Having a “baked” blog, meaning every page is static baked by a system (Octopress) on my machine before it goes to the server, makes it more secure. I realize that I forget to talk about this on my last post when I was reading a post about security from Dreamhost.
My previous configuration was Wordpress with more or less 10 plug-ins. Very often I forget to update them all, so my blog for various periods of time was vulnerable to known attacks until I remember to update everything. Of course this isn’t Wordpress fault, it’s mine. I forget to update.
By removing the Wordpress layer I’ve automatically made it more secure. There’s nothing but the web server running, and it’s updated and maintained by my host. There isn’t any script running that something or someone could use to gain access to the server. In more technical terms I’ve reduced the attack surface.
Usually something more secure is less convenient. In my case I’m satisfied with what I “lost”. I don’t have a dashboard to edit the blog anymore, I can’t create a new post from anywhere that has a browser for example. I’ve traded this ability to plain text files, that are completely portable, easy to edit, easy to backup, easy to merge.
Now I start an idea on Evernote, writing down things I’d like to comment on a notebook called “Blog”. Depending on my mood I even start to style the post on Evernote using Markdown. When I think that the idea is good enough I copy and paste the note from Evernote to my text editor and finalize the post.
This is how the first paragraph of this post looks like on the text editor:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15