WonderCMS logo

WonderCMS

  •  0 ratings
In category: Content Management Systems (CMS)

About WonderCMS

WonderCMS is the smallest flat file CMS since 2008.

  •   505  
  •   0  
  •   0  
  •   0  
Github stats:
  •  Commits: 430  
  •   529  
  •   141  
  •  Latest commit: N/A  

Deploy this app to Linode with a free $100 credit!

Languages/Platforms/Technologies:
Lincenses:

More about WonderCMS

WonderCMS logo
WonderCMS - small flat file CMS
5 files • 48KB zip - 1 step install

Docs Project Maintained License Number of downloads since first release on GitHub Donate

WonderCMS is an extremely small flat file CMS. It's fast, responsive and doesn't require any configuration.

It provides a simple way for creating and editing websites.
Includes features such as: 1-step install, 1-click updates, 1-click backups, theme/plugin installer and much more.

What is WonderCMS? Introduction

Small and simple flat file CMS

  • No configuration needed - unzip and upload.
  • 5 files: database.js (JSON format), index.php, theme.php, style.css and htaccess.
    • Transferring your website to a new host/server is done by only copy/pasting all files (no additional configuration/migration)
  • Privacy oriented: no cookies, tracking or "powered by" links.
  • Includes plugins (via hooks/listeners), themes/plugins installer, backups, 1 click updates.
  • Supports most server types (Apache, NGINX, IIS, Caddy).
  • Project goal: keep it simple, tiny, hassle free (infrequent-ish 1 click updates).


1 step install


Other install options


Requirements

  • PHP 7.4 or greater
  • cURL extension
  • mbstring extension
  • Zip extension
  • mod_rewrite module
  • any type of server (Apache, NGINX, IIS, Caddy)

For setting up WonderCMS on NGINX or IIS servers, there is one additional step required. Read more: NGINX setup or IIS setup.

WonderCMS works on most Apache servers/hosts (even free ones) by default.


Libraries used (3)

  • 3 libraries located in index.php, included only when admin is logged in:
  • wcms-admin.min.js, autosize.min.js (4.0.2), taboverride.min.js (4.0.3).

Note: Some plugins also include other libraries such as jQuery, default WonderCMS out-of-the box includes only the above libraries through CDNs.


Security features

  • Track free and transparent - WonderCMS doesn't track users or store any personal cookies, there is only one session state cookie.
  • Your WonderCMS installation is completely detached from WonderCMS servers. One click updates are pushed through GitHub.
  • Supports HTTPS out of the box.
  • Check how to further improve security.
  • All CSS and JS libraries include SubResource Integrity (SRI) tags. This prevents any changes to the libraries being loaded. If any changes are made, the libraries won't load for your and your visitors protection.
  • Check how to add SRI tags to your custom theme. This step isn't necessary if you're using a theme from the official website.
  • WonderCMS encourages you to change your default login URL. Consider your custom login URL as your private username.
  • Choosing a good login URL can prevent brute force attacks.
  • Your login page will always return a 404 header response. Search engines do not (and should not) cache your login URL.
  • The admin password is hashed using PHP's password_hash and password_verify.
  • Choosing a strong password will prevent malicious actors from gaining any further admin access (if they would have guessed your login URL).
  • WonderCMS includes CSRF verification tokens for each user action and additionally uses the hash_equals function to prevent CSRF token timing attacks.
  • No known vulnerabilities.
  • Special thanks to yassineaddi, hypnito and other security researchers.


Other features

  • no configuration required, unzip and upload
  • extremely fast
  • subpages
  • simple inline click and edit functionality
  • theme and plugin installer/updater
  • 1 click updates
  • 1 click backups
  • easy to theme
  • custom editable blocks
  • custom theme and plugin repositories
  • log of last 5 logged in IPs
  • file uploader
  • lightweight
  • responsive
  • clean URLs
  • custom homepage
  • menu reordering and visibility
  • note: hiding a page from the menu only hides it from the actual menu (and not from search engines)
  • highlighted current page in menu
  • custom 404 page
  • basic SEO support
  • custom title, keywords and description for each page
  • [optional] functions.php file for loading your custom code
  • note 1: functions.php file includes itself when you create it
  • note 2: the location of functions.php file should be inside the current active theme folder (same location as theme.php)


List of donors

Also listed on the official WonderCMS website. Thank you for supporting WonderCMS! - Håkon Wium Lie (also the creator of CSS) - Tjaša Jelačič (BigSheep) - Otis Schmakel - Mohamad Hegazy - Ulf Bro - Kim Fajdiga - John Greene - Sara Stojanovski - Peter Černuta - Jasmina Fabiani - Primož Cankar - Andraž Zvonar - Martin Jablonka - Martin King - Ben Gilbey - Darley Wilson - Josef Kmínek - Mikula Beutl - David Bojanovič - Kenneth Rasmussen - Victor Onofrei - Matthev - Veselin Kamenarov - James Campbell - Kirsten Hogan - Denis Volin - Jonathan Jacks - Bizibul - Bikespain - Aleksandr - Impavid Pty Ltd - Mohamad Hegazy - Happy Monsters Studios - Derek (Random Fandom Media Group) - Paweł Krużel - Netroid - Fabian Winder - Václav Piták


What to (or not to) expect from WonderCMS

  • WonderCMS is meant to be a small gift to the internet and a simple alternative to website creating. It's 100% free and doesn't not include any "powered by" links.
  • WonderCMS doesn't track users and is not interested in any user data.
  • WonderCMS is not a fast-pace development project. Unless there is a critical vulnerability, updates will not be rushed.
  • WonderCMS is meant to be extremely simple and will not be over-bloated with features.
  • Specific features are added only if the majority of the WonderCMS community signals a wanted change.
  • Pull requests are welcome and appreciated.
  • To make WonderCMS sustainable and compact, a maximum number of 20 plugins and 50 themes will be supported.
  • Once this limit is reached in each category, a simple voting system will be established. Users will be free to vote for their favorite plugins and themes to ensure they stay in the top 20 and top 50 pool. Votes will be held on a 6-month basis/twice per year (subject to change).
  • The voting system comes in handy when users feel one of the top plugins or themes can be replaced by better ones with similar functionality or when a plugin/theme is no longer actively maintained.
  • This is a good way to ensure a small but good quality set of themes/plugins. The "top 10 and top 25" of each category will be easier to maintain and watch over by the whole community.
  • WonderCMS doesn't include an "auto-update" feature.
  • In the unlikely event of this GitHub account being compromised, malicious actors would be able to deploy updates to all sites.
  • These type of malicious attacks are currently prevented with the built in one click updater. This minimizes possible damage as users are encouraged to review code before using the 1 click update, so no damage is done automatically.
  • There is a possibility of an auto-update if/when WonderCMS establishes its own hosting platform.
  • If you run into any issues when using WonderCMS, you can always expect someone to try to help you in the WonderCMS community.
  • Since WonderCMS is completely free and no one is paid to provide support, it's important to remain patient and respectful while asking for help.


Links

Website

Community

Social

Github

Hosting and install tutorial

Comments (0)

Please login to join the discussion on this project.

WonderCMS Reviews (0)

Overall Rating

None

based on 0 ratings

Please login to review this project.

No reviews for this project yet.

↑ back to top

pCloud Lifetime

Popular Projects

FluxBB

in Social Networks and Forums
 33k    0    0    0  

Nextcloud

in File Transfer & Synchronization
 20k    1    1    0  

Libreddit

in Social Networks and Forums
 7k    0    1    0  

CasaOS

in Self-hosting Solutions
 5k    0    0    0  

Dashboard

in Personal Dashboards
 5k    0    0    0  

Audiobookshelf

in Audio Streaming
 5k    0    1    0  

Mediagoblin

in Photo and Video Galleries
 4k    0    0    0  

Most Discussed

Nextcloud

in File Transfer & Synchronization
 20k    1    1    0  

Tube Archivist

in Automation
 3k    0    1    0  

OneDev

in Project Management
 2k    0    0    0  

iodine

in Proxy
 2k    0    0    0  

Alf.io

in Booking and Scheduling
 2k    0    0    0  

sysPass

in Password Managers
 1k    0    0    0  

Misskey

in Social Networks and Forums
 2k    0    0    0  
Linux VPS from $11/yr.
RackNerd VPS for $11.38/mo

Top Rated Projects

Gitea

 1 rating
in Project Management

Bagisto

 1 rating
in E-commerce

LinkAce

 1 rating
in Bookmarks and Link Sharing

Pydio

 1 rating
in File Transfer & Synchronization

Audiobookshelf

 1 rating
in Audio Streaming

Nextcloud

 1 rating
in File Transfer & Synchronization

Seafile

 1 rating
in File Transfer & Synchronization

Categories

You May Also Be Interested In

Alfresco Community Edition logo
Alfresco Community Edition cover

Alfresco Community Edition

The open source Enterprise Content Management software that…

Plone logo
Plone cover

Plone

Plone is a powerful, mature, secure, open-source, and user-…

GetSimple CMS logo
GetSimple CMS cover

GetSimple CMS

The Simplest Content Management System. Ever.