Hello, maybe you can help me to figure out if the type of CMS I'm looking for exists at all.

I'm an individual with a hobby website, filled with articles, not time sensitive, and it must be well categorized for easy finding. Currently it is a html-css website with installed phpBB3 for visitors' input and for easy publishing of the own information. Half-baked, as you can see. On a shared server.

I'm looking for something that will not require manual entry of a new links to the old pages after uploading the new one. Any CMS - in the wide meaning of this world - does this, but they were specifically made for a different purpose:

1. Joomla - Drupal class: too difficult for a user without php and any other related knowledge, add difficult language of instructions, unlike WordPress.

2. Blogging systems, especially WordPress: generally secure, allow easy information entry and does all linking itself, has excellent spam protection (not only captcha). But: old information is archived (not desirable feature), "teasers" are filling the pages (another negative feature), long structured article could be only viewed as 1-2-3-4...pages, not as subcategory to go there at once. No RCC or Atom are required.

3. Many other CMS, including "lite", like LightNEasy have requirement to keep some 777 permissions (world writable, potential security problem), all the time to be able to function. For lite CMS spam protection is practically limited to captcha.
Plus most of dynamically generated pages are more slow loading for a reader then at once appearing static html pages.

4. Wikis are made for a multiple authors, and for some of them default settings are editable by anyone and the first thing after installation is prohibit the behavior they were designed for.

5. Forums, as I had read, have the best security measures, but made for completely different purpose and are less SEOptimized than WordPress, for example.

Is there anything spam protected and secure as a web publishing tool for an individual (one author), with possibility of getting input by using submit form, or as comments, in any case spam protected?
Or am I looking for not existing?

Thank you for the excellent information about CMS on your website.
I'm trying to get some extension of this information suitable for needs of a basic user without special knowledge, hosted on the shared server.

Thank you so much, it is much more than I expected.

The demo site for open source CMS has user comments that mentioned two drawbacks for CMS made simple, and I'm at lower level than they are. I rather will give a try to Joomla.

No mentor, but I'll follow the procedure:

1. Done and done.
2. Got other host, seems to be good, but we'll see. US based.
3. Have to look around what is webroot, hopefully it is something just above .../public.
Will pay the closest attention to all of recommended.


Can you post your opinion about what the right start-up plugins should be? Otherwise I'll have to rely on what somebody just mentioned somewhere, using Google search.

Is it possible to migrate content from html to Joomla using plugin? I thought that it should be a lot of copy-paste.
The website is about keeping fish in aquarium, plain and simple 

Thanks again.

Well, I don't agree with the statement you quote re. register_globals etc, because there are a lot of web hosts who don't know this stuff, and neither will you till you've learnt more.

I think the dangers of an exploited website are probably overrated, for the average private website owner. If you're a commercial site operator, you can pay for professional advice anyway. Lots don't, of course, but you'd have to regard them as unwise.

No pages in Joomla or any other true CMS are archived, that is purely a function of blog/CMS and forum software such as WordPress and phpBB. In a CMS there is only ever one instance of a page. There may be multiple URLs for it of course, but that is fixed by the SEF URL / canonical URL plugin (such as sh404SEF for Joomla).

In my opinion you will be making a mistake if you try to build and maintain an HTML web page site of over 100 pages in size. The benefits of using a (real) CMS to manage that size of site with, are immense. However if you wish to go the HTML page website route, my favourite software to do it with would be SiteSpinner. It's like Dreamweaver but was much better and much more modern a long time before Dreamwaever matured. Also far easier to use to get a good result with, for non-professionals.

But another factor that crops up then is simply that the amount of time input to learn Dreamweaver or SiteSpinner is probably the same as that to to learn a CMS - maybe more. After all, there are untold millions of people who build Dreamweaver sites of appallingly low quality.

At least with a good CMS you start out with something of good quality. You can always wreck it of course, but you will get a massive head start in quality and capability. Flat sites are OK if you have less than 10 pages, or are a pro who works with them everyday, and needs to produce a unique site each time. Otherwise CMS beats HTML by a million miles.

You should try Joomla out, you will find it worth the effort.


Version
Which version of Joomla to use, is a personal decision. In theory, you may be better off with the new 1.5 series - but in practice there is nothing wrong with the 1.0 series. It's fully sorted and is the only CMS in the world that can be said about. Security is actually better on the old version because all the holes have been found, the new version still has exploits to be found.

All the best plugins and templates work on the 1.0 series, again, this doesn't apply to the 1.5 series. I always install the 1.0.15 version and will do for about another 6 to 12 months until the 1.5 version can stand on its own two feet. I have installed the 1.5 version for a specific purpose, but general installs are still currently a better prospect using 1.0.15.

However, I may need to upgrade them to the new version in a year or so, if clients need new features that are unavailable in the 1.0 series (such as some types of ACL configuration). But since webmasters using the new 1.5 series are still reporting a ton of issues I'm in no hurry there. It takes 2 years to sort out a new webapp, as the 1.5 series is, and there is still time to run on that. If you need to install a CMS at accessibility level AAA then Joomla 1.5 will do the job (at an elevated cost), but for ordinary uses there are still too many issues for me - still far too many bugs, especially with plugins - and Joomla IS the plugins, it's a framework, the core CMS doesn't do much at all.


Security
Yes, they have (rightly) given some frightening security advice at Joomla central. That's because people go with cheap rubbish hosts, install trash plugins with multiple vulnerabilities, and never upgrade anything - then they blame Joomla if the site is exploited. I've seen this countless times.

Joomla is one of the 3 most secure CMS in existence - if you don't sabotage it. You need to find a good host - and the easiest way to do that is to find one that advertises Joomla hosting or CMS hosting. There is a huge difference between old-style hosts who are competent to host flat sites (HTML web page sites) and specialist database-driven website hosts. Many of the older hosts don't have a clue about the implications of database website security. They have server errors like register_globals on, the old PHP 4 as the only choice, and I even saw one running PHP 3 not long ago. They have no tmp path set, no suPHP on the server, Apache file ownerships totally messed up, and the rest. I can't emphasise enough, the difference between a good CMS hosting service and the other incompetent fools out there. But you've no way of telling - unless you go with a known, competent CMS host.


Archiving
This just isn't an issue with a real CMS, it only affects blog/CMS crossover apps like WordPress, and forums. In Drupal CMS for example, as far as I'm aware it's impossible to get duplicate URLs or pages, as soon as you set up a canonical (single and only) URL for a page / item.

In Joomla, provided that you have a good SEF URL / canonical URL plugin solution like sh404, there is then only ever one page with any given content. It can't be 'archived' under another URL or whatever in addition (unless you specifically chose to do that for some reason).


Plugins
The first one you need is sh404SEF, for short URLs / canonical issues / security / metadata issues.

Then, some visual editors to try out - I recommend TMedit and JFCKedit. You can play aroound with these and see which you prefer. JCEedit is probably better but hard to install for new Joomla webmasters, it needs a lot of messing about.

Finally a database backup utility - PU Database Admin is good. You can get an instant dump of the DB, from the J admin backend, and download it. Together with the webroot files, that's the entire install, and you can transfer that to another server or reinstall from it. There's a one-shot way to do that called JoomlaCloner / Xcloner but it's a paid plugin. That's what we use and it's perfect. There's a free one called JoomlaPack but it has too many issues for us to mess with, it's not a one-click solution like Xcloner.

If you have a comments plugin on some pages you'll need an anti-spam solution, Mollom or Akismet are good. Mollom is maybe better on a CMS.

If you want translated content there are several ways to enable that in Joomla. The simplest by far is to use the mod_babelfish module, as on the A3webtech site, which simply puts an online translation menu on pages where you want it. Or, you can have the full monty and instal Joomfish, which is a manager for pre-translated content. If you use that, install it before any other plugin. I advise you as a beginner not to go that far.

For image rotators etc try the Joomalworks.gr products, they are good quality. For example the SIR simple image rotator is an excellent basic slideshow. Or their Front Page Slideshow, for the full works.


Template
The first problem you'll find though is what template to use. Luckily with Joomla it has the best template system in CMS, you can change it in 1 minute. So pick anything, get up and running, then change it later.


That should get you started.

OK

Joomla and speed / page numbers
The CMS is not slowed down by high page numbers, if you have 5,000 pages it will not make any difference. The thing that slows it down is the hosting - especially the number of other dynamic sites on the server - and adding too many heavyweight plugins.

The fastest CMS sites are on servers with few other sites, and have a sensible number of 'big' plugins. By that I mean ones that change the functionality in a major way, not just those that add features. For example one such plugin might be Community Builder, another is the Kunena integral forum. If you keep adding these major functions, and add traffic, then the site slows down unless you go onto a dedicated server. However this does not affect a site until you have at least 1,000 visits a day, below that nothing is happening at all as far as the CMS is concerned.

Joomla does have a limit on page numbers though (unlike Drupal for example). In Drupal you can have unlimited page numbers - 100,000 or whatever. But you need more databases of course, if it gets that big. But Joomla is hard to manage with over 10,000 pages. The comfort zone is from 50 to 1,000 pages, it is perfect for that size of site. It makes no difference to the operation of a CMS if there are 10 pages or 1000 pages. You just arrange your site architecture to suit the size of the site - and it's easy to change in any case. It's done by simply arranging & re-arranging the menus until you like the result, and also using (or not fully utilising) the 3-level content structure that the CMS comes with out of the box - Sections, Categories, and Items (pages, more or less). Pages go into a Category. Several Categories go into a Section. You can display just the pages alone, or also the category main pages, and/or the section start pages. Up to you. See the tutes on this site.

For examle on this site there are less than 1,000 pages, so we have a wide / flat architecture, controlled by menus, and have no category or section pages - there is no need to as there are so few pages (for a CMS). But if the site expanded to 5,000 pages or something, we might have a category page or two.

Register_globals
This was a PHP server setting that old (very old) webapps needed to function right, around 2002. It's been off in PHP by default since 2004 I think. The host must not override it as it is a security setting, and turning it on opens the server to exploits. If somebody is using an old or faulty web application that needs it on, then they can simply turn it on locally, with a local php.ini file, and it is then only on for that site alone. This is the beauty of an Apache server compared to a Windows server, many things are locally adjustable with the local htaccess and php.ini files. This makes a LAMP server about 1000 times better for shared hosting than a Windows server. Those are OK for dedicated servers, as you need to have access to the server management (the IIS Manager console) to make the smallest change.

Akismet / Mollom
These anti-spam services are often integral with a comments plugin or similar. First trial the plugins, pick the one you like, and take it from there. The plugin will have all the details you need. You have to get an API, which a site 'key', but this is free. You can't go further without knowing what plugins you will have, and the documentation with them will tell you what to do, with regard to the spam blocking. Or just come back here

Sure - good luck.

Yeah, well, they tend to go for scare tactics on he Joomla forum to counteract the people who get the cheapest hosting, load 20 bad plugins, and never update anything. Can't blame them really.

The reality is that Joomla CMS has had 8 million downloads and a tiny number of exploits in comparison. All the exploits for Joomla 1.0 series have been found by now, the only reason it can get hacked is by poor hosting or poor webmastering - meaning, refusing to do things that you know are needed.

Try this host [remove the spaces in the URL]:
http:  //interactiveonline.  com/solutions/  joomla-hosting

Not the cheapest, about $120 a year, but should suit you, for shared hosting.

Choose Joomla install within the script installer, and install direct to the webroot (as is now standard anyway), not into a folder (aka a directory).

Admin directory renaming etc: this is just scare tactics or extreme pessimism by someone. Look, I install Joomla for commercial clients when I need a rock-solid, secure CMS. OK? But you should certainly create a new, unknown-name admin account and delete the default one.

As soon as it is installed, create a new user of SuperAdmin level with a username that cannot be guessed and is not in a dictionary. Or, simply a random string of numbers and letters. Then give them a password like this for example:
7gFh3207JD92dfjhV73oPq3j5

Log out, then login with the new account, to check it. Ensure you have a record of it in two places. Then delete the default superadmin account.

With a tricky username and a REAL password like that, the account cannot be brute-forced - except by a Cray with 100 years to work with. Passwords need to be long, random, and contain a mix of numbers and UC / LC letters. I don't use symbols normally because some accounts cannot accept them. This certainly doesn't make a password weaker in any way, you just make it longer.

If a password is less than 10 characters long, is not random, and doesn't contain a mix of 3 or more classes of character - then it isn't a password. You can call it whatever you like but it isn't a password.

You can, as you saw suggested somewhere, rename the admin folder competely. But this is going too far for average site owners.

Also take a look at this page - personal security is an important factor that impacts your server security, and many people don't realise this.
http://www.a3webtech.com/index.php/computer-security-guide.html

The worst part of using Joomla is that it has a huge collection of plugins and a non-techy person would rather have something that just works out of the box. I'm using a cms created in my proud homeland (Poland), as I already posted somewhere, it's called MWCMS and really worth checking out: www [dot] mwcms [dot] com