Hacker News new | comments | show | ask | jobs | submit login

You sum up exactly why I've long since not cared about WordPress, but you seem to assume anything dynamic has to have an admin interface.

The ideal engine for me still uses flat files for content, but doesn't compile the files to HTML. Let a cache like Varnish handle the load. That way I can implement things like comments without running off to the latest service-of-the-month that might shut down and take everything with them.

I've spent enough time dealing with third-party javascript and issues on their end screwing up the first-party to want no part of a remote comment service.




So what's an example of a flat file that isn't HTML? If you have flat files, what value does Varnish provide?

If you're accepting use input to write files, then you have vulnerability. I'm not saying you do or don't, but it's an attack vector. As for Disqus, sure, I'm at their whimsy when it comes to security, but they haven't bitten me yet, and I'd hardly consider them fly-by-night as they've been around for years now, and has been profitable since their first year.

For what it's worth, I wasn't considering the admin site as vulnerable, as those are generally disabled before deploying, but if you're running a database, or varnish, or Apache, or whatever, your risk is increased for vulnerability, but I suppose that's neither here nor there really, as I think it comes down to a matter of taste and, as you said, I'm trading system vulnerability for third party vulnerability. The upside though is that while sure, somebody could munge my site up, fixing it is just uploading another copy.


> So what's an example of a flat file that isn't HTML? If you have flat files, what value does Varnish provide?

Sorry, that's probably confusing language here. I was referring to structuring Markdown files in a flat-file database, not the concept of compiled HTML files.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: