Under the Hood

Why HD CMS Runs on Supabase

Enterprise-grade PostgreSQL, real-time data, file storage, and authentication — all open-source. The backend that makes HD CMS possible.

When I built HD CMS, I needed a backend that could handle everything — content storage, user authentication, file uploads, real-time updates, booking management, and payment tracking — without the complexity of managing separate services.

Supabase is a managed PostgreSQL platform that wraps a production-grade database with authentication, file storage, real-time subscriptions, and row-level security. It's open-source, built on proven technology, and has no vendor lock-in.

Every HD CMS site runs on Supabase. Your content, your bookings, your customer data, your images — all stored securely in a PostgreSQL database with enterprise-grade security policies.

What Supabase Gives HD CMS

PostgreSQL

The world's most advanced open-source database. Not MySQL. Not MongoDB. Proper relational data with full ACID compliance.

Row-Level Security

Every database query is filtered by security policies. Your site can only access its own data. No cross-site leaks. No permission bugs.

File Storage + CDN

Images and media uploaded through HD CMS are stored on Supabase Storage and served from a global CDN. Automatic optimisation.

Real-Time Subscriptions

Live updates for booking notifications, order alerts, and CMS content changes. No polling. No delays.

Authentication

Secure user authentication for the CMS admin panel. Email/password, magic links, and role-based access control.

Open Source

Supabase is fully open-source. No proprietary lock-in. If needed, the entire stack can be self-hosted. Your data is always yours.

Why Not WordPress's MySQL?

WordPress uses MySQL with no row-level security. Every plugin has full database access. A vulnerability in one plugin can expose your entire database — and every other site on the same shared hosting server.

HD CMS uses PostgreSQL with row-level security policies on every table. Each site's data is isolated at the database level. Even if a query somehow bypassed the application layer, the database itself enforces access control.

This isn't theoretical security. It's the same approach used by financial services and healthcare applications. Applied to a CMS, it means your client data, booking information, and content are protected by the database engine itself — not just by application code.

Want to See It in Action?

Book a free website surgery. I'll walk you through how HD CMS works under the hood and show you what it could do for your business.

Book Your Free Website Surgery