what data is stored in a CMS database

pma111
pma111 used Ask the Experts™
on
Out of interest what kind of data is typically stored in the underlying database for a websites content management system. We have a 7 GB database for a CMS database (SQL Server) and I have always been intregued into what the system would actually store. Obviously users/credentials/permissions on who can edit certain pages would be one but the masses of data makes me wonder what else would typically be stored in such a database and whether it may or may not contain sensitive information.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
EE Topic Advisor
Most Valuable Expert 2014
Awarded 2013
Commented:
Content Management System includes all (or most) of the content

This may include videos &/or images &/or documents, these can easily aggregate to 7Gb.
Daniel PineaultPresident / Owner CARDA Consultants Inc.
Distinguished Expert 2018

Commented:
It depends on the system, but it can store all of the content (posts, pages, ...), including the media files, and can include audit trails of users actions.  If it stores historical entries, these can cause bloating as can media files.  I prefer to store media in a standard folder, and not include these in the db itself, keeping the db to basically just storing text so it remains minimal in size.

It could easily store sensitive information, but that depends on the site.  If the CMS deals with e-commerce, if you have contact forms, ..., it could possibly store name, address, credit card, e-mail, IP addresses, attachments, ...  but this is all speculation on our part.  You know your site, you know what information you are collecting.  You could also examine the table structure, that would tell you a lot.
Hi

Content Management System CMS is  a system that allow a user to add / edit / delete content  without the webmaster intervention.

@DanielPineault  credit card number should never be saved !
This is why eCommerce system use Paypal and other gateway.

If you want to store sensitive data your system must be compliant to the regulation of your domain activity and country ( ie medical, bank, government ) .

Of course your system may contain sensitive data if you have access to the DB or files you could find out what are saved, where it saved and how it saved.
Daniel PineaultPresident / Owner CARDA Consultants Inc.
Distinguished Expert 2018

Commented:
@lenamtl
No argument from me!, but people do it as such I mention that I can be there, as can be pretty much anything in reality it depends on the CMS and what it is used for.  I've seen people store Credit Card Nos, SIN, ...  all there for the picking, unencrypted, ...
ok @Daniel, yes it can be anything ...

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial