Updates to OKI-hosted community services, including Wordpress blogs


#1

Dear all,

Over the past 8+ years, Open Knowledge International has been hosting many services for our wider community, such as Wordpress blogs on our blogfarm. We are currently planning a series of necessary updates to this infrastructure: in this post we inform you on why this is needed, and the potential impacts.

Since the overhead of maintenance is high for an organisation of our size, many of these services have already been shutdown over the last 2-3 years. More importantly, the hosting/infrastructure ecosystem is completely different now than it was circa 2010, with a plethora of free and very cheap services available.

We clearly identified a range of issues with our WordPress setup in 2014. At that time, we did not have the in-house skill to deal with them. In early 2016, we did a range of development work across the blogfarm in order to simply upgrade WordPress to the latest version, and we changed hosting to our new dedicated WP sysadmin team’s solution.

Around mid-2017 we started experiencing increasing exploits and DDoS attacks. As attacks increased in 2018, we started monitoring and dealing with exploits as symptoms occurred, but we realise we need to make deeper, systematic changes in order to prevent these attacks in the future.

As we make these changes over the coming 2 months, sites hosted on the blogfarm may experience service disruptions. We will take every step we can to minimise these disruptions.

Part of the solution is to remove old plugins, which means there is a chance that certain sites may lose some custom functionality. As we encounter issues, we will communicate with any such sites, but in the interests of stability and security we will not be able to delay the initiation of such changes, if needed.

Feel free to reach out to us here on the forum or through email to network@okfn.org in case you have further questions, or are experiencing any issues. Thanks for your understanding!

Best, Lieke Ploeger
Communications Officer


#2

I’ve been putting blogs and sites up for national NGOs with Wagtail, a Python/Django-based open source CMS, run my personal blog on Ghost, and the School of Data in Switzerland runs for free on Jekyll and GitHub Pages. The Swiss chapter runs a Wordpress farm. If nothing else, this lets us test the limits of open content, porting articles to and from platforms like, ahem, Discourse. Thank Jimmy we still have Wikipedia to sort through this mess of IT! :wink:

On a more serious note, these kinds of attacks suck, and I encourage everyone in the vicinity to use a quality provider of secure CDN caching and DDoS protection these days, even for smallish sites. What are the channels where issues and questions like this one will be discussed in the months to come?.. https://discuss.okfn.org/c/network-and-community/tools ?


Community event API, Where Are You?
#3

Hi @loleg, thanks for the pointers to these resources!
The tools channel you link to seems the best place to discuss issues and questions around this: I’ll copy this topic there as well. Of course feedback in this topic is also welcome.