Should you opt for an open or closed source CMS?

A Content Management System (CMS) makes it possible to update and maintain website content without needing to know the nitty-gritty of HTML, CSS or anything else about coding. The ability of a CMS to deliver content on a real-time basis to dynamic websites that rule the roost today, has led to a spurt in the number CMS suites available. All these offerings can be grouped into open source CMS and closed source or proprietary CMS.

At the basic level, open source CMS is “open”. The source codes are free for anyone to download, use, modify or build upon as they wish. Closed sources CMS on the other hand are proprietary solutions, with users having to purchase a license from the owners of the code to use it. The user is not able to modify the source code and in most cases, does not even have access to the code itself.

On the face of it, opting for an open source CMS seems to be a no brainer. Who, in their right minds, would want to pay recurring license fees for a proprietary CMS when there are free alternatives, more so when it is possible to customize such free open source CMS as required?

The popularity of open source CMS programs seems to confirm this fact. WordPress, one of the leading open source CMS suites alone commands more than 50% of the total CMS market, as opposed to less than 24% market share of all proprietary CMS put together.

However, there is more to it than it meets the eye. It makes sense to compare open source CMS and closed source CMS on the following parameters, before coming to a conclusion as to which type of CMS works best for you. 

Cost and Licensing

Everything else remaining the same, an open source CMS can be downloaded free of cost whereas commercial CMS can cost tens of thousands each year in licensing fees, most of them outright unaffordable for small businesses. Of course, supporting, maintaining and enhancing the free source code will still entail costs, but such costs are marginal compared to closed source licenses and are very often absorbed along with the routine IT costs of the business.

Open source CMS also offer unmatched freedom, or the flexibility to use it anywhere. Closed source CMS licenses may come with several restrictive clauses, such as limits on the number of users, geographical locations and more. Also, open source CMS has no issues with migration to another CMS at a later date, whereas a closed source CMS locks the user in. At best, depending on the terms of the agreement, the vendor may offer back the HTML, CSS, and images that make up the site, but even this will make transitioning to a new CMS extremely tricky. And for some reason, if the proprietary concern that supplies the close source CMS goes bust, the user is left holding a license not worth the paper it is printed on, with no support, no updates, nothing, with migration being the only available option. In fact, the 2011 and 2012 Future of Open Source surveys list “freedom from vendor lock in” as the number one reason to adopt open source software.

If budget and freedom are your primary considerations, look no further than open sourced CMS.

Resilience & Support

Open source CMS by its very nature means many enthusiasts working on the software, to take the code to a new level, to fix bugs as soon as they emerge and to roll out timely updates. There is invariably a strong and vibrant community of enthusiasts available to troubleshoot, who write extensive documentation and “how to” or who simply get help without expecting to get paid for it. Since open source enthusiasts are all over the world, testing takes place much faster and more comprehensively than what most closed source distributions can manage.

Closed sources CMS, especially .NET based ones, have communities that mimic open source communities, but it is invariably much smaller, and the experience and collective knowledge more limited. The barriers to entry being high, and the fact that there is a limit on the possibilities that can be done in a closed sourced structure means, content curators cannot expect too much from such communities.

Of course, closed source CMS do make it up with their in house support, which would be dedicated and precise. Issues such as gaps in documentation, incompatible or unsupported plugins and more, are all too common in any CMS. In open source CMS, the user is at the mercy of the community, whereas a licensee of a closed source CMS is entitled to yell at the support desk. But that also depends on the support agreement with the developer, which comes at a price. And even after paying up, there is no guarantee that the provided help resource will be up to expectations.

Flexibility and Customization

On the face of it, one may be tempted to assume that open source CMS beats closed source CMS hands down when it comes to flexibility and ability to customize. After all, anyone can make any change they want to an open source code, whereas making changes to a closed source CMS can be done only by the developer who holds the keys to the code.

The ability to make changes to the code freely is indeed a big advantage, especially if one knows a thing or two about coding. Also, the strong and vibrant communities of open source CMS provides it with hundreds of third party plugins for every functionality and possibility. Plugins for closed source CMS are rare, if at all, and supplied by the developer themselves.

One might tend to trade off this advantage of open source CMS with the inherent chaos that such free for all modifications of source code may bring. However, such fears are unfounded. Top open source CMS applications such as Magento, osCommerce and ZenCart have a well structured source code, which allows for easier collaboration between developers and designers and an overall smoother workflow.

But to the closed source CMS’s credit, top distributions do offer powerful template systems, such as Shopify’s “Liquid” which allows the user’s imagination to run wild with designing, without the hassle of actually having to tamper with the code. And for those technically endowed, these closed source applications do make it possible to add custom HTML, CSS and JavaScript.

At the end of the day, open source CMS’s dominance in the flexibility space is not a given, and depends very much on the distribution. In open source CMS, look forward to spending considerable time and effort to get the required customization. In closed source CMS, look for a bigger bill from the developer in exchange for customization.


The very familiarity of open source code and its free for all nature make it a prime target for hackers. They generally ply their trade using latent vulnerabilities in the code. Since open source CMS are free for all and tested everywhere in the world, it is not just genuine enthusiasts but also hackers who would gain first hand information of the bugs. Rest assured, they would readily exploit it before a fix becomes available, and more importantly before all users actually download and install the fix.

Closed source software traditionally equates to better security and support. However, of late the gap is closing. Hitherto, closed source CMS thrived on its anonymity – even if the bugs in it are more gross than the bugs in open source CMS, no one is likely to know about it. However, hackers now have at their disposal various tools such as IDA pro that gives them the ability to reverse engineer the code, and this works just as well in closed source CMS. So, just because the code is closed source, it doesn’t make the software itself more secure.

What ultimately matters in making the CMS secure is best practices in software design, source code auditing, quality considerations and design process, and here the code being open source or closed source does not make a big difference.

While closed source CMS prides itself on offering better security layers and options, there is nothing to prevent open source code from getting the same level of security as a closed CMS. The issue rather is the considerable time, effort and resources required to secure the code and prevent third party tampering. This difficulty will scale depending on the number of people that require access to the admin panel and other sensitive areas of the website. And despite all the precautions, if a breach does occur, the user is all on their own or at the mercy of a support group, who though enthusiastic are under no obligation to help out, or even offer the correct advice.

As far as security goes, there is no clear winner between open source CMS and closed source CMS.

In the end, whether to opt for an open source CMS or a closed source CMS depends on the abilities of the user’s in-house tech staff, resources and the budget. If the business is willing to invest the time and effort, then open source CMS is definitely the better choice, whereas if the business is willing to pay for the convenience, then it is worth looking into a few closed source CMS.

At Suyati, we’re well versed in both open and closed source CMS, be it Ektron, WordPress or Sitefinity. In fact, our strong base in both .NET as well as open source technologies means that we are best placed to develop the ideal solution for you. Do get in touch to know more:

Image Credit: Xavi on Flickr

Author : Nayab Naseer Date : 16 Jan 2015