from lessons learned from v1.0 of my portfolio, when I start over with v2.0 I’m probably going to hard code the whole thing then go through and add CMS
Is Wordpress security much of a concern if you have no forms?
I’ve been using it for a few years having been on Drupal for years before that (neither for blogging) and have seen no great warning signs.
It’s going to host my, like, professional academic website and also a blog, I think.
There’s always Ghost
Yes. Vulnerabilities aren’t strictly form-related; there are many avenues.
Platforms like WordPress and Drupal serve via an application layer, which means any insecure code in the core platform or in plugins is theoretically available to exploit. That’s fairly simplified, but more or less accurate. Do not run WordPress or Drupal yourself unless you are able to keep them updated.
“Static” sites typically use an application to generate the HTML/etc for a site. This is typically an application like Jekyll or Hugo, but it actually could be WordPress or Drupal provided you generate fully rendered HTML, and that is what the end user sees. In these cases, the only application the end user is interacting with is a web server - usually Apache or nginx - and so your only vulnerabilities would be in those web servers, which are well maintained and don’t have many vulnerable surfaces.
(I run a decent sized Drupal platform serving multiple sites for an internet company you have probably heard of.)
Drupal has its issues but if you keep it up to date and know how to work with it it’s fine. It’s pretty much like Churchill’s democracy for the feature set it covers - best piece of shit we have.
Of course I may have Stockholm syndrome.
Also I’ve seen people use Jupyter notebooks posted to Github as a kind of way of blogging
I’m loving all the thoughts about how to host. Now how about for going and getting a domain name?
Does Medium count as a blogging platform
Personally I use Google Domains but I’m thinking of switching
Cool. Unless you expect to have dynamic content that responds to user information, this falls squarely into ‘static content’ territory, which means Jekyll or Hugo are good contenders, especially if you’re happy slinging code and working with git repos. GitHub pages may be a great zero-cost hosting option for you, but you can host static sites anywhere. I like Digital Ocean for relatively painless hosting.
WordPress is a much better editing experience at the expense of flexibility and personal ownership.
Don’t use Drupal unless you have very specific reasons for it
I like Namecheap for domains.
Hmm, my Wordpress install does automatic security updates. There are also plugins that handle automatic updates of plugins and themes.
I use Namecheap for domains, Dreamhost for hosting.
Medium is great for what it is, and customizable with effort.
@alanza do you care about the discoverability of your content? Medium is very good for this. We moved our eng blog off of our Drupal platform to medium precisely because the content could be discovered by people reading about similar kinds of engineering, which was important to that team.
I really never had the time to explore go properly, but i made a small server that generated some special numbers i need for work and it was really fast. It is a bit more hard to start than node, but performance wise it is really great.
I’ve used gandi.net for domain names for a long time. Chose them for being non-sleazy.
I may be spreading a bit of WordPress FUD, but I have known many people who’ve had their WordPress sites exploited in a variety of ways. It’s possible they had their sites misconfigured.
Regardless, WP is a big target. Make sure you’re getting updates, wherever you are. Hosting with WP itself is the most reliable way to ensure that, IMO.
No. As long as it eventually ends up near the top when people search “[my name] + math”, I don’t care.
After trying out a few tools (Wordpress, Jekyll, etc), I’ve ended writing my own static site generator for my website. It seems to stay out of my way for the most part.
The generator can be found here:
The core of it is a really small shell script used to convert markdown to html via a small program called smu:
The rest of the system components are mostly a mixture of Makefiles, shell scripts, and some light perl.
On the static site front, I will plug Gatsby: https://www.gatsbyjs.org/
NodeJS application with React front end. Your data sources can be pretty much anything, but you can start with Markdown for the data, which effectively makes it comparable to Jekyll / Hugo for the use case you’re describing.