitoring your site, letting you know if there is
a problem that they detect. There are some that can also
add features for protection, like adding Two-Factor Authentication, which is a second password on your phone that you need to enter, in
order to get into your website. There’s all kinds of
cool security plug-ins, security utilities that
you can use with your CMS. – Yeah, I know with WordPress, the top security plug-ins
that come to mind, of course, Sucuri has
this security plug-in, but there’s also Wordfence. And then with having an SSL on your site, super important just to
encrypt that password, ’cause you have to login. The beauty with CMSs, that
you can access them anywhere, right?
– Yup. – So, you wanna make sure that wherever you’re accessing ’em,
your password isn’t being sniffed out by someone in the middle. – Yeah you wanna be careful, you don’t wanna maybe do
it in like an airport, or coffee shop Wi-Fi,
unless you’re using a VPN. ‘Cause if you are sitting
there on public Wi-Fi, and there’s a hacker sitting next to you, they could sniff your password
as you’re typing it in. And then the next thing you know, there’s a bunch of spam pages on your site that you need to deal with. – So what about firewall, I’ve heard that it should be important,
should be added to the site. What’s the validity with that? – Definitely, one of the nice things about a website firewall,
is that it will virtually patch your CMS, so if
there is a security issue, essentially, the firewall’s
taking care of that. It surrounds your website,
and if somebody’s trying to exploit a vulnerable
plug-in on your site, the firewall will catch
that attempt and block it. They’ll see a blocking page, meanwhile, all of your legitimate
visitors are being sped-up because of the global
network of the firewall and content delivery network. – So we’ve figured out what
CMS we’re wanting to use. We’ve got it installed, how
do we go about documentation, learning the program itself. – There are some awesome
resources out there. You talked about WordPress, WPBeginner has some awesome
training guides and tutorials. There’s an awesome community
for all of these CMSs, with very active, like, support forums. That’s a great way to go about it. And then obviously if you have a developer
or something like that, that’s helping you get some customization, they can usually help you. You wanna make sure that
you’re documenting everything as part of your website as well, so. It’s just gonna help you
later on down the line if you know you have a
list of all the users, all the plug-ins and that kind of stuff, and you’re keeping that up-to-date. – Yeah, especially if you
have people on your team that needs to access the site. Giving them documentation on
what they should be accessing, what they shouldn’t be, because sometimes, the wrong click can
make just chaos happen. – Totally, and good user passwords, making sure that you’ve
got the right role levels assigned to your users,
whether they’re just an editor, or author, or contributor. – Right.
– Those roles are usually built into the CMS to allow you to make
sure they can only access what they should be allowed to access. You only wanna grant admin privileges to somebody for as long as they need it, and that kind of thing. – Now, with this website, I know many of the entrepreneurs, or even solopreneurs out there, with their stuff has
many hats to wear, right? Sometimes maintaining it, isn’t always something that they have time for. – Yeah it may not be top of mind. – Right, what should we be
doing with those updates? – Yeah, definitely, I would say that it’s very important to make sure that you always retain
access to your property, your web property. So I’ve seen cases where a developer will leave a client, and
leave with the passwords, and then you can’t get
into your hosting account, or you can’t into WordPress. It’s not ideal, so make sure you always have access to those things. And make sure that you’re just practicing safe security practices
throughout all of it. – Right on, and with WordPress and Joomla, everything else, we
talked about it earlier, make sure you’re at least going in there every now and then to update
it to the next latest version. It’s not only for performance, but it is for security. – Yeah for sure, I mean, with some CMSs there might be different branches that are still being actively developed. So having a firewall
that can virtually patch, and make sure if there
are any vulnerabilities you have a little bit of an extra window. ‘Cause whenever there’s a
security update released, the hackers are looking, going,
“Okay, here’s the old file, “here’s the new file, oh look. “There’s the security flaw!” So it can be–
– Then send all our bots out. – Totally, it can a matter of minutes, hours after a security patch is released before there’s active attacks in the wild. So definitely update your
sites as soon as possible. Auto-updates are amazing, WordPress has auto-updates on most hosts. – Yeah, and, or you can hire developers like most designers or
developers will have, like, a website care plan, so you
can them just do it for you. If you’re using WordPress,
GoDaddy, ProSites or ManageWP has the one-click updates. So you can update all your
plug-ins, and your themes. You even have a safe update option, so what it does is,
it’ll update your site, take a snapshot of before and after, and make sure they’re all the same, and if there’s an issue,
it’ll retract back to it. It’s a free option for you. – Yeah that’s perfect,
you hit on a good point. It’s not a set it and forget
it thing with a website. You need to make sure that
you’re maintaining it. And that it’s part of your business, it’s how your business looks, so you should definitely
make sure that you have some kind of plan for keeping
it up-to-date and maintained. – All right, the last point that we should really talk about is, really, your time and investment with the CMS of your choice. Talk us through a little
bit of that, about that. – For sure, we’ll you
wanna go in and realize that it’s gonna take you
time to setup all the pages that you want. – Right
– It may take you time to find the right plug-ins, so you wanna kinda think through whether
you want to hire somebody or get some help with that. To find the functionality and the look and feel that you’re after. Definitely budget when
it comes to free CMSs, well you don’t have to pay for the CMS, so that’s helpful. – Right.
– But it’s customization and security, and all
those things that you definitely wanna consider as part of the whole package of having a website. On-going costs for, domain, WHOIS privacy, SSL certificates, – Right, firewall,
– All that kind of stuff. – All that good things. – Totally, yeah, there’s
a lot of accessories that go on with having a website. So you wanna figure, like
I said at the beginning, what those requirements are. And then make sure you have a plan for how you’re gonna budget, and the timelines around,
when you wanna launch. – Perfect, and with Drupal
and Joomla, they are, they do have that smaller market share. So there’s really specific requirements of when you wanna use those applications, those developers that you hire for Drupal or Joomla might cost more, than a WordPress designer as well. – For sure, yeah, and you wanna make sure that you’re really looking at the work that the developer has done, and make sure that it
matches what you’re after. There’s lots of great
websites out there that, you know, can tell you more
about how to pick a developer, depending on what you’re after. – Well thank you so much for
coming out on the show today, and helping us figuring
out, what a CMS is, why we should use one,
you’ve been awesome. – Thanks, my pleasure! – Well, if you liked this video, go ahead and smash that like button, add a comment below on
something that you’ve learned and subscribe to this channel, and ring that bell, if you’d like to see these episodes first! This is “The Journey,” we’ll see you next time!

Leave a Reply

Your email address will not be published. Required fields are marked *