|
Written by Erik Brakkee
|
A lot has happened since I installed mambo on the server. Mambo looked
like such a nice tool in the beginning, until I found out that someone
had hacked brakkee.org some time ago and shortly after that someone who
launched a denial of service attack from my server on another server.
The reason for this was a security leak in mambo allowing the server to
execute arbitrary scripts, in combination with a default php
configuration of SuSE linux which is not secure.
Anyway, I fixed the PHP configuration so this should not happen
anymore. Nevertheless, I am not really impressed anymore with mambo.
Also looking at the code it is just one big pile of.... or in other
words a classical model 1 architecture where presentation logic and
business logic are mixed. Luckily, magnolia, a Java/J2EE CMS, is
getting mature. It now supports a more reliable database storage
of content (using jackrabbit, a JSR-170 implementation), so that is
perhaps the way to go.
|