Looking at the world of Content Management Systems (CMS) that powers majority of the Internet websites, the well-known WordPress is an unquestionable leader according to market shares. It is used in over 40% of all websites, including those running without generic CMS. It covers over 60% of the full Content Management Systems market as of 2023 (exact values are even higher but depend on the source). Additionally, some less popular yet recognizable CMS engines like Joomla and Drupal are still on the market.
They all share common characteristics and features: maturity, with their initial releases between 2001 and 2005, and being distributed as free, extensible, open-source CMSes. All of them were written in PHP, which was (and still is) greatly supported by most cheap web hosting services. So, summarizing – free software, affordable hosting and extensible features sounds really amazing. Why even consider a CMS that requires a license fee?
Important factors of CMS
There are at least two very important factors that are worth focusing on – performance and security.
High performance is absolutely crucial for any web-based business. Forcing users to wait one more second may quickly lead to the loss of clients who might switch to some faster competitor. Hosting the entire CMS application, including all editing capabilities, plugins, extensions, and third-party backend integrations on a single machine, inevitably leads to some performance issues, no matter how well-optimized it is.
Security is another crucial factor that every serious business always considers. Many websites still utilize free CMS engines and have fallen victim to hacking due to security vulnerabilities within the CMS itself or through unsecured plugins or extensions added to the CMS. Such sites may distribute viruses, mine cryptocurrencies on the server or user’s machine, send unwanted notifications to users, or redirect them to some other websites.
These hacked websites, employing various tactics, might appear normally and function naturally for their content editors and web administrators for a very long time, until real users report issues (which might not be an easy process, prompting them to move on to competitors). What’s more scary is that many websites still store their users’ personal data in the same database that is directly used by the Content Management System, meaning a hacked CMS grants hackers access to all this sensitive information.
Authoring and Publishing environment
This is where Adobe Experience Manager (AEM), an enterprise CMS, really stands out compared to other solutions. Its architecture resolves many problems by, making it less prone to easy mistakes compared to alternative systems. AEM offers a significant advantage by providing two distinct types of instances:
- Authoring environment (called “Author”) – the dedicated authoring instance is primarily designed to facilitate content editing for authors, while the publishing instances are intentionally simpler in terms of enabled features.
- Publishing environment (called “Publish”)–publishing instances are focused on rendering web pages using data pushed from the authoring instance (‘published’). They do not offer authoring features and avoid unnecessary background processing that could be done on authoring instances.
This clear division embodies a fundamental concept in computer science: the separation of concerns.
Having limited instances dedicated only for publishing, which do not load editing features and use data processed beforehand by Authoring, provides a significant performance gain. What is more, most of the background processing like
- automatic workflows,
- synchronizations,
- third-party service integrations,
- data imports and exports
could be done in the Authoring environment without affecting Publishing environment performance. This makes it unnoticeable for end-users in terms of page delivery speed.
Additionally, AEM architecture defines that Authoring and Publishing instances are paired with Dispatchers, which are specific Apache servers with AEM Dispatcher modules installed. When a web browser requests a specific web page, the Dispatcher asks AEM to render the web page. Then, the Dispatcher stores the result in its cache and serves it for subsequent requests. Of course, when a new content is published, the cache is appropriately invalidated.
AEM works really well with many major Content Delivery Networks (CDNs), allowing the addition of additional geographically distributed caches to serve web pages and assets to end-users even faster.
Differences between Authoring and Publishing instances
The Authoring instance typically works in a protected environment – either in a private cloud or a private corporate network inaccessible to the public internet, but through a VPN (Virtual Private Network). This limited accessibility prevents the direct exposure of editing capabilities and additional authoring features to the public domain. Therefore, even if we assume a similar probability of finding security holes as in other Content Management Systems, they are not publicly exposed.
On Publishing instances, which are theoretically closer to the Internet, many features are unavailable, limiting the potential attack surface. Configuration secrets necessary for background processing, like credentials for data sources or access keys for third-party services, may solely reside on the Author since they are not needed on Publishing instances. Let’s not overlook the role of Dispatchers, who are “front doors” to AEM. They can filter out some of the unwanted traffic, and provide additional security level and DDoS (Distributed Denial of Service) prevention.
Other aspects of good CMS
Apart from performance and security, there are also other important factors like ease of use, out-of-the box features, maintainability, back-end technologies, integrations with third-party services, SLA support, and many more. In most cases, if not all, these aspects distinctly showcase the advantages of Adobe Experience Manager over other popular CMS engines, encompassing both free and commercial options. Furthermore, the introduction of AEM as a Cloud Service propels it to an entirely new level. You can read more here.
Summary
As a software engineer that spent 8 years building and enhancing websites in Adobe Experience Manager for several well-known global companies, I must admit that I still admire its foundational design. AEM offers a robust CMS system, highly adaptable to client requirements, while maintaining exceptional source code quality, readability, and stability.
Many of the stellar technologies employed in AEM, such as JCR and Sling, were initially crafted for CMS purposes and have since evolved into significant open-source communities, separate from AEM’s domain. This is why the world of AEM may be really fascinating for software developers, as it something different from what you already know, in a very positive way.
I want to clarify, that this article was not sponsored by Adobe*. Everything above is my honest opinion, based on my experience with AEM.
Sii is a professional Adobe partner, that provides dedicated Adobe Experience solutions, custom software development perfectly tailored to customer needs and 24/7 platform maintenance and management, helping international companies to achieve success.
***
* No article on our blog is sponsored
***
If you’re interested in Adobe Experience Manager, be sure to take a look at other articles by our experts:
Leave a comment