Curious to hear about CMS security experiences

Discussion in 'Joomla and other Content Management Systems (CMS)' started by latenights, Jan 17, 2009.

  1. latenights


    Trophy Points:
    Just threw up a Joomla 1.5 site straight off the tutorials.

    Now I patched it up like they said, and actuallyforgot about it for a month.
    Last month I noticed it had been completely defaced by some Russian hacker. Well since I am not using it and have plenty of other things to keep me busy I forgot about it again. This week I saw the hacker just crashed the entire site and deleted entire folders.

    Here's my point. at the same time I was curious how all the CMS would fare, so I also set up a Drupal site (out of the box) with the patches.

    The Drupal site is sitting there untouched

    And if you think they ar enot bold, check out a hacked network security site: -- it seems we are all in the firing line.

    Conclusion: Joomla seems to be the CMS of choice for hackers.

    Does anyone have a opinion on which is more secure?

    How much of a role do you think the server security plays in it?

    Now I take an interest in it and I have seen Xoops, Joomla sites hacked a lot., But I am yet to see a Drupal site defaced.

    Does anyone have an opinion on which CMS is more secure or easier to secure?
  2. xprt007


    Trophy Points:
    I am not a Drupal expert, but I read articles in the forums or try to help others with queries in some few areas when I can.
    Once in a while, i have read about someone talking about a site being highjacked, though it's quite a while back. To get a true or more accurate picture of how much that is a problem, I think one could do a search in the forum at or ask a question on the subject.
    There are likely to be some honest answers from users.

    I think Drupal core is quite secure & problems are much more likely to be caused by or through third party modules than through exploiting some weakness in the system.
    I am personally satisfied, though with the very regular updates to the core or third party modules.
    My community site has about 80 modules & every now & then there are updates, to which one is alerted once any is released. Some of the updates are security related.

    I have read about some highjacking case or 2 which however seemed to be a result of the security of the server being compromised.

    Regarding ease of use, I find Drupal much easier to use than Joomla, starting at the admin panel.

    Anyway, I have had no bad experiences & I'm generally satisfied with Drupal & its support and hope it remains so. ;)

Share This Page