Um, sorry, not sure what public backend we're talking about..
In the above suggestion, I assumed that the only backend (the staging WP) would be private (limited to contributors' IPs, perhaps only to 1 if all of them were to be required to connect via a shared low-end VPS) - and that only the frontend=static HTML would be publicly available
Comments - yes, this indeed would suffer compared to a regular WP+Vanilla integration; apart from Isso and other self served commenting systems (which would more or less defeat the no-need-to-worry-about-managing-public-services hassle part), the first managed solution that comes to mind is Disqus, although this precise service would break the forum integration at the very least (since, assuming anonymous comments wouldn't be allowed, apart from Disqus itself, the only ways to authenticate would be to use either Google, Twitter or FB)
@chimichurri said:
Um, sorry, not sure what public backend we're talking about..
In the above suggestion, I assumed that the only backend (the staging WP) would be private (limited to contributors' IPs, perhaps only to 1 if all of them were to be required to connect via a shared low-end VPS) - and that only the frontend=static HTML would be publicly available
Does every contributor easily come to a static IP? That's the first problem I see.
It could be solved, by providing them with a temporary VPN with a static IP login details (changing those after the contribution is finished?).
It would work, but it's some extra hassle. More than managing a "live" WP installation? Maybe. Maybe not. Especially for the potential contributors.
If contributors have their static IPs, this is simpler, surely - for them, and for the admins.
This way there certainly is a lot smaller attack area, and the risk is greatly reduced. But would you not bother with updates and other WP security and rely on that alone (or primarily)? I'm not sure about that.
It could improve performance to a degree, especially while the content is being updated.
And, it might keep the live website section (static HTML basically) trouble free, if basic checks are done before pushing anything live (does WP2Static allow for admins-only to activate the push-to-live?).
With an up-to-date list of the allowed IPs (and all the others disallowed), this would be quite secure. And more hassle, for those without a static IP VPN - either admins, or contributors.
Without such IP "filtering," I suppose the login (staging WP website) URL would have to be regularly changed, to keep it secure (stuff gets leaked over time - the longer the time period, the more likely...).
There's no perfect solution - boils down to weighing pros and cons... and knowing when to stop overthinking, so I'm stopping here.
Not disagreeing - your proposal has some very good advantages, it's not to be easily dismissed.
WP sites can still take advantage of fastcgi_cache so blog pages are cached on webserver as html and incoming requests don't even go to php, they are served from cache. That should (kinda) please the static crowd.
I've been having to go into work a bunch these past couples days since posting this, but I just want to say thanks to all for the comments and input! We appreciate you!
Yay, seems the front page has been cleaned up a bit. (I especially appreciate the flashy anim gifs being gone. ... I know, I can block them, but somehow I don't want to block all ads on this site ...)
@flips said:
Yay, seems the front page has been cleaned up a bit. (I especially appreciate the flashy anim gifs being gone. ... I know, I can block them, but somehow I don't want to block all ads on this site ...)
same feelings. Thanks for letting us know, removed my adblock settings for that section. Also I appreciate that google analytics is removed too. I hope it doesn't come back.
I would also like the twitter widget & google font to be gone, but maybe other people need it.
@flips said:
Yay, seems the front page has been cleaned up a bit. (I especially appreciate the flashy anim gifs being gone. ... I know, I can block them, but somehow I don't want to block all ads on this site ...)
Making some small tweaks. Removed the adverts till we figure out a game plan. Agreed on them being a bit too "flashy".
This is next on the list. Reworking the socials a bit. Probably finishing that up at some point tonight. I'll look into the Google font stuff and see if it's necessary
Edit: Social links are done. Avoided using font awesome (which was the original plan) by taking advantage of icomoon which allowed me to build a custom css/font only for the few icons needed rather than bloat with unnecessary stuff. Seems to be working fine. The power at my house just went out after doing the change so hopefully everything is peachy for now.
As of right now, I think I'll keep in the Google font for Open Sans. I like this font compared to the alternatives, at least for now. We can have further discussions on this if it's an issue for others as well.
If the stars align we may be migrating the site shortly (within the next 1-2 hours -- sorry for the short notice). Pardon any "forbidden" errors you may receive while we lock down access, clone the site, and restore access on the new setup. See you all on the other side
Edit: just kidding. Pushing off this a bit to do some other work in the backend to make the process go smoothly. Expected to be done in a week or two.
I have some feedback regarding your moderation @mikho in one of the recent topics.
I have absolutely no problem when inappropriate content gets removed. However, please do not remove the whole comment without leaving a trace like you did. That looks more like censor than moderation. Make the post empty or edit the content of the post with a remark why the content was removed. Having the whole comment(s) removed is just not transparent to the community as people won't know what/how many/why it got removed.
@Mew said:
I have some feedback regarding your moderation @mikho in one of the recent topics.
I have absolutely no problem when inappropriate content gets removed. However, please do not remove the whole comment without leaving a trace like you did. That looks more like censor than moderation. Make the post empty or edit the content of the post with a remark why the content was removed. Having the whole comment(s) removed is just not transparent to the community as people won't know what/how many/why it got removed.
fully agree here, please rather edit/empty it with a short remark than just completly deleting, thanks ;-)
I hear you and your opinions are accepted and will be taken into consideration in the future.
The image was removed as it wasn’t just a stab at the OP, it targeted this community as a group.
And Rule no 1 says: Don’t be a dick. That image broke that rule.
If you (or anyone else) have questions on me or my actions, feel free to write me a PM (here or on discord) and we can discuss it.
I think what was meant is that you could’ve removed the image and other posts with a note saying “removed because of rule blah” so that it’s clear that posts were removed and why the were.
I hear you and your opinions are accepted and will be taken into consideration in the future.
The image was removed as it wasn’t just a stab at the OP, it targeted this community as a group.
And Rule no 1 says: Don’t be a dick. That image broke that rule.
If you (or anyone else) have questions on me or my actions, feel free to write me a PM (here or on discord) and we can discuss it.
no worries, while I haven't seen the image I trust your judgement and I am fully with you on removing offending content here.
it's really just about leaving a history about something happened and who was involved for better readability ;-)
Another option is making a topic called "garbage bin" visible to members only, so problematic posts can be just moved there.
If that's faster and simpler than editing posts.
It seems like many people here hate CF, and I do understand. However, IMO Hetzner's peering to outer-Europe (especially to SEA region) is shit at best, and without CF, it's sometimes even hard to load a page. If everyone hates CF, maybe putting at least BunnyCDN or StackPath would be nice (especially since LES is currently using CF Argo, so you are already paying for BW).
@sanvit said:
It seems like many people here hate CF, and I do understand. However, IMO Hetzner's peering to outer-Europe (especially to SEA region) is shit at best, and without CF, it's sometimes even hard to load a page. If everyone hates CF, maybe putting at least BunnyCDN or StackPath would be nice (especially since LES is currently using CF Argo, so you are already paying for BW).
Argo was silently removed like a month or two ago, so currently the CF cost is nil. No one seemed to notice (myself included) or complained, so Ant didn't think it was actually necessary. If BunnyCDN would be a significant improvement and our traffic is low enough that the bill won't be outrageous, we may consider it. But only after we start bringing in revenue again somehow since it's all coming out of my pocket at the moment.
May I ask (if this is not a problem) what kind of traffic we are looking at? TBH offloading image traffic to a community-managed server (Dawgy Image, or something custom, or imgur) should help lower the overall bandwidth as well as storage.
You might also want to contact bunny directly too see if they can help this forum a bit?
@sanvit said: May I ask (if this is not a problem) what kind of traffic we are looking at? TBH offloading image traffic to a community-managed server (Dawgy Image, or something custom, or imgur) should help lower the overall bandwidth as well as storage.
That I'm not really sure yet. I'll know more once I get control of the domain and can see the stats/set up analytics (probably not google analytics, don't worry).
@sanvit said: You might also want to contact bunny directly too see if they can help this forum a bit?
Possibly. Though, I'd like to stay away from handouts/special discounts so nothing is really expected from either party except for a client-business relationship, if that makes sense (not that I think there would likely be any issues). I've already turned down a few different offers from some generous providers here in regards to sponsored/free resources and hosting for the site for that reason. Keeps things simpler and what's needed to run the site now is pretty minimal so is not a big burden on my wallet.
@sanvit said: Ooh, didn't notice the ads were gone Maybe some kind of opencollective or similar funding should help?
I think ads are likely to make a return at some point in some form. Seems to be the most stable form of revenue generation the site can bring. Donations are good and all, but can fluctuate widely on any given month. There's also been the idea of some sort of support/premium subscription that enables certain features in the forum, which was floated in a different thread, so might be possible that we explore that in the future as well.
For transparency, the current/projected costs are:
Provider
Product
Use
Cost
Runcloud
Pro Plan
Server mgmt, site backups, easy deployments, etc.
$15/mo
Hetzner Cloud
3x CPX11 + Backups
Forum + Blog + Dev/Staging VMs
~$15/mo
Porkbun (probably)
Domain Reg
~$10/yr (currently paid until 2023)
Mailcheap
Basic 10G Plan
Email for admin/support accounts
$24/yr
Amazon SES
Usage-based
Outgoing email for forum
<$3/mo (most likely/TBD)
Additionally, we'd like to build up a little reserve to be able to pay for development services in the future for both the blog and the forum. I'm not a PHP coder by any means, so we'll have to outsource for any future plugin development or site improvements that we want to invest in.
@Mason said: Possibly. Though, I'd like to stay away from handouts/special discounts so nothing is really expected from either party except for a client-business relationship,
Totally, stay away from anything that 99% of the time will make you beholden to someone because they helped you out with the site.
LES domain has been swapped to a new "LES" CF account. Hopefully I copied over all the DNS entries -- pardon any hiccups and let me know if anyone spots anything strange.
Migrating LES Blog / Change LES Blog CMS - Status: Ongoing
@mikho is prepping the new Wordpress blog and spearheading the copying of content over to its new home. We are planning on getting all the content over and the design solidified before continuing to post additional blog articles (we have a nice one from @Not_Oles ready to go that we'd like to post soon!).
Migrating Email Hosting - Status: Ongoing
I have set up LES email with Mailcheap (Ant was using OVH Exchange previously) and created some admin accounts and a support account. Everything is good to go there. Working on getting Amazon SES transactional emails set up for forum emails. The domain is set up with SES, just waiting on Amazon to verify my application to move our account from Sandbox-mode into Production-mode -- expected at some point today. Once that is set, I'll be switching over outgoing emails from the forum to SES.
Rebuild Dev Environment - Status: Complete
We tested out the "Clone website" functionality with Runcloud and it performed flawlessly. Was a piece of cake to set up a 1:1 clone of the forum and blog on a dev instance. I've actually been using the dev forum over the past couple weeks quite often to test plugins and get a grasp of the blog integration between Grav and Vanilla (had to dig through the plugin source code and try a couple things to get that ironed out). Will give access and a link to some people if they'd like to help us test new functionality over there.
Support System - Status: Ongoing (Testing Options)
I've installed an OpenSupports instance one of our VMs to serve as our support system for handling help tickets and provider tag requests. Looks good so far. Was waiting on LES email to be ironed out before I continued to test further.
Comments
Um, sorry, not sure what public backend we're talking about..
In the above suggestion, I assumed that the only backend (the staging WP) would be private (limited to contributors' IPs, perhaps only to 1 if all of them were to be required to connect via a shared low-end VPS) - and that only the frontend=static HTML would be publicly available
Comments - yes, this indeed would suffer compared to a regular WP+Vanilla integration; apart from Isso and other self served commenting systems (which would more or less defeat the no-need-to-worry-about-managing-public-services hassle part), the first managed solution that comes to mind is Disqus, although this precise service would break the forum integration at the very least (since, assuming anonymous comments wouldn't be allowed, apart from Disqus itself, the only ways to authenticate would be to use either Google, Twitter or FB)
Contribute your idling VPS/dedi (link), Android (link) or iOS (link) devices to medical research
This is really interesting: https://www.netlify.com/blog/2019/05/16/wayfx-deploys-lightning-fast-headless-wordpress-to-netlify
You can pipe Wordpress into a static site and host on Netlify/CF pages
TensorDock: Hourly Cloud GPUs from $0.32/hour
Does every contributor easily come to a static IP? That's the first problem I see.
It could be solved, by providing them with a temporary VPN with a static IP login details (changing those after the contribution is finished?).
It would work, but it's some extra hassle. More than managing a "live" WP installation? Maybe. Maybe not. Especially for the potential contributors.
If contributors have their static IPs, this is simpler, surely - for them, and for the admins.
This way there certainly is a lot smaller attack area, and the risk is greatly reduced. But would you not bother with updates and other WP security and rely on that alone (or primarily)? I'm not sure about that.
It could improve performance to a degree, especially while the content is being updated.
And, it might keep the live website section (static HTML basically) trouble free, if basic checks are done before pushing anything live (does WP2Static allow for admins-only to activate the push-to-live?).
With an up-to-date list of the allowed IPs (and all the others disallowed), this would be quite secure. And more hassle, for those without a static IP VPN - either admins, or contributors.
Without such IP "filtering," I suppose the login (staging WP website) URL would have to be regularly changed, to keep it secure (stuff gets leaked over time - the longer the time period, the more likely...).
There's no perfect solution - boils down to weighing pros and cons... and knowing when to stop overthinking, so I'm stopping here.
Not disagreeing - your proposal has some very good advantages, it's not to be easily dismissed.
BikeGremlin I/O
Mostly WordPress ™
Very interesting. Requires a read and some thought. If it is possible with our community.
The Disqus part was a bot of a downer.
https://clients.mrvm.net
WP sites can still take advantage of fastcgi_cache so blog pages are cached on webserver as html and incoming requests don't even go to php, they are served from cache. That should (kinda) please the static crowd.
https://phpbackend.com/
I've been having to go into work a bunch these past couples days since posting this, but I just want to say thanks to all for the comments and input! We appreciate you!
Humble janitor of LES
Proud papa of YABS
You can pipe Wordpress into a static site and host on Netlify/CF pages
I want to try this!
Y’all a bit too demanding. Nothing wrong with using a robust system such as Wordpress, as long as it is done the right way.
Nexus Bytes Ryzen Powered NVMe VPS | NYC|Miami|LA|London|Netherlands| Singapore|Tokyo
Storage VPS | LiteSpeed Powered Web Hosting + SSH access | Switcher Special |
Yay, seems the front page has been cleaned up a bit. (I especially appreciate the flashy anim gifs being gone. ... I know, I can block them, but somehow I don't want to block all ads on this site ...)
same feelings. Thanks for letting us know, removed my adblock settings for that section. Also I appreciate that google analytics is removed too. I hope it doesn't come back.
I would also like the twitter widget & google font to be gone, but maybe other people need it.
https://phpbackend.com/
Making some small tweaks. Removed the adverts till we figure out a game plan. Agreed on them being a bit too "flashy".
This is next on the list. Reworking the socials a bit. Probably finishing that up at some point tonight. I'll look into the Google font stuff and see if it's necessary
Edit: Social links are done. Avoided using font awesome (which was the original plan) by taking advantage of icomoon which allowed me to build a custom css/font only for the few icons needed rather than bloat with unnecessary stuff. Seems to be working fine. The power at my house just went out after doing the change so hopefully everything is peachy for now.
As of right now, I think I'll keep in the Google font for Open Sans. I like this font compared to the alternatives, at least for now. We can have further discussions on this if it's an issue for others as well.
Humble janitor of LES
Proud papa of YABS
If the stars align we may be migrating the site shortly (within the next 1-2 hours -- sorry for the short notice). Pardon any "forbidden" errors you may receive while we lock down access, clone the site, and restore access on the new setup. See you all on the other side
Edit: just kidding. Pushing off this a bit to do some other work in the backend to make the process go smoothly. Expected to be done in a week or two.
Humble janitor of LES
Proud papa of YABS
I have some feedback regarding your moderation @mikho in one of the recent topics.
I have absolutely no problem when inappropriate content gets removed. However, please do not remove the whole comment without leaving a trace like you did. That looks more like censor than moderation. Make the post empty or edit the content of the post with a remark why the content was removed. Having the whole comment(s) removed is just not transparent to the community as people won't know what/how many/why it got removed.
fully agree here, please rather edit/empty it with a short remark than just completly deleting, thanks ;-)
@Mew @Falzo
I hear you and your opinions are accepted and will be taken into consideration in the future.
The image was removed as it wasn’t just a stab at the OP, it targeted this community as a group.
And Rule no 1 says: Don’t be a dick. That image broke that rule.
If you (or anyone else) have questions on me or my actions, feel free to write me a PM (here or on discord) and we can discuss it.
https://clients.mrvm.net
I think what was meant is that you could’ve removed the image and other posts with a note saying “removed because of rule blah” so that it’s clear that posts were removed and why the were.
no worries, while I haven't seen the image I trust your judgement and I am fully with you on removing offending content here.
it's really just about leaving a history about something happened and who was involved for better readability ;-)
Another option is making a topic called "garbage bin" visible to members only, so problematic posts can be just moved there.
If that's faster and simpler than editing posts.
BikeGremlin I/O
Mostly WordPress ™
It seems like many people here hate CF, and I do understand. However, IMO Hetzner's peering to outer-Europe (especially to SEA region) is shit at best, and without CF, it's sometimes even hard to load a page. If everyone hates CF, maybe putting at least BunnyCDN or StackPath would be nice (especially since LES is currently using CF Argo, so you are already paying for BW).
Argo was silently removed like a month or two ago, so currently the CF cost is nil. No one seemed to notice (myself included) or complained, so Ant didn't think it was actually necessary. If BunnyCDN would be a significant improvement and our traffic is low enough that the bill won't be outrageous, we may consider it. But only after we start bringing in revenue again somehow since it's all coming out of my pocket at the moment.
Humble janitor of LES
Proud papa of YABS
May I ask (if this is not a problem) what kind of traffic we are looking at? TBH offloading image traffic to a community-managed server (Dawgy Image, or something custom, or imgur) should help lower the overall bandwidth as well as storage.
You might also want to contact bunny directly too see if they can help this forum a bit?
Ooh, didn't notice the ads were gone Maybe some kind of opencollective or similar funding should help?
That I'm not really sure yet. I'll know more once I get control of the domain and can see the stats/set up analytics (probably not google analytics, don't worry).
Possibly. Though, I'd like to stay away from handouts/special discounts so nothing is really expected from either party except for a client-business relationship, if that makes sense (not that I think there would likely be any issues). I've already turned down a few different offers from some generous providers here in regards to sponsored/free resources and hosting for the site for that reason. Keeps things simpler and what's needed to run the site now is pretty minimal so is not a big burden on my wallet.
I think ads are likely to make a return at some point in some form. Seems to be the most stable form of revenue generation the site can bring. Donations are good and all, but can fluctuate widely on any given month. There's also been the idea of some sort of support/premium subscription that enables certain features in the forum, which was floated in a different thread, so might be possible that we explore that in the future as well.
For transparency, the current/projected costs are:
Additionally, we'd like to build up a little reserve to be able to pay for development services in the future for both the blog and the forum. I'm not a PHP coder by any means, so we'll have to outsource for any future plugin development or site improvements that we want to invest in.
Humble janitor of LES
Proud papa of YABS
Thank you for the full breakout of costs! Wasn't really expecting it
Wish the ads come back up soon, as I wouldn't really want a 'Humble janitor' to pay for the forum cost, even if it's minimal :P
Totally, stay away from anything that 99% of the time will make you beholden to someone because they helped you out with the site.
LES domain has been swapped to a new "LES" CF account. Hopefully I copied over all the DNS entries -- pardon any hiccups and let me know if anyone spots anything strange.
Humble janitor of LES
Proud papa of YABS
Okay, I tried to catch you out. But you are clearly too stronk.
Michael
Cloudflare saved my butt on that one I guess :P surely don't want to end up on @yoursunny's shame list
Humble janitor of LES
Proud papa of YABS
LES version of "The Changes Are Coming?" but with good intentions.
VPS reviews | | MicroLXC | English is my nth language.
Some updates:
Migrating LES Blog / Change LES Blog CMS - Status: Ongoing
Migrating Email Hosting - Status: Ongoing
Rebuild Dev Environment - Status: Complete
Support System - Status: Ongoing (Testing Options)
Humble janitor of LES
Proud papa of YABS
Ambitious of you @Mason & @mikho! Well done.
We'd love to have you join our community:
http://HostBoards.com/