Blogging platforms

from lessons learned from v1.0 of my portfolio, when I start over with v2.0 I’m probably going to hard code the whole thing then go through and add CMS

1 Like

Is Wordpress security much of a concern if you have no forms?

I’ve been using it for a few years having been on Drupal for years before that (neither for blogging) and have seen no great warning signs.

It’s going to host my, like, professional academic website and also a blog, I think.

1 Like

There’s always Ghost

5 Likes

Yes. Vulnerabilities aren’t strictly form-related; there are many avenues.

Platforms like WordPress and Drupal serve via an application layer, which means any insecure code in the core platform or in plugins is theoretically available to exploit. That’s fairly simplified, but more or less accurate. Do not run WordPress or Drupal yourself unless you are able to keep them updated.

“Static” sites typically use an application to generate the HTML/etc for a site. This is typically an application like Jekyll or Hugo, but it actually could be WordPress or Drupal provided you generate fully rendered HTML, and that is what the end user sees. In these cases, the only application the end user is interacting with is a web server - usually Apache or nginx - and so your only vulnerabilities would be in those web servers, which are well maintained and don’t have many vulnerable surfaces.

(I run a decent sized Drupal platform serving multiple sites for an internet company you have probably heard of.)

1 Like

Drupal has its issues but if you keep it up to date and know how to work with it it’s fine. It’s pretty much like Churchill’s democracy for the feature set it covers - best piece of shit we have.

Of course I may have Stockholm syndrome.

Also I’ve seen people use Jupyter notebooks posted to Github as a kind of way of blogging

2 Likes

I’m loving all the thoughts about how to host. Now how about for going and getting a domain name?

1 Like

Does Medium count as a blogging platform

1 Like

Personally I use Google Domains but I’m thinking of switching

Cool. Unless you expect to have dynamic content that responds to user information, this falls squarely into ‘static content’ territory, which means Jekyll or Hugo are good contenders, especially if you’re happy slinging code and working with git repos. GitHub pages may be a great zero-cost hosting option for you, but you can host static sites anywhere. I like Digital Ocean for relatively painless hosting.

WordPress is a much better editing experience at the expense of flexibility and personal ownership.

Don’t use Drupal unless you have very specific reasons for it :slight_smile:

3 Likes

I like Namecheap for domains.

5 Likes

Hmm, my Wordpress install does automatic security updates. There are also plugins that handle automatic updates of plugins and themes.

I use Namecheap for domains, Dreamhost for hosting.

3 Likes

Medium is great for what it is, and customizable with effort.

@alanza do you care about the discoverability of your content? Medium is very good for this. We moved our eng blog off of our Drupal platform to medium precisely because the content could be discovered by people reading about similar kinds of engineering, which was important to that team.

I really never had the time to explore go properly, but i made a small server that generated some special numbers i need for work and it was really fast. It is a bit more hard to start than node, but performance wise it is really great.

I’ve used gandi.net for domain names for a long time. Chose them for being non-sleazy.

1 Like

I may be spreading a bit of WordPress FUD, but I have known many people who’ve had their WordPress sites exploited in a variety of ways. It’s possible they had their sites misconfigured.

Regardless, WP is a big target. Make sure you’re getting updates, wherever you are. Hosting with WP itself is the most reliable way to ensure that, IMO.

1 Like

No. As long as it eventually ends up near the top when people search “[my name] + math”, I don’t care.

3 Likes

After trying out a few tools (Wordpress, Jekyll, etc), I’ve ended writing my own static site generator for my website. It seems to stay out of my way for the most part.

The generator can be found here:

One instance is hosted on github: paulbatchelor.github.io, and another instance is spun up here: https://pbat.ch. I’ve used tinyhttpd in the past to host the files, but these days I’m using lighttpd.

The core of it is a really small shell script used to convert markdown to html via a small program called smu:
https://github.com/PaulBatchelor/sitegen/blob/master/sitegen.

The rest of the system components are mostly a mixture of Makefiles, shell scripts, and some light perl.

5 Likes

On the static site front, I will plug Gatsby: https://www.gatsbyjs.org/

NodeJS application with React front end. Your data sources can be pretty much anything, but you can start with Markdown for the data, which effectively makes it comparable to Jekyll / Hugo for the use case you’re describing.

I would check it out if you’re interested in JavaScript or if you anticipate a more complex site down the line. JavaScript is an ugly language though. Ruby and Go are much more aesthetically pleasing.

2 Likes