A Year in Review: The Journey to Jetendo CMS Going Open Source

Sun, Feb 09, 2014 at 11:10PM

The software that has powered my business and all my client's web sites for the last 10 years is 100% released as open source now:

Just today, I finished automating the installation and upgrade process to make it function like regular software.  For example, you download the source code, install it by following the readme, and upgrade it later without having to understand very much.  The skills required to install the application on a server is similar to installing Wordpress from source code now, but it's much more powerful out of the box for what it specializes in.

In the past year, tons of other major changes were done as well.  I want to summarize the features that have been developed or enhanced over the last year.

It is possible to create and configure new sites completely using the browser interface in seconds.  No need to manipulate source code or configuration files.

It is now possible to run a web site from a shared theme instead of making copies of the theme files for each site.

I made it possible to synchronize some of the systems in more details so that they can run custom features, but still be updated as one unit.

The source code was reorganized to be easier to develop and perform efficient searches across dozens or hundreds of different site projects.

Security was elevated to an extreme level by creating security profiles for AppArmor, Configuring the Railo Sandbox, limiting the permissions on the filesystem, and removing the need for dangerous access to shell commands & Java for all public requests.

All database queries were protected and validated for SQL injection attacks and other conventions to improve the security & accuracy of the software.

Deployment of source code changes to multiple servers was automated and made extremely efficient.

The documentation required to create a working installation of Jetendo CMS from a minimal install of Ubuntu Linux 12.04 LTS was created and made open source. 

A self-contained virtual machine was created that is very easy to setup, and just a 1gb download.  You can begin using Jetendo CMS in minutes after downloading the virtual machine.

A really nice documentation system has been integrated directly into the site manager.  The documentation pages are currently empty with just a Title, but the framework for adding the documentation over time is already done.  Having documentation will reduce time training people.  The documentation is also personalized to the features for that user, and it doesn't show things they don't have access to.

A system to reduce the amount of features a user has access to in the Jetendo CMS Site Manager was created. The security restrictions were enforced across all of the existing manager features.

I built systems that validate and automatically correct invalid configurations.  There is extensive monitoring of domains and processes.   It's really amazing because if a developer makes a mistake, the system automatically fixes it the next time the validation runs.  This greatly improves security and reduces downtime related to human error.

A system to create custom forms visually was built.  This system has been fully integrated throughout Jetendo CMS.  It can be used for many different things due to the unique amount of flexibility it provides.  Here are some examples of what can be done with either no programming or very minor front-end programming now:

  • Create a lead capture form with custom formatting using any number of common HTML form elements, and routing this to someone's email address.  The email format can be customized with simple programming.
  • Create new landing pages that are integrated with Site Search, Site Map and the manager.
  • Create forms with infinite heirarchy with support for recursive sub-groups.   This allows building entirely new custom features in minutes.
  • Create a system that requires administrator approval before the data can be made publically available
  • Map the fields to lead system or to another group to create complex systems that route data between themselves.
  • Automatic high performance due to in-memory caching system.  This system can be disabled when working with larger data-sets.
  • A custom query language has been built to allow searching the in-memory database using simple code, that is validated and faster then database queries.
  • It is possible to create custom features that can only be edited by specific user groups.  Nearly all of the forms for this system require no programming now.

The user login system was enhanced to have encrypted passwords (using scrypt algorithm), and encrypted tokens in a way that makes session hijacking more difficult.

Basic and advanced features were separated in many of the forms to make the most commonly used features more visible.

A javascript error logging system was added in addition to the CFML/PHP error logging systems to make developers aware of problems from a centralized location that supports email alerts.

The site manager now supports setup of a wildcard SSL certificate to allow of the managers to be secured with SSL even when a client domain doesn't use SSL.

It is possible to create domain redirects and aliases in the Jetendo Server Manager.

The development environment of Jetendo is able to communicate with the production environment to allow quick & accurate configuration of site deployment features and more.

A video upload, resize and embed feature was built that can handle private hosting of HD Video that supports both Flash Player and HTML 5 video.

The system has close to no bugs because I have fixed every bug immediately after it was found.  It's very reliable & stable.

Systems to minify and concatenate CSS & Javascript files were integrated into the deploy process to reduce the size of Jetendo CMS's core files.

Some of the image cropping and resizing is performed with HTML 5 Canvas to reduce the load on the server for performing these operations.

Jetendo CMS was upgraded to use HTML 5 syntax throughout.

Nearly all of the javascript features are loaded using deferred loading & execution.  This greatly reduces the amount of time before a page begins to be readable.

OpenID authentication was integrated into the Jetendo CMS User System.  A user can register with OpenID or with a password.  This allows you to rely on other providers such as Google for increased convenience and security.

Google Authorship, Disqus, Fonts.com, Typekit.com, Google Feedburner have all been integrated with Jetendo CMS to allow these third party services to improve the functionality of your web site.

The database and application was upgraded to UTF-8 to support multiple languages better.

Over 130 unique web sites run on Jetendo CMS on my server today. I hope in the future, this number will grow to thousands of sites on many servers maintained by different developers around the world.

Bookmark & Share