This website has been online for almost ten years with very irregular posting, but I do know it received some attention from people every now and then. That means my goal is met: some of the things I shared were useful for someone.
The past decade saw the emergence and spread of static website generators such as Jekyll and Hugo. This website took its sweet time, but the moment to hop in the train has arrived. WordPress is a fine tool but using it for a such a simple blog is the textbook definitin of overkill.
It as also getting difficult to justify paying a fully managed WordPress-oriented hosting for such a low volume. The available resources were excessive, underused, with very limited control on what actually matters (like TLS and HTTP headers configuration). I have nothing wrong to say about my previous hosting company (ex2), it was simply time to move on.
This is also an opportunity to downscale, reduce dependency on cloud 3rd parties and bring stuff back in Europe:
- The website itself is hosted on an OVH VPS alongside other stuff in Europe - no dedicated resources are involved.
- Web analytics are self-hosted. I don’t intend to make money out of advertisement with this website, so embedding cloud solutions that could link with such a provider makes no sense.
- Less active interpreted language also means a reduced attack surface. Using these technologies is fine when justified, but there’s no case for using PHP here. There’s still JavaScript in the loop, but we can’t go back to 1995, heh?
This website still relies on some external services such as Google (cloud fonts) and GitHub (deployment flow). That will also go away in due time, but… one step at a time ! I am fully aware I cannot realistically move everything away from the all US-based big tech actors but every step away from them is a small win.
With this switch also comes reclaiming more control over the technical stack that serves the domain and website. Both the DNS and HTTP setups are now more or less brought to state-of-the-art (DNSSEC, CSP, Permissions Policy, etc.). The applied policies, in particular the HTTP Content Security Policy, are still far from perfect, but a great improvement from the past.
Through automation and adequate monitoring, the time for day-to-day maintenance can be drastically reduced and, as it stands, I also have reduced my recurrent costs.