CMS Airship, a secure PHP CMS with automatic signed updates

PHP is the worlds leading platform for content management with known market leaders like Drupal and WordPress making for a majority of visitors pundits visit daily. Partly due to their sheer popularity, many of these tools are also a tempting target for cyber criminals.

With continuous online access and high bandwidth Open Source CMSes are tempting targets and it is speculated that Drupal and WordPress were both exploited in the Mossack Fonseca case. In any case for any CMS it is key to be up to date and secure.

As this site shows there is no scarcity of modern PHP CMSes, but there is always room for more. The latest is CMS Airship which chooses to be first and foremost secure. Coming from a systems security expert company Paragonie, this is a given.

CMS Airship is built from ground up on PHP 7 and there is no chance of support for PHP 5.x hosts. But given that Docker containers rising popularity as well as PHP 7 being the default in Ubuntu 16.04 LTS, this is not a problem. The increasing popularity of Docker for CMS deployments is another factor mitigating versioning issues.

Due to WordPresses commanding market share, they need to be much more conservative with the backwards compatibility for older CMSes. Airship is a content management system, blog engine, and application development framework written for PHP 7 and as such it takes advantage of strict typing and other language features.

For security the tool boasts digitally signed and fully automated updates. Which are a first class design decision. What this means is that if a vulnerability is found, then it will automatically be pushed to all Airship instances.

The security updates are digitally signed so that to verify their authenticity can be guaranteed by a secret key that is only available to the Paragonie systems team. Auto updates can be disabled and one can also change the security patch mirror to other sources if you do not want to be dependent of Paragonie.