• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

True built websites are a rarity. Thoughts?


Active Member
I was thinking the other day that the amount of sites out there that use a CMS, Wordpress or another template system must be a large percentage of the web.

I even saw an adult site selling adult toys using Wordpress for christ sake!!!!!!!

Does nobody code from scratch any more?
It just seems like it's an actual dying art to me which is a shame.

I frequent another forum quite alot and when I report security issues he has to email Ning to sort it out, I just don't get it myself.

What does everyone else think?



Active Member
They do seem to be becoming rare.

I used to always be of the opinion it was a bad idea for the client to have access to a content management system if its just for the odd site update because they can make a mess of the design. Even just changing fonts etc in wordpress's wysiwyg editor.

Normally for me particuarily with one or two clients that are either start ups or didn't have a website before, I tend to start with a 3/4 page static site, then work the template into wordpress at a later stage as they/their needs grow.


Active Member
Hey Jaz,

I know what you're saying, it does seem that many web companies have a one CMS fits all approach, I think as there are opensource content management systems like Wordpress (even though it started as a blog setup!) Joomla, Drupal available and they all have a good following clients who would have previously gone for a custom setup think they can save on time and costs by taking a CMS as a base for their site approach.

For some sites I think this works well, like basic company sites, or sites which would have had a blog or latest news area added, the features then work to the clients benefit. The problem is when people start off with a site like that and then try to get it do too much, like the example you mentioned, Wordpress isn't built for e-commerce and it shouldn't be! No plugin can add the kind of functions, features & security an e-commerce site should have.

If a client comes to me with very specific requirements for a site, or if it's something above what I can handle I'll send them onto a reliable developer, and say that I would be happy to do the front-end design. Past that point it goes beyond my knowledge and experience, and I wouldn't feel comfortable advising them of the best route/options.

I have never worked with Wordpress before, but if you want a custom layout do you not have to create the code yourself from scratch, chop it up and then wack it in to WP?

Or do you mean why's nobody creating bespoke CMS's anymore?

EDIT: There was no replies when I started writing this, so just ignore my post :)


Active Member
Aarlev said:
I have never worked with Wordpress before, but if you want a custom layout do you not have to create the code yourself from scratch, chop it up and then wack it in to WP?

Or do you mean why's nobody creating bespoke CMS's anymore?
Hi Aarlev,

It's best to code to html/css first then yes create a custom Wordpress theme from that. I think Jaz was referring to bespoke developed sites in a more general sense though, as it seems more and more sites are using a CMS when they would perhaps have more benefit in getting a developer to create a custom/bespoke setup tailored to their site needs/requirements.

EDIT: This is a busy thread! :D


Active Member
Well the thing I don't get it that it is relatively easy to create a CMS your self.

O.K if we are talking log in form then a 16 digit security number form protecting an actual form based site that interacts with a DB it is a bit more time consuming, but not much more than a day if you spend the time learning it yourself.

Creating an actual Server side based "CMS" site with server includes is a piece of cake and site wide changes can happen faster and easier than any CMS.

But why do people actually use CMS's?
Is it just because they dont know how to code in which case it is a security nightmare. As soon as a vunerability is found out it is broadcasted on the Hackers network and will only take 5 mins to find most sites running that version and wella any mailious hacker is in and can exploit it.

But even if you run a company that runs a CMS why not create one yourself and then just swap CSS sheets?

The security vunlability then pretty much goes if you know how to securly code and walla it's customized heaven.

Sorry I have just been trying to help a few people recently, 1 uses Yahoo! site builder - don't get me started, and the other used a CMS, not sure which 1 and I was just astonished by the complexity of changing little things, so much so they had to get their programmer in just to change the CMS for them. Which I just thought well why isn't it built from scracth in the first place if the CMS is that hard to use?

I think I just need a moan, lol, and I need to finish my site and stock it so I can get out of free lancing hell, definatly not my bag it takes the control out of control freek way too much for me :D



Active Member
Yeah I know Greg, I had time to go make a coffee and there was already 4 responses lol

If only business was that quick hay.
We use a mix of open source and in house CMS really depends on the job and the client. We did some work for an agency in Bahrain who needed some pretty bespoke functionality so we used our base CMS and added the functionality as agreed it really taught me the difference between content management and a system that allows for content editing. To do the work we did in drupal / joomla would have been a pain, that said there have been some projects where open source platforms have been right for the job.

Our CMS is rapid to implement for sites and easy to tweak plus we know all the code inside out if a client needs some bespoke tweaks.


Junior Member
I constantly get clients wanting to make changes to their own site but the ones that do totally stuff them up, and don't even understand that they have!!!

Personally if I give a client a CMS I abrogate all responsibility for the way it looks and tell the client that. Mostly though it's good to give them a blog to stuff up and keep the rest of the site nice.



Active Member
Giving them a blog is a nice idea to keep them from screwing up the main site, which they always do when they have the a CMS. All too often when we hand of CMS sites after a couple months it ends up looking like a dogs dinner.
We tend to limit the control that our clients have, so they can make basic textual edits and perhaps choose a few predefined CSS styles this tends to prevent the totally butchering the site.


Active Member
Yeah I agree.

I have a friend, actually the same one I have mentioned in another recent thread, who got a "friend of his" to build him his first site.

Now he charged him, I think, around £3500 for a free CMS based site, any way, it didn't look great before he messed with it, and then he turned the background bright pink, then the nav bright pink with a black background on hover and thought it was the best ever.

Any way surprise, surprise his site ended up being a liability, hence why he would like me to design him his second one in the other thread.

But his mentality is ~ I don't need to understand code, it's how it looks that matters, regardless of what I tell him.

Edit: Now I just realized that as this is mainly a design forum I may have just upset O say everyone lol, so I will say that I do agree how a site looks is very important.

However if the code is just b****cks then all you have is a site that looks great, not a site that works, which is why his first attempt failed.

No actually that is a lie his first site actually failed because it also looked b****cks as well so......:lol:

But I personally think it's because if some one does not know how to code and they are given total control, they wish they could, so as we are a curious species, meddle, and then not able to admit that they can not reverse what they did, well that's my take on it any way.

I have to admit Bluecube that idea does make a lot of sense, from my experience anyway.
I think that the look and coding of a site are equally important...

There's a huge huge percentage of people using the web that are interested in little more than how websites look, feel and are benificial to them - and those needs have to be met, which is why we're here - but for the rest of us we also know how important coding is too.

I'm reasonably new to the wordpress / CMS thang so have until very recently given no control to customers over their websites, just offered good update services. CMS are fantstic, but as Bluecube demonstrates, I think it's best to get a happy medium - allow customers some control but make sure it's managed to maintain the websites look, feel and good coding.


Try reading Wikinomics and you'll soon realise why no one codes from scratch anymore. Basically because its a waste of time, effort and resources.

Wordpress, Joomla, Drupal. They've all pretty much got it spot on anyway, so whats the point of trying to reinvent the wheel? If you need something smaller for your client then give CMS Made Simple or Radient CMS a whirl.

The tech (for the most part) is kept up to date, the security (for the most part) is tight and their are some of the best coders in the world working these projects in there spare time. Its all about open source.


Active Member
Yeah I agree any good site cant have just 1, they have to have both IMO.

I would check it out Mr lee, and thanks for posting, but TBH it goes against my ethics of being independent and not relying on someone else's code.

Gmail had a vulnerability the other month, floating around the hacker network, so the argument that the best programmers in the world is quite a mute point, some of the best programmers in the world are hackers and thus why big companies give 6 figure salaries to their security programmers, more than their standard programmers I may add.

I mean in 2000 Amazon, Yahoo! and one other big 1 was brought down by a 16 year old Canadian for almost 2 hours one Monday morning.

Bare in mind if Amazon goes down for an hour they lose around $10,000 US.

I would say that all 3 had the best programmers at the time, but where brought down by the worst Denial of Service (DOS) attack ever. Carried out by 1 teenager because his friend dared him.

Granted security is a lot more tighter now, but a serious DOS attack carried out by a dedicated attacker is still really hard to protect against, not impossible but it takes some one to really know their security coding to be 100% protected, which most people don't.

I have 4 security books, just on PHP, all of which go into different areas of security, and very rarely do they overlap in any major way.

I then have a nice 800 page book on securing Apache.

A programmers what 3 years at UNI, with what 6 languages?

I would say Ning has pretty good programmers but I've reported 2 major, and when I say major I mean forget DOS attacks, any one who knows any decent level of code can exploit it, one got fixed to an alright standard, not great, the other which is a 5min job and then an upgrade hasn't.

So by relying on the fact that some one else is going to secure the code is to be honest a bit nieve IMO.

I've been hacked about 2 years ago when I first started, hence my large knowledge on security protocols and penetration testing. The hack took my home age down for 3 days, pretty simple attack in the end meant that the malicious hacker put a white div up covering all the page.

Security is only briefly touched on at UNI, according to PCPro I think, you can actual get a security degree covering 3 years. Now as most people are not tought to code properly, security wise, or not at least tought the benefits of coding securely, then it's an area I would not trust to Open source.

Take Ning for example, even though I have reported to the site owner who has reported it to them, and I also went to Ning about it myself, but it still hasn't been fixed, and that was 4 months ago. You would be seriously scared if you know what could be achieved via that exploit.

I'm going to stop at giving details, then it would be obvious and I'm a white hat hacker/penetration tester so ethics stop me, but it does reinforce my point that you shouldn't trust security matters just because they may have half decent coders.

Also that means that argument is going on the fact that the site owner patches to the latest version. If they don't then they are fair game to any malicious hacker TBH, and most people don't update, why? time consuming and a lack of understanding of the security reasons behind updating, that and the it wont happen to me mentality.

A lack of knowledge of financial services and the fact that the banks apparently knew what they were doing got the whole world in this financial mess. Coding should be done by hand IMO to avoid any issues.

But that is just my opinion, and I do respect yours.



@Jazajay - totally vaild points.

I would say if you can bring a security angle to Open Source then why not go for it. I'm sure Wordpress could sure do with some.


Active Member
Thanks for the vote of confidance there Mr Lee, very much noted, however the only open source project I truely support is Firefox and TBH the guys and gals that program that are by far more advanced in that area than myself.

That said if I do see a vunerability, I do not look for one as that technically is dodgy ground and may land me time inside just for trying to be a nice guy, and I have the time, I do report it directly to the site to fix, as I did with the Gmail vunerability that was apparently floating around, I didn't test it myself, as any one should do.

Maybe it's just the fact that when it comes to my coding, because of that 1 successful attempt, before I look at anything, SEO wise, accessability, I look to see how it can be exploited by a hacker.

Therefore any open source project would drive me crazy, as I couldn't verify it myself, and if I did and went throgh every line of code, what would be the point in using it.

That and the fact that most open source projects I have tried to help with are just mental from a proformance perspective. Too much pointless code to achieve the effect for my liking, or in the case of Yahoo! site builder just utter confusion and way to much limitaion.



Active Member
The aim is to educate the end user on using the cms system responsibly :) now that being said I hate wordpress and any of the 'off the shelf solutions' simply because they are so bloated and never really fit the exact requirements of the client, (imho) so i like to push bespoke :)