Hello All, I have often used WordPress to create blogs, websites and more. One of the things that I like about it is that it is so easy to get a proof-of-concept done thanks to the pleathora of plugins available for WP. Its weak link is security. I now have an application to create for the banking industry that needs some content management functionality + a membership system (like UltimateMember for WP) and the ability to let me extend it via something as neat as WordPress's shortcode system. Security is paramount - and I do not mean just passwords. The entire database has to be encrypted, files and other data have to be encrypted prior to leaving the user's browser... . I have done a spot of research and found a few solutions that could help accelerate development. Compo.sr and CMSMS spring to mind. However, I have not yet looked at what they can really do. My question - is there a CMS that offers end-to-end encryption + a plugin development API out-of-the-box? I'd be most grateful for any help and pointers here.
Most likely not. Also, if you need such a level of security, I would believe that somebody on the requiring side will object to using !"ready-made" systems - unless they are from a very reputable source. For such a requirement it sounds like a webpage is the wrong solution - especialy if it's supposed to be available online. Sounds like something you would want to run on a secured network with access restrictions (SSH, Citrix, something else) to access the computer(s) with the interface. It's doable, of course, but a fully encrypted database will be a performance hit - also, unless the files and data users adds to the site isn't encrypted BEFORE they upload it, it will be possible (if the system is compromised) to catch this. Depending on what this page is supposed to do, there might be other solutions that are better/more appropriate.