Why HD CMS Runs on Supabase
Enterprise-grade PostgreSQL, real-time data, file storage, and authentication — all open-source. The backend that makes HD CMS possible.
When I built HD CMS, I needed a backend that could handle everything — content storage, user authentication, file uploads, real-time updates, booking management, and payment tracking — without the complexity of managing separate services.
Supabase is a managed PostgreSQL platform that wraps a production-grade database with authentication, file storage, real-time subscriptions, and row-level security. It's open-source, built on proven technology, and has no vendor lock-in.
Every HD CMS site runs on Supabase. Your content, your bookings, your customer data, your images — all stored securely in a PostgreSQL database with enterprise-grade security policies.
What Supabase Gives HD CMS
PostgreSQL
The world's most advanced open-source database. Not MySQL. Not MongoDB. Proper relational data with full ACID compliance.
Row-Level Security
Every database query is filtered by security policies. Your site can only access its own data. No cross-site leaks. No permission bugs.
File Storage + CDN
Images and media uploaded through HD CMS are stored on Supabase Storage and served from a global CDN. Automatic optimisation.
Real-Time Subscriptions
Live updates for booking notifications, order alerts, and CMS content changes. No polling. No delays.
Authentication
Secure user authentication for the CMS admin panel. Email/password, magic links, and role-based access control.
Open Source
Supabase is fully open-source. No proprietary lock-in. If needed, the entire stack can be self-hosted. Your data is always yours.
Why Not WordPress's MySQL?
WordPress uses MySQL with no row-level security. Every plugin has full database access. A vulnerability in one plugin can expose your entire database — and every other site on the same shared hosting server.
HD CMS uses PostgreSQL with row-level security policies on every table. Each site's data is isolated at the database level. Even if a query somehow bypassed the application layer, the database itself enforces access control.
This isn't theoretical security. It's the same approach used by financial services and healthcare applications. Applied to a CMS, it means your client data, booking information, and content are protected by the database engine itself — not just by application code.
Want to See It in Action?
Book a free website surgery. I'll walk you through how HD CMS works under the hood and show you what it could do for your business.