Open Source HTML versus CMS Websites
Website Design May 05, 2019
Open Source HTML versus CMS Websites
Open Source HTML versus CMS Websites – One of the great things about working at Google is that we get to leverage an enormous amount of computing power to do some really cool things. One idea we tried out was to let web admins know about their potentially hackable websites. The initial effort was successful enough that we thought we would take it one step further by expanding our efforts to cover other types of web applications, such as more content management systems (CMS), forum or bulletin board applications, and stat trackers, among others.
This time, however, our goal is not just to isolate vulnerable or hackable software packages, but also to notify web admins about newer versions of the software packages or plugins they are running on their websites.
For example, a Drupal module or Joomla extension update might be available, but some people might not have upgraded.
There are a few reasons an AWeber admin might not upgrade to the newer version, and one of them could be that they are not aware that a new version exists. This is where we think we can help. We hope to notify web admins about new versions of their software by sending them a message through Webmaster Tools. This way, they can make an informed decision about whether they want to upgrade.
One way we identify sites to notify is by parsing the source code of the web pages we crawl.
For example, WordPress and other CMS applications include a generator meta tag that specifies the version number.
This has proven tremendously helpful in our efforts to notify web admins. So, if you’re a software developer and want us to help you inform your users about new software versions, a great way to start is to include a generator meta tag that displays your software’s version number.
If you’re a plugin or widget developer, including a version number in the source you provide to your users is also a great way to help.
Over time, we’ve seen divided opinions about whether it’s a good security practice to include a version number in source code. This number lets hackers or worm writers know that the website might be vulnerable to a particular type of exploit.
But as Matt Mullenweg pointed out, “Where [a worm writer’s] 1.0 might have checked for version numbers, 2.0 just tests [a website’s] capabilities…”. Meanwhile, the advantage of a version number is that it can help alert site owners when they need to update their site. In the end, we tend to think that including a version number can do more good than harm.
We plan to begin sending out the first of these messages soon and hope that web admins find them useful! If you have any questions or feedback, feel free to comment here.
# Open Source HTML versus CMS Websites
Also see Why Has Website Hacking Become More Prevalent
Post excerpts from Patrick Chapman, Search Quality