I spent today going around in circles again over WP (WordPress). To those of you unfamiliar with what it is, it's a way to make websites with minimal effort. Just type what you want, add the pictures and poof, you have a post. It's so simple almost anyone can make a site that looks good with really minimal effort.
So why all the trouble, you ask? Well, let me start with some background information. If you recall, last September I had done a major overhaul of my site, made it a WP site filled with cool extras and was extremely pleased with the result. Then less than a month later my site was hacked and my hosting company said the best thing was to remove all content and start fresh. So I did, and struggled to replace the content as fast as I could. I had to rewrite my posts and dig up all the images I had used and fought to have content back before too many of my readers could notice it was gone. Then only 2 days later...hacked again! I was pissed and swore that was it! I was going back to HTML, the way I had been making my site since 1999. This time, it took me far longer to rebuild everything. HTML is writing code in something as simple as notepad and saving it with the .html after the name. It's slower and far more geek intense, but it is secure.
Now let me get back to my original point, which is why I spent today in a tizzy. Well, the wife and I spoke about the benefits of an easy-to-load system that offers so many themes and plugins. One that would allow me to make sweeping changes with a few clicks. So since I know there are so many sites using WP, I decided I'd see what I could do and what it would take to get my 300+ pages converted without taking my site down for ages.
The first step was to see how to secure it. A Google search revealed thousands of sites offering tips on what they think is best to do. There were videos too. I watched one from a guy who secures WP sites for a living and despite his expertise, he made disclaimers about how what he was going to teach wasn't necessarily foolproof and how one should back up often. There were a ton of steps that even a geek like me couldn't follow and there seemed to be an endless supply of what to do and not do to stay safe. Ok, so I said I'd figure this all out and make my site work beside the WP install so everything I've made to date is accessible, then slowly convert every post to a WP post and poof, one day my readers will go hey, this looks different and nice. I'd have to learn all kinds of PHP (the language WP runs on) and I guess how frequent I post anything will be reduced to a crawl until the task is complete.
Then it came. Words that would shape this story's outcome. The first was from someone brilliant who told me: "Hmmm...what is the current one run on? There is no point changing if you don't need or want to, you know. If it's homespun, then security by obscurity is a win :D" Such profound words! But being me and not completely convinced - after all, I was sold on the idea that a future of easy entries was mine for the enjoyment if only I was willing to learn - I made a call. A phone call, that is.
I was dealt the final blow to this idea of the easy life. It was explained to me that to be truly secure, you must not have your content on a shared server. The cost of having a server to yourself is approximately 10 times the cost and doesn't come with unlimited space. This is needed because all the effort that you put into securing your site can be undone if someone else on that same server failed to take the same measures and give the hackers a backdoor to your information.
My site has changed a lot since it was first conceived in 1999 and is bound to change as we go forward. But the changes are going to be a little slower and you know what? I'm ok with that.