My New Blog

“That which has been spoiled through neglect can be rejuvenated through effort.” - I Ching

Welcome to my new blog! I decided to migrate from WordPress to Jekyll. In a month of work I migrated my two WordPress sites, and have something cleaner, more secure, and for me infinitely more accessible. I love it in every way.

I have used WordPress ever since I started this blog. For a long time it never occurred to me to use an alternative. I put up with the web interface. Finding WP CLI helped a lot, as it provided a command line interface. I could write articles in MacJournal. I found a theme I liked. I got someone else to design my professional site. I figured I could put up with all of this. Then I got hacked.

According to wordpress.com, their software powers 28% of the web. This makes it a high profile target. It involves lots of complicated interacting parts and generates each page dynamically as requested. It does this by using a language called PHP. A 2015 study found that over 78% of PHP installations have security issues. Hackers constantly find ways to exploit outdated WordPress versions and especially plugins. I also learned much later from a WordPress expert that “Deactivating” a plugin does not make it unavailable. Delete your unused plugins!

I dealt with the attack swiftly and effectively, but in the meantime my server had sent out a horrifying amount of spam. The outgoing mail queue had 37,000 messages when I halted the web server. I cleaned the database and site’s files. I also had to remove myself from several spam blacklists, a problem which has continued to plague me.

While all of this went on, I had begun my retreat into Linux. I had security on my mind. I had heard of Jekyll through Ruby newsletters and finally decided to check it out. Basically, it lets you build a static web site by editing textfiles. I fell in love.

In contrast to dynamic sites like WordPress, static sites don’t have any changing content. For a long time we had nothing but static sites. They load quickly and have a far lower security risk. Not only that, editing Markdown to do everything completely fit with the way I do things. I could just load everything into Emacs. I found a great theme called Minimal Mistakes, and even submitted a pull request to improve the accessibility of header images, like the one you see on my front page. I knew I had found my new platform.

I spent a month or so working on migrating everything over, writing articles, and getting everything ready. I used the Jekyll-Exporter plugin to export my WordPress posts into markdown and it worked well. I went through and edited all of the front matter, which I expected to do anyway, so it didn’t matter. For my contact form I use Formspree though I may replace it with an in house solution. I also tried a locally hosted search, but ultimately opted to go with DuckDuckGo, which I use and support.

As for comments, I had to think about this. Most people use Disqus, but I really did not like the idea of going through all of this work only to have my prized comments hosted on a third party server. Ultimately I chose to use ISSO. I copied the code snippet into the comment-providers/custom.html file and it worked perfectly.

To deploy, I set up a post receive hook. It took a little fiddling, but I finally got it. I had to modify the example to use bundler, which means that it now updates all of the required gems every time it rebuilds the site as well. After editing my content and viewing it on the local server, I simply use Magit to push the changes with C-xg p p then sit back and wait for my server to rebuild the entire site. Perfect!

Over time I ended up with two WordPress installations, so this change had twice the impact. I redid my professional page using Collections. This makes it trivial to modify the items without touching the structure of the page. Everything about Jekyll has worked exactly as I expected. I only needed to resize my image, and my friend Meg from Snack like a Local helped with that. I also want to give a tip of the hat to the WordPress Accessibility team. They do some good work.

I hope you enjoy my new site. It took a lot of work building it, but I built it myself. It has all of the features of my previous two WordPress installations in one clean static site. I also expect that it will lead to an increase in blogging.