Welcome to WolfmanzBytes V3.0

Main Menu

Welcome to WolfmanzBytes V3.0

Wednesday, 26 April 2023 20:46 | Written by WolfManz611

I’m back!!!! It’s been quite a while since there was anything happening on this site but today I will talk about the process of bringing WolfmanzBytes from a outdated Joomla V1.5 web site to a current day Static web site.

So this all began way back when I first fired up WolfmanzBytes with Paul and Spider way back in 2005 the CMS or Content Management System we used back then was a program call Coranto and that was at the time the right tool for the job and it was a fairly quick process to getting it up and running with Paul and Spider. The issue after using the Coranto for a few months was there was no fancy back end to it at all or even any sort of GUI based editor you could use. You were pretty much doing everything in simple text editor like Notepad and that was as fancy as it got. Needless to say this has it’s pro’s and con’s that goes along with it.

On the plus side Coranto was easy to add articles to and there was no complicated looking GUI to get in the way also, a really good thing when you had a bunch of image links that you wanted to have properly spaced on the web site since it was text image links you were working with so it was easy to tell if one picture was a carriage return spaced image (as in one on top and one on the bottom and a gap in the middle). The bad side of Coranto was it used a flat file database system and as the web site traffic picked up this may become an issue for performance reasons. On top of that Coranto wasn’t suited for a Multi User back end system where you would have various users who could post or moderate on the site and you had fine grain control over what they could or could not do on the site.

It was around the time I was seeing the issues with Coranto that good old Spider was checking out Joomla for his own needs and he was telling me about it. When he would talk to me and Paul about it sounded like the ideal thing to move WolfmanzBytes to and so I got to looking into Joomla and got a chance to test it and see the back end for it and man was I impressed, compared to what Coranto had to offer. So I made the move and switched to Joomla again with the help of Paul and Spider and low and behold we had WolfmanzBytes running on Joomla and so everything is rainbows and sunshine right? Not exactly lol…..

When moving from Coranto to Joomla there was on big difference between the two and that was, Coranto did NOT have the security issues that you may end up with when using Joomla. This also made it so that you had to really be on top of updates and there were a lot of updates being pushed out over the years for just Security issues and then on top of that if the people at Joomla introduced new features into Joomla you would want to update for that as well. The other double edge sword to Joomla is the MODS / Plugins you can get for Joomla to do whatever it is you want to do. I remember I wasn’t to impressed with the default text editor it had at the time in version 1.5 and so again talking to Spider about that he said check out this other editor that was available in the form of plugin (Joomla has loads of these plugins made by community members and even professional companies) and so I did that and sure enough it was better. So after using that editor for some time I woke up one day and sat down at the computer opened the web site up on the browser and I just so happen to notice that the scrips blocked by No Script went from 3 to 12 and this is one of those moments you know you have an issue on your hands now lol.

So when I seen the No Script script number being blocked go from 3 to 12 I knew right away the site had been hacked and I wasn’t impressed. The only good thing was I caught it super fast, the hack as far as I could tell was only live on the site for a couple of hours. So once I started to do some digging and then hunting files down on the web server it became clear that the text editor I had installed had a security flaw that was exploited to get access onto the web server. Right away I uninstalled that thing and then cleaned up the mess and soon enough the site was back to normal. Now this is where keeping the site updated with the latest security patches is something you HAVE to do if you have a website that’s on the internet. But like many people you get complacent in that you figure no one has messed with site successfully before so I don’t have to babysit it all the time and that was a mistake on my part. However this kicked off something else in me as well in that now I started looking for another Content Management System that didn’t have the same exploit surface that Joomla had. The one thing I never really liked about Joomla was the pace of the updates and how new stuff was always being added and this new stuff just meant more work for me in that you had to stay on top of all the stuff. The other issue was I never really used all the power Joomla 1.5 had never mind anything beyond V1.5.

So beside the security issue I ran into with Joomla another problem showed up and that was the move to version 1.6 I was still at version 1.5 and this move to 1.6 was not an update like all the other updates were, this move was a migration and that was a bigger problem since everything I was reading about it at the time indicated this could be a very bumpy migration unless you were very good at doing such things and handling any bugs that come up. So it was at this point I dug my heals in and put off that migration literally for years and years it was also at this time I had other real life things going on and so the site went on the back burner for a long ass time.

The site being on the back burner also meant the site was seriously outdated and that was leading to things like paying more for the web hosting for the site because they had to keep an older version of PHP around just for sites like mine. Joomla 1.5 needed to work on PHP 5 and it would not work on newer versions of it unless you updated Joomla past V1.5. In the case of 1and1 which was the web host for the site they started to charge $8.00 U.S a month just to keep the website running on PHP 5 and again I paid that for years then last month they said they would up that by another $8.00 U.S a month and now your looking at $16.00 U.S a month aka $21.82 CAD at the time of this article. And that extra charge is on top of the money they’re charging just to host the web site. Now it should be stated that this extra charge they are hitting me with for the PHP older version is entirely my fault if I went to the latest PHP version 7 or 8 I wouldn’t be charged anything at all since those would be the most current PHP versions and hence 1and1 would keep those up to date free of charge. For those wondering the reason you pay extra for the older version is 1and1 has to put extra resources into keeping those end of life versions of PHP patched / secured and that’s why I was being dinged for that.

Over the last little while I have been investigating static site generators aka Hugo and Jekyll and I decided to go with Hugo, and so a few months ago me and Paul got the old Joomla site content put into Hugo. This little project of getting the stuff out of Joomla and into Hugo Required the REG ex programming of Paul we both dabble in Python and the like but he actually knows what he is doing where I get to the same destination he does but in a not so clean or properly formatted code manner LOL. The one thing Paul is really good at is looking at Reg EX code and figuring out what does what and it was through his Python Reg EX code we were able to 100% scrape the old Joomla site and get everything formatted for Hugo.

Once we had the Joomla site properly scraped for Hugo we then ended up taking a break from that and again several months would pass by now however, 1and1 the web host for the Joomla site said they were going to charge me even more for the old PHP stuff I said we have to get this site up and running so I can get it off 1and1 and figure out where to go next. I was going to get a Canadian web host provider but then once again talking to Paul he mentioned since the site is not seeing a shit load of traffic per month why even use a web host? So I said to him if I don’t use a web host where does the site go and he said use the Raspberry PI 4 you have and so I gave that some thought and then of course the next topic that comes up is if I host the web site here on the Raspberry PI how do we handle the DNS for that and things like the HTTP Certs etc?

It was at this point Paul had been looking into something he heard about called CloudFlare and they have this tunnelling software that you run on the Raspberry PI (and various other computers and OS’s) and it creates an encrypted tunnel to CloudFlare. CloudFlare have streamlined and made it fairly easy to get it going, you can also get CloudFlare to encrypt your traffic and give that a certificate so your site if that was like mine and was only HTTP is now HTTPS and now you have that SSL padlock icon in the browser and no longer see messages about that site not being trust worthy etc because its not using HTTPS. The beauty of CloudFlare in terms of a self hosting perspective is that normally if you were going to self host you would need to have a computer exposed to the internet and all though you can do that, this is something you really have to keep an eye on with so many scanners and bots trolling the web every second any miss configuration of that server or even not having a security patch applied can cause the box to get owned. There are bots scanning ports on computers looking for things like SSH or Telnet ports etc to see if they can brute force through password guessing to get into your web server. When it comes to CloudFlare and that encrypted tunnel software you control 100% what goes through it. You can tell CloudFlare to only let in LEGIT HTTP traffic so any type of port scans and the like wouldn’t even make it to your self hosted web site at all. The amount of control you have as to what can communicate with your web site over CloudFlare is quite stunning, and the best part is you don’t have to have your web server exposed to the Internet and what goes along with that.

If there is a gripe I have with the CloudFlare service its the fact to even use it and I mean the free tier here, you have to give them credit card info. I can see why they do that, they no doubt are doing that to put the brakes on bots setting up accounts and the like but its still annoying and another issue I ran into with the site is I had to have Ublock Origin turned off to even get the payment details to go through. The other issue with this CloudFlare stuff is that because the service I’m talking about is FREE then the question becomes whats in it for them? There is options on there where they can up sell you this or that but for me the bigger question is what are they doing with all the data that’s coming and going from your web site? They could also be doing this FREE thing because they make tons of cash off much bigger corporations providing DDOS protection and various other corporate things but it still leaves you wondering. For myself because I’m only using this for my Review web site I’m not concerned with any of this, if I was I wouldn’t have used them to begin with. I just hope they keep this service free because I think its a game changer in a lot of ways for self hosting and it would suck if they get a shit load of users and then just dump the free option and start to charge people through the nose for this.

One thing I should clarify about the Raspberry PI 4 is this thing is not a super computer. The one I have has a 4 core processor and 8 GB of ram. Its important to note here that if the site was getting shit loads of traffic you would have to do two things. First you would have to consider your upload bandwidth as in how much do you have and at what speed. Most residential lines here in Canada gimp you on the upload speed when compared to the download speed however, if you have something like Bell Fibe or any of the modern fiber optic internet connections then you may have more then enough upload speed to deal with a busy site. Then you have then Raspberry PI 4 it self, I would imagine a busy site would just put this little computer under to much strain. However with options like what you see with CloudFlare and their encrypted tunnel if you had a fast enough internet connection it wouldn’t take much to put a beefy computer up and run the site off that. The best part is today we have all kinds of options for self hosting a web site. The best part is you control the hardware so if you want to drop in a bigger SSD drive or more RAM or whatever you can do just that. Your also not sharing that CPU with a bunch of other web sites like you would be doing at a web host.

So overall this has been a hell of a ride and now the site has been brought into the future. As time goes on this site will evolve and features the old site had may get added as well. The ironic thing to this is that at the beginning of this journey I was using Windows Notepad and Coranto in 2005 and now in 2023 I’m using XED in Linux which is like Notepad for Windows but for Linux however, Hugo is vastly different from the other Content Management Systems I have used in the past. You are using a basic text editor but because the site mainly consists of just HTML and images you vastly reduce the security threats. The only Java Script in use for the site as it sits now is for the CloudFlare Insights which gives me info on how many hits a day the site gets and things like. That Java Script is run on the CloudFlare system and not on my end so my site by default doesn’t use Java Script. As well as no Java Script on my end I’m not using CGI or PHP or even a database like a MySQL so this gets rid a wide array of security threats. On top of all this the site is being run through CloudFlare and they also will look and block fishy things trying to mess around with the web site. I have said this before and still believe this to this day, I don’t think security is a thing where you can be 100% safe specially when talking about any type of web site on the internet however, I think if you can make the attack surface small enough for the most part you should be alright if you keep an eye on things.

So then where do we go from here? Well now that the site is back and better then ever, I will continue where I left off but doing so when I have the time to do it. I will still do Reviews in fact, I have been using Linux now AKA Manjaro since 2017 and I’m on thing every day. Way back in 2017 Windows 7 was on the chopping block to be End Of Life by 2020 and so I said the hell with it I took the windows 7 install SSD out of my machine and put in a new one in and had Manjaro installed on it and its been that way ever since note, the computer running Manjaro is from 2010 and it still runs everything super fine no issues at all.

I do have Windows 10 here as well, I built a new computer that I was going to use for Linux but instead I wanted to see how windows 10 would handle some games and so far that machine is still there loaded up with windows 10 just for gaming. I don’t game at all on the Linux machine since the hardware being as old as it is would not be a super smooth experience and then on top of that gaming on Linux is getting better but it still not where I want to see it at and so until that day comes I will stick to the Windows 10 machine or even a console in some cases. I’m NOT a fan of Windows 10 at all with all the Telemetry and the Privacy issues they have going on plus the bloat ware and the adds etc etc. If there was another Operating System out there you could game on and get the performance you do on Windows 10 and still have the same amount of AAA games to play I would be on it in heart beat. Hopefully Linux in a few years time will be good enough and the AAA game developers will take it more seriously to the point that it can finally compete with with Windows. Linux does have to make it point click if you will as in you get the game install it and you’re done none of this shit where you gotta tweak a bunch of stuff or need certain installers and the like.

So to wrap this up, anyone still showing up to check the site out every once and while I thank you for taking the time to do that (despite the fact nothing got updated for years). As I said above hopefully with time allowing I can add some more good Reviews and get some articles out on various things of interest.