As you may or may not be aware, this blog uses a piece of software called Octopress. This software was written by GitHub and it is what is called a static site generator. Basically I write my blog posts in markdown and run:
and it generates this blog into html and apache serves it. There are several reasons why I like this setup. The first being that it is dead simple, there is very little configuring in apache, no cgi or anything. Another reason is that it is very secure, essentially as secure as my apache installation is because it is only serving html files, so no modphp, wordpress or any of that. Wordpress by itself has had a lot of security flaws over the years which make it less than ideal. Octopress is also used by GitHub on their own servers so I know that it will stay active for as long as GitHub is around, versus some other static site generates which are just volunteer organizations. Not that there is anything wrong with volunteer run projects, its just that I have a little more piece of mind.
A problem with Wordpress(and typical of other CMSs as well) is that you have to rely on a lot of plugins for most sites. This is not a good thing because the people who make some of these plugins aren’t very security concerned and that can be another attack vector. As well just recently, there was a plugin that actually had a backdoor in it (see here for example). So security is a good reason to use a static site generator.
The only problem with using a static site generator like Octopress is that you need to have the techinical knowledge to write markdown yourself and isn’t as friendly as Wordpress, Joomla or Drupal. Of course it does come with a lot of advantages if you can do that. One last thing about Octopress is that, since it is just plain html, it will work on any webhost that has ssh access, it doesn’t need any cgi support so it should work just about anywhere as long as you have ssh and ruby.
So that is my write up on Octopress, hope you enjoyed it.