NATIVE PHP 8.3 · 97 PLUGINS · SELF-HOSTED
The CMS that adapts,
defends, and evolves
BeamReactor is a sovereign dynamic web engine built over 23 years of continuous development — zero third-party dependencies, zero known CVEs, zero compromise on security.
0 yrs
Continuous development
0
Native plugins
0
Known CVEs
0
Third-party dependency
0
External tracking
..: Live monitoring
This server, right now
..: Changelog
22 years of continuous evolution
MAY 2003
BeamReactor goes live
May 17: first site online. Forums, news, multilingual (FR, EN, ES, PT, DE, RU, JP inherited from SDP), skins, auto-thumbnailed galleries, login system, input sanitization. Hand-written W3C-validated XHTML.
Foundation
2004
XDP engine & security hardening
XDP engine installed. Botsniffer, Googlebot detector, automatic banning, port scanner. Versioning plugin, SQL export, email anti-spam.
Security
2005
E-commerce & AJAX
Full e-commerce system (product families, HD galleries, cart). .dta documents, enriched WYSIWYG, RSS, member messaging, first AJAX integration. Complete HTTP error handling.
E-commerce
2006
Honeypots & active defence
lock.inc.php: active trap for bots and scanners. Automatic XSS permban. MySQL operations centre. Member messaging finalised. Swedish and Russian locales added.
Security
2007
Mailbox, blogs & PHP5
Complete PHP5 rewrite. Mailbox with attachments, blogs, polls, real-time map plugin, content.php replaces news.php. Localised censorship system. Full-site ZIP backup.
Architecture
2010
Datatypes & anti-injection
Object URI conversion. Flood detection → automatic lockdown (150 connections/600s = ban). Multi-byte SQL injection protection. Native IPv6. robots.txt honeypot converted to module.
Security
2012
Multibyte & internationalisation
Advanced multibyte string and mixed-encoding handling. Galleries under heavy load. V3 migration (한국어 support tested). Major database overhaul.
Architecture
NOV 2025
Renaissance & AEGIS IA
BeamReactor back online. New toast system, AEGIS skin, rebuilt WYSIWYG, HTML and AI datatypes, modernised parser, header classes, GDPR compliance with 48h anonymisation, Docker support.
Renaissance
JAN 2026
Sovereign AI & 500-file audit
Full security audit. Bidirectional LLM firewall (homoglyphs, UTF-8 overlong, jailbreaks). RAG with SmartChunker. Semantic routing via quaternions on S³ and Gauss-Bonnet. SIREN/IBAN datatypes. Migrated sessions, hardened 2FA.
Security
FEB 2026
AutoWeightComputer & v2.8
Quaternion module (1155 lines): algebra, parallel transport, Ollivier-Ricci curvature, Gauss-Bonnet verification. HeaderHandler migration across 17 modules. Live stats on front page. Version 2.8.
Current
..: Technical comparison
How BeamReactor differs
| BeamReactor | WordPress | Wix / Squarespace | Drupal | |
|---|---|---|---|---|
| Single perpetual licence | ✓ | ~ free core, recurring plugin costs | ✗ monthly subscription | ✓ |
| Zero dependencies (Composer/Node) | ✓ FTP upload → ready | ✗ | ✗ closed SaaS | ✗ |
| Known CVEs (since 2003) | 0 | 7 000+ | closed / not auditable | 3 800+ |
| Built-in GDPR compliance | ✓ since 2003 | ✗ third-party plugins | ~ | ~ |
| Self-hosted / sovereign deployment | ✓ your infrastructure | ✓ | ✗ US-hosted servers | ✓ |
| Fully auditable source code | ✓ | ~ core yes, plugins not guaranteed | ✗ | ✓ |
| Single-architect consistency | ✓ same architect since 2003 | ✗ | ✗ | ✗ |
ENGINEERING INTEGRITY
Verifiable claims, auditable code
Every metric on this site is real, measurable, and derived from 22 years of continuous production.
The source code is auditable. The security record is public. The architecture has been maintained
by its original author since day one — no handovers, no rewrites, no compromises.
0
CVEs in 22 years
0
Fabricated testimonials
100%
Auditable code
..: Core capabilities
97 plugins, one integrated system
Multi-layered security
Systematic sanitization, 2FA, Argon2id hashing, brute force protection, active honeypots. Automatic lockdown under attack.
Plugin architecture
Everything is a plugin. The core routes, secures and orchestrates — every feature lives in the modular ecosystem. Open for extension, closed for intrusion.
Dynamic engine
Self-optimising at runtime. Automated caching, load-adaptive behaviour, and spontaneous code section locking to preserve data integrity under abnormal conditions.
Native analytics
Built-in stats, bot detection, real-time user tracking. No external scripts, no Google Analytics, no data leaving your server.
Native multilingual
Multilingual is not a plugin — it's the architecture. Content in as many languages as needed, with full multibyte and mixed-encoding support.
Zero-dependency deployment
No Composer, no Node, no build step. Upload via FTP, configure, run. Deploys on any standard PHP 8.3 host, on-premise or in Docker.
Start building
Read the documentation, explore the plugin ecosystem, or get your licence to deploy.
