Foreword
The issues of Website security and performance continue to loom large, with organisations large and small continuing to suffer severe loss of service following a compromise — whether a site gets defaced, Google results become hijacked, or, more seriously, personal data is breached.
As will be described below, MakeStaticSite already offers a freely available solution (which has been implemented for this site), but it requires a certain level of technical knowledge. However, further development is on the way to provide a Web-based service that will be simple and easy to use. A proof of concept has already been implemented and been successfully tested, which should pave the way for business investment.
What’s the problem?
Security issues arise largely from the way the content is generated and delivered to site visitors using server-side processing, which typically involves scripts and databases to select and deliver specific text, multimedia, and so on. For example, content management systems (such as WordPress and Drupal) are based on PHP and MySQL, which, if misconfigured, might yield not only the desired pages but be open to requests crafted to subvert the setup and yield unintended access. Thus, maintaining the security of such a setup is an ongoing process that requires continual vigilance, responding promptly to security notices with the installation of updates, but it’s a race against time and there’s no guarantee that all vulnerabilities will be spotted.
MakeStaticSite belongs to the class of software known as static site generators, which removes all the dynamic components from public exposure, replacing them with a set of web pages (plain HTML, CSS, JavaScript) that require no server-side processing. The pages are prepared beforehand in a safer environment, such as an individual’s laptop or a shared space behind a firewall, protected by strict access controls. This simplifies the delivery process as well as helping with security. Shell scripting is used, making available various tools to handle different aspects of the task. An introductory post provides an overview of the processes involved.
For developers and system administrators, MakeStaticSite provides a convenient means to set up and manage the automatic creation and deployment of static versions of websites. Such sites can be administered locally and then deployed remotely to some other hosting provider. Strictly speaking, this is not an archival tool as the output is not an exact mirror, but a version of the site that preserves content whilst aiming to remain current. For example, RSS feeds are saved and then renamed with .xml extensions, and further files may be added.
Anyone who has some familiarity with the command line should be able to use the tool to assist in maintaining their sites, though such an interface is off-putting to some. Further, a scripting-based approach has been chosen to make this tool widely accessible for developers to further fine-tune; a number of refinements are already included that augment the standard use of Wget, such as support for arbitrary attributes and, in the case of WordPress, the use of WP-CLI to prepare sites beforehand.
MakeStaticSite has been released as open source software, available under the GNU Affero General Public License version 3 . For further details, please refer to the project site, makestaticsite.sh. Many thanks to various developers for sharing their knowledge on shell scripting, particularly on blogs and Q&A websites such as Stack Exchange and to those who have tested, commented on and otherwise supported MakeStaticSite.
Hosted Web Service
In its present form, it is technical in nature, aimed at developers and system administrators. However, as a further development, a hosted Web service is being developed, with a simple user interface.
The user logs in to a central dashboard to maintain their projects. By following a link or clicking a button, they can launch their CMS editor, build a static version of the site and browse the output.
How you can help!
At this stage, we are looking for investment. Please get in touch to try out the demo and to arrange for a presentation.
Tags
development, MakeStaticSite, open source, projects, software, website
This page was published on 20 September 2022 and last updated on January 29, 2024<!-- by Paul-->.