Web site overhaul

This is my new web site. It’s not all that different from my old web site, but it’s new none the less. The content is the same, the looks of it is largely the same, the server running it is the same, but I’d like to take a few moments to mention some of the changes I’ve made.

New site engine

The old one was Jekyll. The new one is Pelican. Not much to say about that. I’ve never been much of a Ruby dude, and I’ve written my fair share of Python lately, both for fun and work. Apparently a lot has happened to Jekyll since I last checked, but I’ve already done some good hacking in Pelican, and for my pretty simple use case, it does the trick well.

SSL, privacy and insourcing

Everyone remembers Heartbleed. Some also remember the other pretty serious zero-day crypto weaknesses we’ve seen during the last few years, and whether we like it or not, there really is no going back on everyone’s increasing need for the option of having secure, private data transfers online.

This web site was vulnerable to the Heartbleed bug — as were the other SSL-enabled services running along with it on this server. Most services all over the internet were, if they were running OpenSSL and were reasonably maintained and updated. I updated my OpenSSL a few hours after the bug got widely known, and since then I think I’ve taken my precautions to avoid being vulnerable to the aftermath of this particular bug.

However — it’s difficult not to look at the broader picture. This is certainly not the last worldwide crypto exploit we’ll see, and it’s inherently impossible to tell the nature of the next one.

One thing I’ve done is to stop depending on external assets when serving this web site. My old site fetched a number of bits of javascript, CSS, etc. from different services across the web. Anything from JQuery through Google Analytics to different generic widgets and bling-blings.

Now I’ve taken everything with a license permitting it and fetched it to serve locally. Everything else I’ve replaced or done without. It turned out to be less difficult than I anticipated. That way crypto is solely a matter between me and my readers.

Responsive design

I’m not a web site craftsman. I’m not fluent in neither CSS nor Javascript, and it actually bothers me from time to time, as I’m very conscious about typography, graphical composition and user interfaces.

For my old site I tried to type up different incarnations of style sheets for different client resolutions in effort to get an acceptable layout on phone and tablet browsers, but nothing really worked well. When I reached an okay result on one phone, everything else went to crap.

This time I started out with Twitter Bootstrap, and built all my templates with their building blocks. I realise what people say about Bootstrap only taking you so far, and whenever you need to do something outside the system’s paradigm, stuff gets messy. Luckily I’m a simple guy, and I’ve easily managed with the provided elements.

All in all

.. this is just for me. I know you don’t notice the change, and quite frankly, you weren’t meant to. This is just a matter of scratching a few itches, and learning just enough to not forget how to keep your fingers in the matter.

But it felt good.