This little site of mine has gone though several reincarnations on the software side (to say nothing of the hardware it’s hopped between over the years). The current incarnation, using WordPress as my CMS, dates from mid-2011. Before then, I had some static content coded in PHP which I put up in November 2006 (the little forum that still exists somewhere around this site dates from the same time) and then largely left untouched until the 2011 WordPress makeover (that site has been preserved for posterity at old.ron2k.za.net)… but, on the side, I also had a blog that predates the “Ramblings” section over here. I started it in May 2006 on the Blogger site, and moved it over to my own hosting in 2007. It got largely forgotten about and abandoned in 2009/10.
However, while I was doing a server audit and cleanup in preparation for the launch of a new personal project (of which I’m keeping under wraps for the time being, but you can bet that there’ll be a blog entry about it when it launches!), I came across working backups I made of the blog content from when I did the 2011 WordPress makeover. There was a fair bit of content there, so I’ve managed to take all of that content and import it all into here.
Hence, you may notice a whole lot of content on the site dated 2006-2009. That’s all of those old, early posts I made, available again. Some of the content is poorly written, and a lot of the early stuff is rather immature and actually downright embarrassing when I look back on it now. Still, it’s an interesting window into what I was up to then, and how my circumstances have changed (and indeed, how I have (hopefully!) matured) in the years since.
Due mainly to the Heartbleed bug (and for the non-technical readers, here’s a newbie-friendly explanation, courtesy of xkcd), I’ve been tweaking some of the SSL settings on here. A quick list of changes:
Naturally, OpenSSL has been patched against Heartbleed. I’m in the process of getting the site’s SSL certificate revoked and reissued.
SSLv3 is now disabled, as it is considered insecure. (SSLv2 was disabled already.)
The cipher suites have been altered to support forward secrecy (in most browsers; Internet Explorer running on Windows XP is the exception, but should be able to fall back to a lower protocol version). For the technically minded, here’s how to deploy it.
Happily, Qualys SSL Labs now gives this site an A+ rating. Probably overkill for a small, personal site such as this one, but it’s still nice to know.
The changes made shouldn’t have broken anything (touch wood), but if they have, please get hold of me so that I can fix things up.
(Incidentally, MyBroadband has a list of various South African sites where one would expect good security, and compiled their ratings by Qualys SSL Grade. Of concern are Standard Bank’s Internet banking servers scoring an F due to supporting insecure renegotiation; Standard Bank has yet to comment on the issue. A notable absent entry is SANRAL, as the site is inaccessible internationally and thus unable to be tested.)
After a run-in with my shared hosting’s PHP mod_security settings (it throws a hissy fit whenever people over on my forum submit a large image post, which happens fairly frequently), I’ve finally decided to take the plunge and do what I’ve been considering for a while now: procure a virtual private server and move this site over to it. (This is only going to cost me an extra R20 per month, so I say bring it on!)
Why? Because, unlike a shared hosting environment, I’ll end up with pretty much full control over the underlying website infrastructure. If/when something breaks, I’ll be in a position to fix it myself rather than rely on it being fixed for me, plus I’ll be able to leverage more bleeding-edge type of stuff (in particular, shunning MySQL).
Stuff that I’d like to do and would now be able to:
Purchase an SSL certificate and make the site SSL only. In the wake of recent revelations regarding the United States National Security Agency, this is more of a user privacy measure than a security measure, but it’s one that I feel I owe to this site’s users to take. Granted, I could have done this already, but what’s stopped me from doing so is the inability thus far to do much about mixed content warnings (not so much a problem here, but would be problematic for my forum users): with root control, I can set up a Camo server (if I can figure out their rather cryptic documentation!) and solve that little issue.
IPv6 support. My tingling geek sense demands that this be done!
Drop MySQL for PostgreSQL and/or MariaDB, as I share the open source community’s concerns for MySQL’s future and what Oracle is currently doing with it.
Potentially some other cool stuff as the need/desire/lust for cool stuff arises.
I’m still setting up, installing and configuring everything, but I’ll put a follow-up post once I’m ready to move things over. Stay tuned for further details…
UPDATE: I’m posting updates in this forum thread to avoid polluting the blog’s RSS feed too much.
An announcement posted on the ZA NiC page states that no new .za.net or .za.org registrations will be accepted after October 31, 2012.
A (blatant) copy/paste explains their reasoning:
The primary reason for starting this project in 1998 was to provide an affordable alternative to the domain name prices of the time. Back in the late ’90s a .com domain name could easly set you back as much as $100! Today the Internet is a very different place with a .com domain being available for as little as around $8. Even in the primary market we served (South Africa), co.za domains are just R50 per year and org.za domains are free for non-profit organisations.
Unfortunately just as the Internet has become a better place (cheaper!) it has also become a worse place in the last 14 years. Today the admin overhead of managing domain names registered purely for spam or scamming purposes has made running a free, community serving project such as ZA NiC just not fun anymore. And that is our secondary reason for ceasing new registrations.
Just because we will no longer be taking new registrations, it does NOT mean any existing domains will cease to function. Domains registered before 31/10/2012, with valid and responding nameservers, will continue to be served by us indefinitely. The modification system for keeping contact and domain name details up to date will also continue to work as it does today.
Despite the statement that existing domain names will be left alone, the announcement means that the future availability of this site’s domain name in the future is no longer guaranteed. As such… any suggestions for an alternative name, just in case? (Some research indicates that the .nom.za domain namespace is designed for personal names of South African entities, so something in there would be my first choice.)
So, in a moment of creative frenzy, I decided to do away with the sorry excuse for a hacked-together-when-I-still-knew-bugger-all site that used to live here. Out went the old static HTML files and the extinct forum that I used to run here, and in went a shiny new WordPress powered site, full of shiny awesomeness.
I’m still tinkering around with a few things here and there, so may change some content which I’ve created as well as add further content later. Just bear with me for a while on this one, folks. 🙂 If there’s something that you’d particularly like me to put up, use the Contact form to get hold of me and I’ll see whether I agree with you or not.
The old site has been moved to a new home, old.ron2k.za.net for archival purposes (minus the forum for now – I’ll add it back later, albeit in a read-only state). Just be warned though – it may burn your eyes out.
Those who have visited the main part of my website lately will have noticed that it’s in serious need of some love and care lately – as soon as I have a free weekend coming up, I intend to do just that. Cue shouts of glee and happiness from those who actually visit that hideous thing.
“So”, you may be asking, “what’s up with the random blog post title”? Nothing random about it – let me explain. Given that I have PHP and MySQL at my disposal as far as my web hosting goes, it makes perfect sense for me to chuck out the old static pages and go with an open-source content management system. Now, the two obvious choices are Joomla! and Drupal, and yes, it’s pretty much six of one, half a dozen of the other as far as choosing between them goes. I have Joomla! experience but no Drupal experience so that may well end up being the deciding factor. If you believe that you can convince me otherwise though, leave a comment; I’d love to hear what you might have to say. 🙂
I’ve moved the blog over to ron2k.za.net now (its previous home was Blogger). WordPress conveniently allows one to import posts from Blogger, so everything that was on the old blog is now on this one.
All new blog posts will be posted here from now on, so I suggest updating your bookmarks/RSS feeds/whatever. The old blog will remain for a few months to give everyone a chance to update everything, however nothing new will be posted there.