Today, a MySQL vulnerability has been discovered, one that allows privileged access to databases.
Our semantic Content Management System (CMS), XIMDEX, frequently uses MySQL. However, instead of rushing to “secure” client installations, we have been able to remain focused on testing version 3.3 of Ximdex, which will be released imminently.
This is all thanks to our concept of decoupled publishing, which allows us to host the XCMS server within the intranet, providing greater protection against external attacks.
Moreover, decoupled publishing simplifies the generation of portals with minimal dynamic components or even none at all. In such cases, Ximdex provides the “dynamism” for certain components, calculating all possible document combinations to produce static HTML versions of the portal (e.g., newsletters). Furthermore, thanks to our complete technological neutrality, the web portal managed by Ximdex can be developed using any technology (application servers, DBMSs, connectors, etc.) and in any programming language (Java, PHP, RoR, Python, etc.) suited for web development.
This approach allows us to guarantee an intrinsic level of security for portals managed with the open-source Ximdex CMS, giving us the relative peace of mind of having one less vulnerability to address. Meanwhile, other CMSs based on MySQL must scramble to shield themselves from this new vulnerability in an endless race.
For those seeking active security, decoupled publishing also facilitates this by allowing the content and applications pumped to production to be periodically verified. Any detected discrepancies (e.g., tampering with the deployed portal) will trigger an alert to the system administrator.
In conclusion, Ximdex’s decoupled publishing provides the freedom to choose the best technology for our portal. Options range from a fully static HTML5 version with no database connection to a fully dynamic version linked to any DBMS and using any programming language. From a security standpoint, Ximdex does not constrain the choice of the most suitable option for our portal. And with the server hosted within the intranet, we have one less server to worry about.
Note: Decoupled publishing, pioneered by Ximdex CMS, is rapidly gaining popularity, driven by the capability of modern JavaScript to provide the business logic required for dynamic web pages. CMSs that adopt this approach are now commonly referred to as Headless CMSs.