Insecure at any speed
July 14, 2012 1:08 AM   Subscribe

My Wordpress installation got hacked one too many times. I'm done with Wordpress. And pretty much done with PHP as well. What do I move on to now?

First and foremost, I'm looking for a setup that is utterly paranoid about user input - whatever I'm using, I want it to be on top of some framework that sanitizes all input before it ever gets to the business logic.

I also want to actually have some separation of code and data, unlike the giant mess you get with PHP.

My primary uses are a couple of image galleries and a couple of webcomics. Some kind of commerce would be nice too - I've always vaguely wanted to let folks be able to order prints of my art, as well as a small comics press that may be happening in the future. Plus the usual stuff like a blog, some static pages, rss feeds for everything, tagging, search.

I have a few domains, and would greatly prefer to be able to manage them all from within one admin backend instead of having a separate installation for each one that can get out of date.

If a client came to you as a web developer with this overall feature list, what would you reach for? What framework, what packages for it? Bonus points for pointing me to a web host that does a really good job running that framework, super extra bonus points if you're a security-aware webdev who might be interested in being paid to get this up and running so I can just keep on drawing - I'd really love to be able to not get my hands much dirtier than some css and templates.
posted by egypturnash to Computers & Internet (10 answers total) 25 users marked this as a favorite
IANADev, but one thought is Ruby on Rails, perhaps hosted by something like Heroku, which greatly simplifies deployment. (Deployment is one of the most challenging parts of using RoR.)

Another option would be to go with a paid, fully hosted CMS like SquareSpace, where you can just worry about the design and content, and not have to worry about the technology at all.
posted by maxim0512 at 4:55 AM on July 14, 2012

Jekyll/Octopress, perhaps. My one caveat is that you'll need to stay on top of updates for the best security. This is true with WordPress too, of course. WordPress makes updating easy, but I'm not sure how the others handle things.

SquareSpace or handle the updates themselves, so they could be good alternatives.
posted by backwards guitar at 5:04 AM on July 14, 2012

One possible alternative is to build your own with a PHP-based MVC framework like CodeIgniter or CakePHP. Obviously in any MVC setup you have separation of views and logic. There are also various CMSs like Fuel, Pyro or Croogo that are built on top of these frameworks, though I've no experience with them.
posted by Magnakai at 5:07 AM on July 14, 2012

I don't think you should so easily give up WordPress. I had the same problems and then followed advice for hardening WordPress. WordPress itself has advice but if you Google "hardening WordPress", you will get a lot more. If you rigorously follow this advice, you should, as I did, see few or no attacks. In particular, change your username to something very unobvious, remove all themes that you do not use (the backdoor of badly written themes is a key source of attack), remove all the crap from your site that you do not need (many of the advice sites will tell you what to look for) and install Sucuri. It worked for me. I was getting two or three attacks a week and now none for several months. The Russian bots are after sites that are easy to enter. They are not going to get into or even bother trying to get into those that are proeprly hardened.
posted by TheRaven at 5:42 AM on July 14, 2012 [5 favorites]

I've been where you are.

My experience with WP being hacked.

My story of what else I did, which includes links to what another MeFier went through.

Besides everything that TheRaven mentioned, I now use Bulletproof Security and Website Defender which (among other things) help you set the correct file and folder permissions and setup .htaccess files. Those are both issues which are common across any web application and just the sort of thing that gets overlooked.

I also use Bad Behavior, which is useful on any PHP-based site. It's primarily used to detect and stop spambots but since they're often also probing for other weaknesses, it can discourage anything less then the most persistent.

Security requires work, unfortunately, but it is possible to keep one step ahead no matter what platform you're on.
posted by tommasz at 6:40 AM on July 14, 2012 [6 favorites]

Squarespace sounds like an alternative to check out. Seriously, they're awesome.
posted by helios410 at 11:06 AM on July 14, 2012

The massive advantage of a CMS (or Blog CMS in the case of WordPress) is cost and time of development, particularly for common things like galleries, content pages, blogs and articles, etc.

So when a client comes to us with those simple needs we always go with a PHP open source solution because of cost.

For custom enterprise solutions we go with either what we consider a more advanced PHP solution (MODX Revolution Content Management Framework or something like Yii) or we use Ruby on Rails.

Now Rails is loved by our senior programmer because it's not the mess that is PHP, but some of the common things that we get in MODX have to be built from the ground up, or from the foundation up if you like in ROR, which means an increase in budget, which means it's only for specific clients (those who have the budget and the need to justify the budget obviously).

It's interesting in that there are a lot of PHP programmers but we find it hard to fine a good PHP programmer (i.e. code discipline and efficiency, thinks of how the application will be used by a user rather than a programmer, coding as abstract and scalable as possible, etc.) whereas with Rails there aren't as many programmers but they tend to understand what programming is all about much more than a lot do from the PHP pool. We like to work with technology that does not rely on very specific people under our employ should they leave but that said, we love very specific people because of what they bring to the table.

We find we have to step around WordPress to much for a lot of the small custom features in a regular site as well, but all that said, in regards to framework, it is largely a preference as well, and that preference can be very strong. Our senior programmers work with PHP but they don't like it as a language, but it is the best solution for many things (in terms of time, budget, support). They are overjoyed personally when they can use ROR. Our preference for MODX is largely because of how templating works, its flexibility, scalability, and abstract structure. Others despise it because of the same reasons, in that there is a login add on that does registration, login, password recovery, profile, etc. but you have to configure it to your needs for a project). The way templating works and the flexibility of design is also why we use LemonStand for ecommerce sites.

As for security, as others have said, hardening practices are great to employ. WordPress is a large target obviously and I've heard you have to be careful with the extensions you use.

You have a lot of options, we all do, and like many of us, you'll probably take some time finding one you favour and are comfortable with.
posted by juiceCake at 12:28 PM on July 14, 2012

egypturnash: "My primary uses are a couple of image galleries and a couple of webcomics. Some kind of commerce would be nice too - I've always vaguely wanted to let folks be able to order prints of my art, as well as a small comics press that may be happening in the future. Plus the usual stuff like a blog, some static pages, rss feeds for everything, tagging, search."

Most of my website is generated statically. There's no DB to hack, as comments are hosted by Disqus. There's no PHP to hack, as my website is all HTML. Autogenerated RSS feeds, and tagging support is enabled. Search can be handled by Google, or perhaps one of the comic search engines like oh no robot. Since there's no dependencies, it can easily fit into most cheap shared hosting environments.

Another alternative, is to find a comicpress hosting specialist who can keep up with upgrades and best security practices. I know a guy, but he's interviewing with Valve soon and I would expect he'd dump his clients if he gets the job.
posted by pwnguin at 1:31 PM on July 14, 2012

FWIW, many of the bugs that periodically surface in Ruby On Rails (such as this one) are a result of a prioritization of ease over correctness in the framework. There are valid reasons to use Rails, but paranoid input sanitization is not one of them.

Pwnguin has a great approach, and you’re not describing much that would actually need a database and CMS. Why not just run from static files, with a thin layer of PHP to run them through your template and convert to RSS/etc.? You’d leave the selling to some external billing or fulfillment service in this case, like Paypal or Amazon, and stick to minimalist technology.

Another option for you is to keep using Wordpress just as you are, but modify the database user permissions to exclude writing. REVOKE ALLGRANT SELECT if you’re using MySQL, and keep a separate WP install someplace else with its own high-permissions user account for editing. There’s no reason for WP vulnerabilities to have a negative effect on your content.
posted by migurski at 10:21 PM on July 15, 2012

Response by poster: Thanks for the suggestions, everyone. More directions to ponder.

I've got about 2,500 images in the various galleries, plus the comics. I don't think writing HTML to contain all of that by hand is gonna be an option, and most of the solutions I've seen for generating static files from templates tend to involve a lot of command-line stuff and/or manually editing list files by hand, which really isn't something I want to do.

I've toyed with the idea of outsourcing comments and monthly "keep me working on the comic" donation drives to external services like Disqus and Indiegogo, but I haven't really decided if that's the way to go yet...
posted by egypturnash at 11:33 PM on July 15, 2012

« Older Help me not screw up my life!   |   How to deal with a spaniel in the office? Newer »
This thread is closed to new comments.