Discuss mailing list

[gp AT gparent.net]

Hello,

Having to install ruby to build a site makes me lay down rivers of 
tears, however I do have to regularly spend very little effort to find 
security issues in OpenNIC code, so I do agree with moving any of our 
custom code to static or better written stuff. I didn't inspect the site 
(sorry), but overall I support the move. Workflow would be better and 
more transparent, and easier than pestering people over email or irc.

Regarding your random jab at the site admins, no they're not clueless, 
and yes they are busy. no need for any of that condescending stuff (and 
im not even one of them)

+1 from me.

-gp

On 2017-02-19 00:56, Jonah Aragon wrote:
> Hi!
>
> I've been working on a new design and system for the homepage, and I
> wanted to gather some opinions on what works, what doesn't, and what
> you think about replacing our current WordPress site (at
> https://www.opennicproject.org/). You can check out my design at
> https://jonaharagon.github.io/opennic.org/.
>
> Some background:
>
> The WordPress site currently host a simple homepage, a basic
> membership system (essentially providing a profile frontend for the
> LDAP system), and a blog that's rarely been used. WordPress creates a
> lot of load on the servers and is just in general bloated. MySQL
> databases, dynamically generated pages, none of this is needed for our
> homepage, especially if we try to move everything to the wiki. In
> addition, the website (mainly the aforementioned login system) is
> susceptible to XSS attacks, among other vulnerabilities. Coupled with
> the massive amount of security holes that just appear to show up in
> WordPress all the time
> (https://www.cvedetails.com/vulnerability-list/vendor_id-2337/product_id-4096/),
> I'm honestly surprised we haven't migrated to anything else already.
>
> My site (code at https://github.com/JonahAragon/opennic.org) is
> complete static HTML (which is compiled with Jekyll) homepage. It
> includes all the important features of our current site, even the
> closest servers information, with a cleaner, simpler design and setup.
> It places more emphasis on our top level domains, and it still
> includes a blogging system for future Press Releases and updates
> (which I think we should utilize more):
> https://jonaharagon.github.io/opennic.org/press/.
>
> Because it's a static site, the security risks are nonexistent and it
> can be hosted anywhere. If this were to gather relatively good
> opinions from all of you, I'd push it to our organization at
> https://github.com/OpenNIC so anybody would be able to edit it (via
> Pull Requests). Ideally we could setup a system to automatically pull
> (from GitHub) and build the site on our webservers behind some
> lightweight server like Nginx. That way we'd be able to keep the
> existing servers and TLS functionality (which GH Pages does not
> support with custom domains) everything is just more open, compared
> with random WordPress administrators who as far as I can gather fall
> between the "not having enough time to update the site" and the "have
> no idea how to operate WordPress" categories.
>
> Anyways, this was a really long email about a really simple topic.
> Sorry about that.
>
> Hopefully all of you are on board,
>
> Jonah
>
> P.S. Also this would be the perfect time to switch to our opennic.org
> [1] domain for the homepage and add some 301 redirects when we move,
> that'll just look nicer in general (and there'd be no need to move all
> the sites to that domain, at least not right away).
>
> Links:
> ------
> [1] http://opennic.org
>
>
> --------
> You are a member of the OpenNIC Discuss list.
> You may unsubscribe by emailing 
> discuss-unsubscribe AT lists.opennicproject.org