[wp-hackers] WordPress as CMS (was: wordpress security)
Nathan Rice
ncrice at gmail.com
Wed Oct 21 20:05:40 UTC 2009
You're most likely about to be told either:
1) If you want a website CMS (non-blog) then try drupal/joomla/EE
2) If you MUST use WP as a site CMS (non-blog) just tell your client to
ignore the blog stuff.
Good luck.
FWIW, I like the idea of a lightweight plugin that does nothing but remove
all references to blog posts, comments, etc. I think it's a fine idea.
------------------
Nathan Rice
WordPress and Web Development
www.nathanrice.net | twitter.com/nathanrice | www.modthemes.com
On Wed, Oct 21, 2009 at 4:00 PM, Stephen Rider <wp-hackers at striderweb.com>wrote:
> Note: This email repeats a lot of things I said in another email, for the
> benefit of those who are not following the Security thread. For those who
> *are* following that thread, please skim to the bottom, as I pose a new and
> separate question from the security issues discussed elsewhere....
>
> On Oct 21, 2009, at 9:03 AM, Otto wrote:
>
> A site that the admin has not visited in 2 months is, IMO, a dead
>> site. No new content, no readers, nobody caring for it...
>>
>
> In the past, I've asked for advice on using WordPress as a straight CMS
> rather than a blog platform. Such questions are routinely answered with
> remarks along the lines of, "It is a CMS, Dummy."
>
> Fine it's a CMS. But as such we must accept that many users are using
> WordPress to set up their sites, and edit them when needed, but are NOT
> routinely adding new content, /a la/ a blog. In such circumstances, a site
> can **easily** go two months without being updated.
>
> I just don't understand this "screw 'em" attitude. The attitude toward
> people asking about "WordPress as CMS" is widespread and wrongheaded
> (including coming from one developer with whom I've had a very friendly
> relationship.) As long as the "blog post" aspect is front and center,
> people will -- legitimately -- consider it "blog software".
>
> Personally I would love to see a plugin that entirely removes or conceals
> the post/comment areas of the admin, and I'm considering making one.
>
> The Big Question: What would a "CMS" plugin have to do? Pots and comments
> are woven throughout the Admin, and I'd like to remove all aspects of them
> from the menus. My "to do" list is below -- if I'm missing something, or if
> you have advice as to how to do some of this, I would appreciate.
>
> 1) Remove "Posts" and "Comments" from main menu. (Am I correct that
> direct links will still work? Is there a way to remove those areas entirely
> rather than just hiding the menu items?)
>
> 2) Remove "Recent Comments" and "QuickPress" from Dashboard.
> (Again, can it be removed entirely or merely hidden?)
>
> 3) Remove "Press This" from Tools page (how?)
>
> 4) Writing Settings page -- remove/hide/turn off "Remote
> Publishing", "Post Via Email", and "Update Services" settings
>
> 5) Reading Settings page -- remove "Front Page Displays" option.
> Set it to "static page". Still must allow user to set the static page
> though.
>
> (Since we're changing those two pages so much, perhaps remove them
> entirely and replace them with a new consolidated page?)
>
> 6) Remove "Discussion" settings page entirely. Set default
> preferences to no comments or notifications.
>
> 7) Remove "Discussion" meta box from Edit Page page.
>
> 8) Remove Tags/Categories from Permalink Settings page
>
> Also, in general, I think WordPress itself should do a few things to lessen
> the "blog assumption". Nothing major, but a few small things to consider:
>
> 1) On General Settings page, change "Blog Title" and "Blog Address"
> to "Site Title" and "Site Address"
>
> 2) Ditto "Privacy" page. "Blog" s/b "Site"
>
> Good idea? Bad? Discuss!
>
> Stephen
>
> --
> Stephen Rider
> http://striderweb.com/
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
More information about the wp-hackers
mailing list