zlacker

I don't know why a $5 VPS and a random CMS isn't the default for developers blogs. Dead simple, runs for years without maintenance, minimal cost, no ads.

replies(7): >>rwmj+91 >>rokkam+b1 >>antilo+o1 >>edarch+G1 >>mixedb+K1 >>undebu+62 >>HeckFe+i2

>>phendr+(OP)
If you really run it "for years without maintenance" then your blog will get taken over by attackers and used to distribute malware or worse.

replies(1): >>JdeBP+s3

>>phendr+(OP)
Well, back in the day this lead to thousands upon thousands of vulnerable WordPress sites

replies(1): >>mickey+y1

>>phendr+(OP)
Once you add comments you have to add a database and anti-spam measures. Not so simple anymore.

>>rokkam+b1
False equivalence. That the creators of various PHP blogging platforms sucked at security does not invalidate the poster's point that a self-hosted CMS with a simple comment system is indeed much simpler and easier to reason about.

replies(1): >>rokkam+M2

>>phendr+(OP)
The author is using a random CMS, namely Hugo.

You probably mean a PHP that can be hosted for cheap. But then, you end up with a Wordpress nightmare, even more spam and security issues.

I had a pretty popular blog and some posts gathered hundreds of useful comments. But I was so tired of fighting spam that I threw it all away and started using Hugo too, without comments.

replies(1): >>kakaro+Pl

>>phendr+(OP)
Comments are the only functionality of a blog that require write access to a backend, without comments a blog can be a simple collection of static files. Any write access to a backend exposes the blog to potential vulnerabilities, requires the backend to be kept up to date. This is not dead simple and does require maintenance. Updating is not trivial if a version of a backend becomes obsolete, you need to dedicate time to migrate your backend to new versions to stay secure.

>>phendr+(OP)
Without comments it's much simpler and cheaper than a $5 VPS and a random CMS, with comments it's much complicated and expensive than a $5 VPS and a random CMS.

>>phendr+(OP)
I've been using self-hosted Isso to serve comments on my static sites. It's worked well enough, it's practically the same as Disqus.

>>mickey+y1
I suppose it's rather the "without maintenance" part. Had everyone updated their WordPress sites the problem would've been much less.

replies(1): >>InMice+94

>>rwmj+91
Indeed, the problem isn't necessarily even the site being taken over. There was an example of what happens to comments over a period of 9 years without anyone dealing with spam on Hacker News just the other day.

* >>45370971

>>rokkam+M2
The wordpress core can be kept up to date but the vulnerabilities from plugins, relying on fixes and updating plugins i think was more the problem than the core.

In the 2010s if you left a wordpress blog unattended even with the official default filter plugin it would fill with spam comments. I dont know if thats still a problem.

replies(1): >>robins+y5

>>InMice+94
My own blog - which gets maybe a couple of posts a year these days, and almost no audience - had 59 spam comments so far today. It really is time I turned off comments.

replies(1): >>InMice+RUe

>>edarch+G1
Me too, there is no need to have comments I feel you can have a feedback button at most if you want it.

>>robins+y5
Same here with any blog ive ever hosted