Vvveb
Vvveb is a self-hosted, open-source CMS with drag-and-drop page builder for websites, blogs, and ecommerce stores. It supports multiple sites, multi-language content, and includes built-in ecommerce features like subscriptions, product variants, and one-page checkout. It can function as both a traditional CMS and headless CMS with GraphQL and REST APIs.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | givanz/Vvveb |
| Owner | givanz |
| Primary language | HTML |
| License | AGPL-3.0 — OSI-approved |
| Stars | 1.1k |
| Forks | 199 |
| Open issues | 157 |
| Latest release | 1.0.8.6 (2026-06-11) |
| Last updated | 2026-06-12 |
| Source | https://github.com/givanz/Vvveb |
What Vvveb is
PHP-based CMS (7.4+, recommended 8.3+) supporting MySQL, MariaDB, SQLite, and PostgreSQL backends. Features a modular plugin architecture, Vue.js-based admin interface, integrated drag-and-drop page builder (VvvebJs), and hybrid headless/traditional CMS capability. Includes SEO plugins, role-based access control, and claims low resource footprint with caching.
Get the Vvveb source
Clone the repository and explore it locally.
git clone https://github.com/givanz/Vvveb.gitcd Vvveb# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- PHP 7.4+ and one of three database engines (MySQL 5.7+, SQLite, or PostgreSQL 11+) required; verify hosting environment supports chosen database before deployment.
- Installation can be completed via web interface or CLI; review official installation docs at docs.vvveb.com for security hardening steps (hidden admin login, minimal public PHP exposure).
- Themes and plugins available via marketplace with one-click install from admin dashboard; assess plugin quality and maintainability for production dependencies.
- Backup strategy (manual and automatic) should be configured immediately post-installation; test restore process before relying on automated backups.
- Role-based permissions available but require careful configuration; audit user access levels, especially for multi-user and ecommerce scenarios involving payment processing.
When to avoid it — and what to weigh
- Requires cloud hosting without self-management — Vvveb is designed for self-hosted deployment. No official managed hosting, SaaS, or cloud provider integrations are documented; organizations needing turnkey cloud solutions should consider alternatives.
- Enterprise-scale security audits or compliance certifications needed — While security features are claimed (brute-force protection, SQL injection protection), no third-party security audit or compliance certifications (SOC2, ISO, PCI-DSS) are mentioned. Risk assessment required for regulated industries.
- Preference for permissive licensing with no copyleft restrictions — AGPLv3 requires any modifications or network use to share source code; organizations uncomfortable with copyleft licensing or closed forks should use a different CMS.
- Heavy reliance on proprietary third-party integrations — No detailed integration documentation for payment gateways, shipping providers, or marketing platforms is provided. Custom integration work likely required for enterprise tooling.
License & commercial use
Licensed under AGPLv3 (GNU Affero General Public License v3.0). This is a copyleft license that requires any derivative works, modifications, or network-accessible code to make source code available under the same license. Commercial use of unmodified software is permitted, but any customizations or forks must be disclosed.
AGPLv3 permits commercial use of the unmodified software. However, any custom modifications, plugins, or forks deployed over the network must make source code available under AGPLv3. Organizations planning significant customizations or reselling the software should engage legal review. No commercial support tier or warranty is documented; support appears community-driven via GitHub discussions and documentation.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Clear |
| Deployment complexity | Low |
| DEV.co fit | Good |
| Assessment confidence | High |
Vvveb claims brute-force protection, SQL injection protection, and hidden admin login. Single-file public exposure is a sound design principle. However: (1) no third-party security audit or penetration test results are mentioned; (2) PHP 7.4 support is near end-of-life (EOL January 2025); (3) no documented security reporting process or vulnerability disclosure policy provided; (4) AGPLv3 derivatives must be audited independently. Organizations processing sensitive data or payments should conduct threat modeling and consider professional security review.
Alternatives to consider
WordPress + WooCommerce
Largest PHP CMS ecosystem with extensive plugin marketplace, professional hosting options, and stronger commercial support. Permissive GPL license. Better for teams preferring proprietary plugins and managed SaaS.
Strapi (Node.js headless CMS)
Modern headless-first CMS with GraphQL/REST APIs, easier Docker deployment, and stronger developer community. MIT license (permissive). Better for JAMstack and decoupled frontend-backend architectures.
Shopify
Fully managed SaaS ecommerce platform with built-in payment processing, compliance, and customer support. No self-hosting overhead. Better for teams prioritizing time-to-market over data residency.
Build on Vvveb with DEV.co software developers
Schedule a consultation with our engineering team to assess deployment feasibility, security requirements, and integration needs for your use case.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
Vvveb FAQ
Can I use Vvveb in a production ecommerce store?
What databases are supported?
Is AGPLv3 a blocker for my company?
Can I use Vvveb as a headless CMS?
Custom software development services
Need help beyond evaluating Vvveb? DEV.co is a software development agency offering software development services and web development for teams of every size. Our software developers and web developers build custom software, web applications, APIs, and open-source cms integrations — and maintain them long-term.
Ready to evaluate Vvveb for your project?
Schedule a consultation with our engineering team to assess deployment feasibility, security requirements, and integration needs for your use case.