My Top 8 Best OpenSource Software



Hey im doing a top something post hehehe, well these are some of the opensource software i use to build websites, its not all i use, and i don't use just opensource software, but as of now these are the ones i use more often, and most likely will use something else only if they don't fit the bill, this of course excludes awesome stuff like Linux or , so here is my list:

1 - Wordpress
The almighty god of all that is blogging, wordpress has grown a lot over the years, but unlike projects/software like firefox, openoffice/libreoffice, pidgin, gimp... they haven't really had a bad run or started to deteriorate a bit, its been constant good improvements, and even quirky issues are normally resolved without much of a hitch, its most powerful feature is the way it is structured although now it has automatic updates, its core is completly independent from the design or the content, upgrading manually 99% of the time envolves just switching the code, the second best thing is the plugin system that is also independ from the core, turning a bad plugin off is just a question of renaming the plugin folder, these and the almost infinite range of functions you can add make wordpress the number 1.

2 - Zenphoto
Also known as the worst themed gallery software, i really can never get myself to use any of their themes, they seldom are updated and the ones that are officially supported are kinda lame-o, but who cares, their themes are remarkably simple to build, but the best feature of zenphoto is how automated it is, you dont need flash uploaders or running scripts to create thumbnails or do any kind of weird jumps and hoops to upload your photos, nope, you just upload them anywhere you want it to the album folders, and if its a new folder zenphoto will create a new album if its a new picture, the zenphoto will add it to the album, that simple, and guess what, thats what i want with a gallery!

3 - VestaCP
Ahh VestaCP you have a bit of a bad rep, but i tell you this, between all the opensource hosting panels software, i kinda have the impression that you are the only one that cares what the users want, maybe you and KloxoMR, don't get me wrong webmin/virtualmin and the rest are all pretty good, but for some its just a secondary product or just a layer for a LAMP stack, but with VestaCP although i wouldnt say they are on the cutting edge, they do provide a nice clean easy product that at least is growing to a direction i approve, like apache with nginx proxy ^_^

4 - MyBB
Its what forum software should be, its light, its expandable its simple to use but still full featured! I wish i used more, now i dont have that much forum sites, but the only one i have was moved from SMF > PHPBB > BPRESS > MYBB and now i think it is in its rightfull home, great software.

5 - Tiny Tiny RSS
Awesome opensource alternative to the much dead Google Reader, its light fast and simple to use, its great if you want to manage your own stuff.

6 - Drupal
The ten pound mamoth of the bunch is drupal, although this somewhat popular CMS lacks in extensability/backwards compatibility/easyness it more than makes up for it with the ability to do anything! want a social network... BANG! done! want a voting site, oh wait no a voting site with flying eagles that shoot videos and then convert them to pictures of your reaction with your webcam, well im not sure... but if any CMS can Drupal can, so i normally use it when wordpress isn't good enough or i want to create something really unique.

7 - Vanilla
I wanted to love it, but although its layout and features are excellent one thing or another have made me skip vanilla or quit on vanilla, still it doesn't change the fact that its pretty good and works pretty good.

8 - Pydio
Its a file manager/file sync, I've been testing it out as an alternative to dropbox, its great and much lighter and faster than say owncloud, its a great piece of software and its not higher on the list cause i haven't been using it for that long time to say its the best ever!

Best Security Practices for Wordpress


Dont look surprised when your wordpress site is hacked, is wordpress security so weak?

No, not really, its just popular and as such there are more vectors to attack its security, still as a heavy wordpress user i can give you some good tips to keep your site secure, ill divide this into setup the site and securing the site, once you should only need to do once, the other its best to be ongoing, im also assuming that you have your server setup correctly and secured as well as your wordpress is up to date and your computer is secure as well, if those are good, then what i say bellow will keep you 99% safe!

Secure on Setup

On wp-config.php when you install on $table_prefix  = 'whateveryouwant' put a random string! - This will prevent mysql injections that might target the default wp_ table prefix (if already installed use something like phpadmin to go into the database and change the prefix there and then add it to the wp-config.php file)
On wp-config.php under define('WP_DEBUG', false); put define('DISALLOW_FILE_EDIT', true); - This prevents editing of php files under wordpress, most people dont edit them anyways (i just login with sftp and edit directly), so people trying to exploit will have more difficulty doing so
Use a strong password - I know its silly to say but a strong unique password with lots of letters, numbers and characters is always a good thing.

On First Login

Login with your default admin account, create a new account with admin privileges and then delete the old admin account - This prevents login requests or brute-force that would go directly to account number 1 or admin account
Disable user registration, go the options panel and disable user registration - If you dont intent for other users to post, there is no point in allowing registration.
Install only the Plugins you Need - Even if disabled, only have plugins and themes that you need, they could be used

Security Plugins to Install

BruteProtect or Login LockDown - To Prevent login attempts and brute force attacks (or in alternative find a Two-Step Authentication plugin).
Install a Clean Theme - Make sure you get a nice free theme from Wordpress.org or a paid from a good provider and keep it up to date, the more complex the theme the more likely it will have code that might become insecure, so get a good one and keep it updated.
Advance Automatic Updates - Will keep your wordpress install and plugins up to date!
Akismet - It comes with Wordpress for a reason, before it, wordpress comments were horrible and plagued with tons of spam.

Extra!

Please pleassseeee make backups, dont trust your webhost, make your own, thats the only true way of being 100% secure, use a plugin for it, i like BackUpWordpress and Keep Backup Daily, but any you like will do!
Use Cloudflare or Incapsula - These give pleanty of extra features, like cdn but they also filter and protect your traffic from a lot of nasty stuff on the web.
Wordfence or Better Wp Security - If you want more heavy security, its totally optional and in my opinion if you are well locked down they dont add anything!
Use htaccess to lock in wp-admin if you are the only user, search for this on Google pleanty of sites explaining.
Use Wordpress Jetpack plugin it protect you from some security flaws and it will help on automatic plugin installs, plus a ton of other things
Use Mx Toolbox or Sucuri Site Check to check if your site has been exploited!

The best rule of all is to be prepared for the worst, have backups and check from time to time to see if your site is up to date and everything is running fine, most of these are automated but its best to always keep an eye and if everything breaks just clean everything and put back a backup :)

Dreamhost Hosting Review


If you don't know who Dreamhost are, just write Dreamhost on Google :D they are one of the largest hosts nowadays and up until recently I was a big fan and a client for over 10 years, wow! 10 YEARS! So as you all know i tend to only review hosta i stopped using, so why have i left Dreamhost?

First lets start with some history, for a while Dreamhost was the home of a bit of weirdly offbeat hosting, their hosting setup was unique, their culture was unique, their services were unique, also it was one of those hosts that gave you freedom, even when you screwed something over or abused some of the services or just didn't have your wordpress well setup they were lenient and most of the times helpful, it wasn't about oh its your fault or i cant do anything, it was a matter of helping you out even if it was your fault, their hosting was weird but cool, you never cared about how much space you were using or resources cause it just worked!

And from a very affordable price you had a ton of extras to play with it was a playground feel and something very unique on the hosting industry, it reminds me of when Gmail started, you just had so much to work with now, even with kinks you always forgave cause... well lets just say it... Dreamhost was awesome!

And although i had move most of my sites and apps to vps/cloud/dedicated hosting, i still was very happy with my Dreamhost account!

Was? Oh yeah since about 2 years ago, they changed and a lot and besides the culture part... well it was fun but its not the essential, the change was in their network and features, the moved from a clustered type of hosting where i have to say it had the occasional downtime but overall it was fantastic speed and resources to a plain basic shared hosting setup one that is very stifled on resources, a hosting account that at its max had 20+ sites all running a lot of traffic, including a buddypress social network and a forum, now cant handle 2 wordpress sites at the same time without giving 503 errors.

Now compare that with a test vps i have that also has 2 pretty new wordpress sites but getting there, this vps is KVM with 256mb of Ram and 1vcpu, is it awesome, no? but after a well setup (nginx/apache/mariadb) its running those 2 sites like butter its almost native speed, while on Dreamhost you basically traded that slight instability for basic performance, those 2 sites load slowly and i guess any more php sites and my account would die, by the way i was paying 7$ a month on Dreamhost and i pay 1$ a month on Atlantic.net and altough Dreamhost "gives more" like control panel, backups, the most important part, the hosting is pretty weak!

The fact is that shared hosting on Dreamhost is dead, they want people to move up to VPS, to their Cloud Offerings, to their Specific Wordpress Offerings or Dedicated, they went were all the other hosting companies have been going since... well forever! They give you a great offer on shared hosting, but the shared hosting is so restrictive that any usage above a very low margin will probably need to upgrade, thats fine, but that wasnt the Dreamhost I sign up for!

Dreamhost could easily put nginx in front of apache, or just tweak their shared hosting to be as fast and streamlined as possible but they of course have no incentive for that, when you sign up for their vps you can do that yourself so they can do it, it reminds a bit of my issues with webfaction and their weird limitations...

Also i tried 2 times their VPS platform, the first time was a bust well mostly because their shared hosting was still in the old platform so it was literally moving to something worst with more limitations in everything, the second time around it was better but for that price and performance i expected a big leap from the shared hosting, i was using the shared mysql but than again why would i need to pay for vps and then for vps mysql, its just plain not good.

I also asked to be moved in the last 6 months to another datacenter and they did it, but nothing changed, still plain boring performance and hosting, this wasnt a easy decision i really liked Dreamhost, my kind of hosting, but they arent anymore, and so i move to bigger and better things, so to finalize this... yeah i left and im not going back, and sorry to say that ill probably also pass on their cloud offerings, burn me once... ok stopping the rant >_< sorry sorry, here is a resume :P

Dreamhost Strong Points

  1. Awesome Control Panel
  2. Basic Hosting Feature Set
  3. The Shared Hosting Price is Alright
  4. Good Network

Dreamhost Weak Points

  1. Shared and VPS Hosting has Weak Performance
  2. Shared Hosting Increased its Limits
  3. The VPS Hosting Price is Expensive
  4. Lost Some Extra Features
  5. Its Price point has lost Value (You dont get the same bang for buck you once got)
  6. Lost part of its Nerdy/Tech Culture and Charm
  7. Uncertainty Regarding New Features (Adding then removing features)