I’m new to blogging, but old to computers. I started this blog during Christmas 2020 and plan to write a few posts each month in 2021.
I want my blog to be secure, fast, modern and mobile friendly. I want it to support IPv6 and to use a domain that I control. I also want to host it for two or three dollars per month.
This post is meant to share the technology stack I will use to blog and some of the reasons why I chose the things that I did. But before I do that, here’s some more background about me.
I’ve been working with technology, personally and professionally, for a few decades now. I’ve been a systems programmer, a security officer, a web developer and a systems administrator (among others). And, I’ve always tried to stay current and be relevant. I really enjoy my work.
The web is complex and constantly changing. I’ve seen a lot of compromised websites. It’s hard to secure a site, keep up with standards and appeal to users all at the same time.
To make my blog secure, I decided to use hugo (a popular static site generator written in Go). It’s difficult, but not impossible, to compromise static html files, especially with reasonable HTTP Security Headers and a basic Content Security Policy (CSP) in place.
My current CSP is not as good as it could be. I allow unsafe-inline styles because some of my styles are attributes. I should take the time to improve that.
I learned about Csper on Hacker News a few weeks ago. It looks like an interesting tool that may help developers implement reasonably secure policies. I may try it out and write a blog post about it sometime.
In addition to being secure, hugo also produces fast and efficient content, supports modern web development and has many mobile friendly themes. So by using hugo, I was able to satisfy the first four requirements I had set for my blog right away.
I don’t mean to gloss over performance. It’s very important to me. No matter how well written, or popular, a blog post may be, if it’s slow to load, people will get frustrated and leave.
While hugo solves 90% of my performance requirement out of the box, the last 10% is on me. Using webp rather than jpeg images, setting reasonable Cache-Control headers for static content and monitoring for performance issues are still important considerations.
Finally, I met the last two requirements (full IPv6 support and inexpensive hosting), by running the blog on Nearly Free Speech. I’ve used NFS, for other reasons, over the last 15 years and have been very pleased with the services that they provide. They are reliable, have expert technical staff along with helpful user forums. They’ve never let me down.
So, that’s a brief description of my blogging stack and some of the reasons why I chose the things that I did. I hope you found it useful. If you want a secure, fast blog that is mobile friendly and supports IPv6 and you’re comfortable with command line tools and Unix, then you may consider trying hugo and NFS for your blog too.
Update Jan 18, 2021: I’ve enabled Isso comments and added a site search function using DuckDuckGo at the bottom of each page.