2. Some history and context First on-line presence way back in 1993 Evolution over 16 years: Static HTML something a little more automated blogging Also my extended family are in the UK/NZ – keeping the Grandparents up to date is important.
3. Technology evolution Way back - ftp upload of html/content to some Unix host Since 2000 – static IP and self hosting 2000 – NetWare (!) + static content 2003 – SLES 8 + Apache + static content 2005 – SLES 9 + Apache + mysql + WordPress 1.5 2009 – virtualised web + mysql on SLES
4. Why self-hosting I’m a technology geek. Self hosting means live servers, a great sandbox and a real learning environment. (I also run the home infrastructure..) I get ultimate flexibility and control. Hosting elsewhere is cheaper – with the usual issues around security, platform, updates etc
5. Hosting for friends and family The ultimate scope creep. Started with the ‘family blog’ – added my ‘personal blog’ … … then added various additional blogs for family members; three blogs for friends and my sisters Cub Scout pack. Now over a dozen in total.
6. Understanding the ‘stack’.. And it all needs testing and patching Gallery2 Themes Plugins – ‘Core’ and ‘Per site’ WordPress Core Database + data Graphics helpers for Gallery2 Apache/PHP/mysql/libs SLES Hardware
7. Old school patching Check on a semi-regular basis for updates to WordPress (e.g. 1.5 1.6) Download; unpack; test. Check for Linux updates on a regular basis Download; update; test.
8. Patching today Plugins seem to be updated on an almost daily basis. WordPress at last has a more regular cadence for updates; expect the flurry of point releases after a major rev.
9. The challenge Each blog is built of a ‘core’ set of plugins – with some specific functionality added on top. There are a couple of hand-coded modifications in place (theme and php-exec plugin) How to keep ‘secure’ and functional – without spending 20 hours a week patching..
10. Change control is key Discipline keeps things sane. Consistent core blog structure Document changes; test the changes; deploy the changes Have a rollback/backup plan Plan for major, grouped updates My last one was to 2.8.3 Expect the short notice security fixes 2.8.4!
12. Test, test – test again. Something unexpected will always happen. e.g. libxml2/PHP bug – trac 7771 http://core.trac.wordpress.org/ticket/7771 http://www.evilzenscientist.com/blog/2009/08/05/php-xml-parsing-bug-and-a-workaround/
13. Backup and recovery Backup is really important. Understand everything that needs to be archived for recovery. Mysql dump; filesystem dump Configuration files from server Documentation
14. Backup Weekly dump of mysql and configto offline disk. Monthly dump of photos to offline disks. Full archive every quarter. Stored in a fire safe. Looking at going back to tape to make this easier and faster.
15. Restore Fire/theft/hackers/malware/bad hardware. Something will eat the data. Since 2000 I have rebuilt the web servers over a dozen times – upgrade OS, moving OS, moving hardware, replacing failed hardware, upgrading hardware – all the usual reasons. Practice your data rebuild before the emergency!
16. Security Having anything internet facing invites intruders. Everything from casual inquiries to more serious hacking and DOS attempts. At some point someone will try and hack/attack you. Be prepared.