Re: Secure blogging - static site generator + Docker

From: S Moonesamy <sm+mu_at_elandsys.com>
Date: Tue, 21 Jul 2015 08:27:13 -0700

Hello,
At 11:13 PM 7/20/2015, Vy-Shane Sin Fat wrote:
>The poor track record of Wordpress security is a recurring topic in
>this mailing list, with some members going out of their way to look
>for alternative blog engines [1]. We also often see reports of
>Mauritian websites being compromised.
>
>Here's an alternative solution what should be very resilient:
>
>1) Use a static site generator like Jekyll [2]
>2) Deploy the site as a read-only Docker container
>
>We basically move the smarts from the page serving step to a
>publishing step that is performed off server. The server serves
>static pages from a read only-environment. It's a simple solution
>with very few moving parts, and a reduced attack surface.
>
>Thoughts?

Wordpress security in Mauritius has a poor track record. The above
would work for the web sites which have been compromised as they are
mostly simple or static web sites.

Regards,
S. Moonesamy
Received on Tue Jul 21 2015 - 15:30:05 PST

This archive was generated by hypermail 2.3.0 : Tue Jul 21 2015 - 15:36:02 PST