CMS Detection
developer/v1/domain/cmsPerforms comprehensive Content Management System (CMS) detection by analyzing HTML source, HTTP headers, meta tags, and asset paths. Identifies 14+ CMS platforms including WordPress, Drupal, Joomla, Shopify, Squarespace, Wix, Ghost, Webflow, and Magento. For WordPress sites, also detects 20+ popular plugins (Yoast SEO, WooCommerce, Elementor, etc.), active theme (including default theme detection), and page builders. Includes ecommerce platform detection and security analysis with actionable recommendations.
What It Does
Multi-signal CMS detection using meta generator tags, HTTP response headers (X-Pingback, X-Drupal-Cache, X-Shopify-Stage), HTML DOM patterns, and asset path signatures (/wp-content/, /sites/default/). Calculates a numeric confidence score (0-1) based on the number and weight of matching signals. For WordPress, scans for plugin references in script/CSS URLs and HTML markup, extracts the active theme from /wp-content/themes/ paths, and detects page builders (Elementor, Divi, WPBakery, Beaver Builder, Gutenberg). Security analysis flags version disclosure, XML-RPC exposure, REST API enumeration risks, and PHP version leaks.
Why It's Useful
CMS identification enables targeted security assessments (platform-specific vulnerabilities and misconfigurations), competitive intelligence (technology adoption across markets), and sales qualification (targeting users of specific platforms). Plugin and theme detection reveals the full technology profile, while security notes help identify low-hanging-fruit vulnerabilities like exposed CMS versions or enabled XML-RPC.
Use Cases
Security Assessment
Identify CMS, plugins, and their versions to focus testing on platform-specific vulnerabilities and misconfigurations. Security notes flag XML-RPC exposure, version disclosure, and REST API enumeration risks.
Prioritize testing based on known CMS vulnerability patterns and detected plugin versions.
Competitive Intelligence
Analyze CMS adoption, page builder usage, and ecommerce platform choices across competitor sites or target markets.
Make data-driven technology decisions based on real market adoption data.
Lead Generation
Identify WordPress sites using specific plugins or themes for targeted outreach. Detect WooCommerce stores, Elementor users, or sites using outdated SEO plugins.
Target prospects using specific CMS platforms and plugin combinations.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | The domain to detect CMS forExample: example.com |
Response Fields
| Field | Type | Description |
|---|---|---|
domain | string | The queried domain |
detected | boolean | Whether a CMS was detected |
cms | object | Detected CMS with name, slug, version, confidence (0-1), isOpenSource, website, and detectionMethods array |
theme | object | Detected theme with name, slug, version, isDefault flag, and confidence (WordPress sites) |
plugins | array | Detected plugins with name, slug, version, category, and confidence (WordPress sites) |
pageBuilder | object | Detected page builder (Elementor, Divi, WPBakery, Gutenberg, etc.) with name, slug, version, and confidence |
ecommerce | object | Detected ecommerce platform (WooCommerce, Shopify, Magento, BigCommerce, etc.) with name, slug, version, and confidence |
security | object | Security analysis with overall level (good/warning/critical) and notes array with severity, title, and description |
httpMeta | object | Raw detection metadata including generator meta tag and X-Powered-By header values |
timestamp | string | ISO 8601 timestamp of the analysis |
Code Examples
curl "https://api.edgedns.dev/v1/domain/cms" \
-H "Authorization: Bearer YOUR_API_KEY" \
-d "domain=example.com"const response = await fetch(
'https://api.edgedns.dev/v1/domain/cms?domain=example.com',
{
headers: {
'Authorization': 'Bearer YOUR_API_KEY'
}
}
);
const data = await response.json();
console.log(data);import requests
response = requests.get(
'https://api.edgedns.dev/v1/domain/cms',
headers={'Authorization': 'Bearer YOUR_API_KEY'},
params={
'domain': 'example.com'
}
)
data = response.json()
print(data)Read the full CMS Detection guide
Why it matters, real-world use cases, parameters, response fields, and how to call it from Claude, ChatGPT, or Gemini via MCP.
Read the guide →Related Endpoints
External References
Learn more about the standards and protocols behind this endpoint.
Try This Endpoint
Test the CMS Detection endpoint live in the playground.