Updates to OKI-hosted community services, including Wordpress blogs

Dear all,

Over the past 8+ years, Open Knowledge International has been hosting many services for our wider community, such as Wordpress blogs on our blogfarm. We are currently planning a series of necessary updates to this infrastructure: in this post we inform you on why this is needed, and the potential impacts.

Since the overhead of maintenance is high for an organisation of our size, many of these services have already been shutdown over the last 2-3 years. More importantly, the hosting/infrastructure ecosystem is completely different now than it was circa 2010, with a plethora of free and very cheap services available.

We clearly identified a range of issues with our WordPress setup in 2014. At that time, we did not have the in-house skill to deal with them. In early 2016, we did a range of development work across the blogfarm in order to simply upgrade WordPress to the latest version, and we changed hosting to our new dedicated WP sysadmin team’s solution.

Around mid-2017 we started experiencing increasing exploits and DDoS attacks. As attacks increased in 2018, we started monitoring and dealing with exploits as symptoms occurred, but we realise we need to make deeper, systematic changes in order to prevent these attacks in the future.

As we make these changes over the coming 2 months, sites hosted on the blogfarm may experience service disruptions. We will take every step we can to minimise these disruptions.

Part of the solution is to remove old plugins, which means there is a chance that certain sites may lose some custom functionality. As we encounter issues, we will communicate with any such sites, but in the interests of stability and security we will not be able to delay the initiation of such changes, if needed.

Feel free to reach out to us here on the forum or through email to network@okfn.org in case you have further questions, or are experiencing any issues. Thanks for your understanding!

Best, Lieke Ploeger
Communications Officer

I’ve been putting blogs and sites up for national NGOs with Wagtail, a Python/Django-based open source CMS, run my personal blog on Ghost, and the School of Data in Switzerland runs for free on Jekyll and GitHub Pages. The Swiss chapter runs a Wordpress farm. If nothing else, this lets us test the limits of open content, porting articles to and from platforms like, ahem, Discourse. Thank Jimmy we still have Wikipedia to sort through this mess of IT!

On a more serious note, these kinds of attacks suck, and I encourage everyone in the vicinity to use a quality provider of secure CDN caching and DDoS protection these days, even for smallish sites. What are the channels where issues and questions like this one will be discussed in the months to come?.. Tools - Open Knowledge Forums ?

Hi @loleg, thanks for the pointers to these resources!
The tools channel you link to seems the best place to discuss issues and questions around this: I’ll copy this topic there as well. Of course feedback in this topic is also welcome.

Hi @sarapetti! I’ve been in touch with @amercader and the tech company running the WP blogsite network and support for chapters and local groups.

The Swedish WordPress on the blogfarm is heavily outdated and they could not help us to upgrade it pro-bono. I was asked to bring it up with OKFN internationally regarding the WP blogsite infrastructure.

• https://okfn.se (Sweden) is on the recommended setup to be in the blogfarm and we are stuck on WordPress 5.3.2 - whereas

• https://ok.org.br/ seem to be on same blogsite but on WordPress 5.7.2.

So both sites are out of date and this is an issue e.g. when we try to work with optimizing our page speed so that we can reach more audience via search engines. When I test the site speed via https://pagespeed.web.dev/ the suggestions from the results ask me to fix things on the Swedish site which I cannot fix on version 5.3.2. and this would not be a problem with 5.9 and some plugins for site speed optimization.

I’m wondering, building upon @ppkrauss in this thread, if OKFN monetarily can support the tech support company so that our instances can be upgraded to WordPress 5.9 (and onwards), add plugins, and the theme as well (or ability to change theme)? If this support is not possible now or in the future (thinking this year, preferably before summer) we could need a way out i.e. help to install a plugin so that we ourselves could export all our data from the blogfarm setup.

How does this resonate with you? It basically comes down to if the blogfarm should be actively supporting smaller chapters and local groups with free hosting or not. We’re not asking for any custom country-specific functionality plugins but rather ones that are generally recommended such as

• Two-Factor Authentication,
• image file compression (AVIF and WebP formats),
• site optimization
• Duplicator (backup and migration).

Hi, Mattias.
Here in OKBR (https://ok.org.br/), we have a self-hosted instance of WordPress since the beginning of 2020 and are regularly doing its maintenance. We have another maintenance cycle scheduled and secured in this year’s budget.

Hi @mattias

You are of course right in that the sites in the blogfarm are very outdated and that has been an issue for a long time, as this thread can testify.

The fact that we are running more than a hundred sites from that farm and that many have their own plugins makes it difficult, but we are committed to address this during 2022 (and in fact we’ve working towards that end for a while, cleaning up and archiving as much as we can).

So to the question of whether OKF should be supporting chapters and local groups with free hosting the answer is yes. What form this takes under hood is something that remains to be discussed but the goal is that each chapter ends up with an updated Wordpress instance that can be kept up to date.

As for timelines it’s difficult to say at this point, as I say it’s something that we will tackle this year but with limited resources we can’t provide a clear date for it. I’d also like to have it done by summer but we’ll know better around next month.

And of course we will be happy to help you transition to your own infrastructure if that’s what you prefer, like our friends from Brazil did. We’d provide you with a dump of the database and file uploads.

Hi @amercader! Hope you are well.

Fully understand this and fully understand it’s a lot of work - you are doing an amazing work to “clean it up”. I’m sure you will find a solution for a simpler IT architecture with less risks of ending up in a similar situation.

I see. It makes a lot of sense and I hope in one sense that you can find a solutions that can help avoid another situation with heavy maintenance or cleaning.

I am happy to hear this. If static sites like jamstack.org becomes the target for simpler hosting and simpler migration but perhaps addon CMS for Jamstack sites like https://www.netlifycms.org/ are possible for non-technical web editors if you end up transitioning sites from Wordpress.

I understand. I intentionally waited with asking through February and March to ask you if you know more now?

We do not have capacity for transitioning to our own infrastructure and do not have capacity for IT so we prefer waiting for updates regarding restructuring the free hosting for chapters.

Just a quick update to say that we are starting the migration process for the sites that will be migrated to the latest version so we will be reaching out to their administrators to coordinate. cc @mattias

@amercader Sounds awesome, thanks! For Sweden please ping me as I’m can respond regarding the technical stuff. Good timing with WordPress 6.0 just released! Also got a good contact at Gandi.net for EU / GDPR / Schrems II-friendly hosting. They like to support open source and NGOs.