As with any big subject there are plenty of myths. Some of them make you fall down laughing, others cause you to stop and go "Er - what?" -- trying to figure out how they could possibly have come to that conclusion. From the weird to the downright hilarious, try some of these. Several were found on the websites of commercial CMS vendors, who were presumably trying to make their own application look better. Shame it didn't come off. Whenever we see another, we'll add it here  :)

Be aware there that there are a huge number of people coming into SEO and into CMS right now. Many have no technical background and would not know how to calculate a power factor, specify a PSU, set up a server, code a PHP page or anything else in that line. Why they feel qualified to write on technical subjects after three months study is a mystery - but the Internet is a free country. Writing about marketing or copywriting is different, you don't need to know the difference between amps and watts, Java and JavaScript, eZpublish and Colony.

The biggest area of ignorance is with SEO related to CMS, as this combines two technical subjects in which you need years of experience before you can start to feel confident about the answers. There are few people who are qualified to write in this area - but that doesn't stop anyone and everyone doing it. Once they've written it, of course, it's out there for ever; so it will always be a great topic for a laugh, even many years in the future. Just be careful about whose word you accept as the truth. As always, the only truth is results.

Be aware that the most wildly inaccurate statements - about virtually anything - are found on SEO forums. Just ignore most of what you read on them and you won't go far wrong.


"Joomla SEO is bad"
An excellent start. This has even been seen from an SEO operator (hard to use the term 'consultant' here, for someone just starting out and obviously not a techie).

Well, what can I say? We put Joomla sites at #1 on the client's chosen search engine, globally, so we must be using different versions of it or something...

In the world of CMS, Joomla is one of the best for search optimising - as we have proved. Everything is done with plugins on this CMS, so you need to know what works and what doesn't. Out of the box, it's grim - no argument there - but so is WordPress for instance, which is equally upgradeable, so that is irrelevant. If you want a CMS that's A1 on SEO out of the box, use Plone. Otherwise, if you need something a bit handier, Joomla will do just fine. You can't argue with multiple gobal #1 search positions and that's all there is to it. If your SEO people just can't hack it, you know what to do.

You'll see endless repetition of completely wrong and utterly false myths about CMS / SEO repeated everywhere - especially about Joomla of course, as it's the world's biggest. For example, here is another hilarious statement seen recently:

"A word of caution about Joomla......not very SEO-friendly", etc (edited).

This was combined with other statements showing the author only had 2-year out-of-date knowledge of SEO in any case (and this of course was on an SEO forum).

You can place at global #1 on your chosen search engine with Joomla if you know what you are about, just as with many other CMS. If you don't know that much about modern SEO and modern CMS, then you will find all kinds of problems.

If a CMS frequently places at #1, globally, on all the largest search engines, without vast expenditure on links or any other artificial pump-it-up methods - then what would your evaluation of its SEO potential be? If you said, "Apparently, fairly good" you'd be in the right area. And also a lot cleverer than some of these soi-disant SEO experts...


"Juma CMS" - "Jommla" etc
No such animal. It's Joomla misheard or misspelt. Not hard to do of course as it's Swahili or something anyway.


"It's hard to locate and move pages [in Joomla]"
Joomla is the easiest CMS we ever used, for locating and moving a page. It couldn't possibly be easier or quicker unless you had a magic wand. Twenty seconds (from login to logout) doesn't qualify as 'hard' in my book.

Of course, if the CMS was built by a novice, then it may be different - you'll see all sorts of weird things then, such as content pages within the Static Content section and so on. With a site like this, first you have to reorganise it, otherwise it could well be hard to work out what's where. For example if a novice has built the site, using for instance the Rocket Launcher method so that you have Lego men articles everywhere, and pages placed in Static Content - then, yes - life might be tricky...  First it needs sorting out, to get it into some sort of sane order.


Ease of configuration: "complex"
It probably is, compared to WordPress, say. Compared to Plone it's a walk in the park.


Ecommerce support: "poor"   
Another brilliant deduction from someone who can't have used a CMS this century. Joomla has excellent ecommerce support and is certainly among the top three CMS for good shopping cart integrations. It has more plugin shopping carts than any other CMS - from OScommerce through eZshop from eZpublish; and the Joomla-Virtuemart ecommerce CMS package is one of the best in CMS. The whole CMS can be run as a giant ecommerce app with the best content management available anywhere in ecommerce. Not bug-free perhaps but let's see a full open-source one that is.

This hilarious statement probably takes the top prize on this page. How to demonstrate in public that you know absolutely nothing about a subject you are pontificating about.


"Joomla doesn't scale"
To finish off this part of the page - just to show we're not biased (too much) - here's one we tend to agree with, at least in part. It depends on precisely what you mean: if the statement refers to high loads, then this is wrong; high traffic is a hosting issue, not down to the core app here. Joomla is just a PHP script (or group of them), and that, in theory, means it will load up to as fast as the server can run it. At that point you need more servers. Joomla isn't slow here, unlike some CM systems, so it can churn out a lot of pages per second. The caching and load-balancing configs are important here.

Joomla will handle 33,000 visits a day -- 1 million visits a month -- 2,000 people online at any one time -- and burn through two terabytes of bandwidth a month. But this is a hosting issue; if your hosts can't support it, go elsewhere.

If you mean that vast page numbers are not practical, for one reason or another, than I agree. Our limit here is 10,000 pages, and if it looks as though the site will go to more than that, we choose another application. Every CMS has its specialist area and we think Joomla is unbeatable for rich media publishing with less than say 1,000 pages, and a max of 10k. It will certainly go to more than 10k (100k plus probably) but things start to get difficult as the structure isn't designed to handle that many, especially if the site is complex, with a lot of plugins. There are many niggling little problems at this scale, such as the plugin assignment per page, which is built around the concept that there won't be a lot of pages. It should of course have options for 'by section', 'by category', and 'to all pages except...' - but it doesn't, since the functionality is not designed for large page numbers.

On the other hand, for simple publishing tasks, it could well handle a lot of pages. It will handle a lot of pages easily if you are sensible with the plugin aspect and just want to get a lot of text pages up there. So it depends on what the statement "it doesn't scale" means. And if you really wanted to use Joomla because of its great features, in a high-load, high page numbers environment - then you would most likely have the funds to play around a bit and find a solution.




The following interesting statements about Joomla were made by a well-known SEO expert, apparently after three months' research into CMS for a client. Unfortunately, it shows just how wrong you can be about a technical subject if you only have three months knowledge (as you would surely expect in any case). It's a little like a radio transmission expert making definitive statements about brain surgery after three months' study. You might get one or two things right, but the rest is unfortunately going to be laughable gibberish - as in this case.


The background for Joomla is as a blogging platform
Well, that's the first I've heard of it and I've been using it for a few years...  As far as I knew, it was a CMS! There is certainly one point of similarity between Joomla and WordPress - they both use a MySQL database. After that, I can't think of any other. There must be some, one supposes; but as someone who either installs, configures or uses one or both every day, I can't think of any. Possibly there has been some confusion as to the purpose of the blog-style facility in most of the editors (the two-pane follow-on facility). It's just another J feature in a long list. Many, probably most, sites don't even use it. I personally feel the two-pane editor set-up is a complete waste of time, since if you do need a break and follow-on, there are other ways of enabling it. There must be some people using it, though, for it to be retained - and it obviously confuses CMS beginners.

One thing I wouldn't use Joomla for is as a blogging app, it's no good at it (it's a CMS). You can get a blog plugin of course (dozens of them probably), but with blogs it's horses for courses: WordPress is unbeatable, for a bunch of reasons. It's no good trying to use a blogging app as a CMS, and it doesn't work much better trying to use a CMS as a blog app.

Joomla isn't a blog app, never was a blog app, and shouldn't really be used as a blog app unless you seek the easiest possible management and don't need maximum impact. WP is set up to use features like RPC and so on better.


There is no drag and drop
One of the best features of all the Joomla visual editors (at least, the half-dozen I've tried) is that they all have excellent cut 'n paste support for text, and in some cases images. Not only that, but pasted-in text also preserves the hyperlinks and any other formatting - assuming that's what you want.

You can't drag 'n drop images easily into the CMS because you are not dealing with a ckient-side app, it's a server-side one. The images need to be on the server before you can start to play around with them. For beginners it would be best to use a WYSYWYG editor that handles images well, such as the J-FCKeditor. You can upload images with this, so you don't have to FTP them up to the server. If you know how to go about it you can paste them in using drag 'n drop. This will fail on one of the editors that majors on text formatting, such as TMedit.


Built in security is poor
[All comments in this section on Joomla security refer to the fully-secure and fully-sorted Joomla 1.0.15 version. The new 1.5 series is effectively in public beta as it is less than 2 years old, and cannot possibly be described as stable and secure until the normal 2-year public period is complete]

Oh dear. Joomla has been quoted as one of the three most secure CMS in the world (OSS and commercial combined). In any case, only a web security expert who specialises in CMS can make authoritative statements in this area, and there can't be many of them.

Of course, as with any CMS the security depends on the webmaster. In this respect, a simple micro-CMS like WordPress would be better for some users as it needs little input, and it is harder to compromise security than on a full CMS like Joomla. The webmaster can, by dangerous actions, or by inaction, cause the CMS to become insecure.

One thing you can say with absolute certainty is that Joomla security is not "poor" - in the CMS world it is very good to excellent, depending on your point of view. We use it when we know that a site is likely to be attacked, as the security (when set up correctly of course) is so good.

In the CMS world you need to know the software and how to set it up on the server correctly. You also need to know the plugins very well indeed - since everything is done with plugins. A core CMS does little except display a front page. If you don't know your plugins intimately you'll make no headway at all.

And then we come to the fact that to do SEO for CMS correctly you have to know about... SEO for CMS. You can't read that out of a book, as far as we know. We try to assist beginners in that area on this site, with a big volume of reference material. But be aware that you have to work with something every day for three years before you can be said to be knowledgeable or expert in it. Unfortunately there are going to be a lot of people claiming knowledge in this area who couldn't write a single line of htaccess code.

I run sites that are continually being attacked on a wide scale (over 100 attacks per day on some), and as yet none of the Joomla sites have been penetrated. This is bound to happen in the end, simply as a statistical certainty; but I cannot believe that would be the case if we were talking about some of the other CMS candidates out there. I think our friend has made the classic error of thinking that if an application has been exploited, then it is bad (and has also almost certainly taken note of an ignorant post on a forum somewhere). Unfortunately that would then rule out every application on the Net, since as far as is known all web software has had vulnerabilities, been exploited, and been fixed. We would have to stop using Firefox and Linux, and everything else, if a perfect record was required.

And of course if you want to take forum info as gospel you'd need your head examined - in my own specialist field, SEO, more than 50% of advice given in posts on SEO forums is wrong in whole or in part; so if you acted on the information given there, you would be a long way wide of the mark. (And this is a very good example of it...)

The key is (a) how robust an application is now - not 2 years ago - and (b) if the dev team are on the case or not. In both cases you would have to go a long way to beat Joomla. I think it would pay a researcher to look at the security resources at Joomla central, which far exceed those available for any other CMS. Of course, one would have to know how to carry out research in the first place, and have the time and patience required.

Another very relevant point here is that, however secure the core application may be, this is easily wrecked by poorly-written extensions. Since Joomla has far and away the most plugins for any CMS (currently around 5,000), it is reasonable to assume that some will be faulty. It is comparatively easy to author plugins for Joomla as the APIs are so good; and this means the bar is fairly low. As a result, many plugins wreck both the code and the security.

It's easy to see why this happens: if the majority of developers have never even heard of validating their code - or just can't be bothered - then how much more likely is it that they won't have a clue about security issues? (Around 80% of web pages we are contracted to work on do not validate, often with 50-plus code errors; and this is often brand new work.) It's an unfortunate fact that most developers have never heard of web standards; and server security is even lower down the list.

The security vulnerabilities of certain plugins are very well documented at Joomla central and you can choose before you install.

It would be marvellous if plugins could be tested and approved by a central group before being accredited and/or released, as is done for some applications; but the scale of Joomla is just too big to make that possible. Check the security info at J central before installing one.

Another important factor is hosting, and the host's security. There is a valid argument that you pay your hosts for their security expertise as much as anything else. Security is not a priority with some hosts - as an example, in 2008 we saw a server running PHP3 (and understandably the website we were looking at had a continuing problem with exploits). If you have your site hosted on a server with 3,000 others then I would hazard a guess that standards are not of the highest in some areas. If your site is then hacked by XSS, the hosts may well be at fault.

Joomla 1.5 security
Plugins must be checked for their security rating at the Joomla security centre. If you are using the new Joomla 1.5 series, then patches and upgrades MUST be applied immediately; and the security bulletin from Joomla MUST be subscribed to. This is because it is not yet 2 years old, and there is no such thing as a webapp under 2 years old that is secure. As soon as new exploits are found in Joomla 1.5, the security team issue a patch and a security bulletin update. You must subscribe to this and action the advice, if you are running the Joomla 1.5 series. If you want a fully-secure version, you must use the fully-sorted Joomla 1.0.15 version as it has had all these issues resolved.

An unpatched Joomla 1.5 install is wide open. There are hacking tutorials all over the Net - check YouTube for instance - on how to hack Joomla 1.5 in a few seconds. You MUST patch it immediately a security alert is issued, which in practice upgrades it to a new version.

If you want a secure Joomla install with no worry, use the last fully-secure and stable version - Joomla 1.0.15.


Load balancing [is poor]
This is normally a hosting issue. There are plenty of Joomla sites out there with 30k-plus uniques per day, i.e. 1 million or so a month; sites with 2,000 visitors online at any one moment; sites with more than two terabytes of traffic monthly. They work OK, which is down to the hosting.

Joomla, after all, is just a PHP script. In theory a script can call an almost unlimited number of page requests as it has little slowing it down. As a group of scripts gets larger and more complex, speed may fall off. Joomla is fairly lightweight as far as WCMS applications go, and functionality is plugged in. There isn't a lot slowing it down.

It's true that some other CM systems have core support for multi-site and multi-server set-ups; but although Joomla has none of this, it is a framework and the world's most flexible CMS in the first place - anything is possible. In any case, as stated, it's down to the hosting in the main.

You have two basic choices in load-balancing: to feed multiple proxy servers from a CMS on one server; or to have a bunch of servers all loaded with clones of the CMS. The hosts need to decide which they favour, and then go from there. Joomla doesn't have native multi-server support on the core - but then it doesn't have much of anything in the core, compared to other CMS apps which have all the functionality built in. Joomla is different in that everything is done with plugins. There are some disadvantages, but it does give tremendous flexibility. If you want multi-server, then use one of the plugins for that, or write your own.


How wrong can you get it after three months study?? I think the basic error this guy made was that he took heed of forum posts and opinions rather than actually using the application itself. For example, you would only have to use it for 5 minutes to know that cut 'n paste editing support is superb; that is most likely the first thing you would do with it, surely? And taking forum opinions as gospel is just plain ludicrous. Some days you would make more headway by doing exactly the opposite of the advice given on forums; and nowhere is this more true than on SEO forums.

Personally, I feel it is a shame the SEO consultant in question made these statements, as it tends to undermine his credibility; but on the other hand it is representative of statements in general on SEO forums - take with a pinch of salt, and for heaven's sake don't make any commercial decisions based on what you read there. It can be wildly inaccurate or 2 years out of date. Probably the most apposite thing that can be said about these statements on Joomla is that they were seen on an SEO forum...

At any rate it serves as an object lesson.