Privacy Focused Blog PlatformCategory: else
A 3 Minute Read
25 Feb 2015
Support The Tin Hat on Patreon! Just one dollar makes all the difference in helping me write more content!
Throughout the life of this site I’ve searched for tools which allow me to implement features you’d find on other sites, but without compromising user privacy. Generally the way to ensure privacy is to use self-hosted services, which also happens to be ideal for use on anonymization networks like Tor and I2P as it limits external requests. I might write a longer tutorial on this later, but I thought I’d run down the blog platform I’ve slowly pieced together over time.
Nginx is a great, simple, performant webserver for sites that don’t need a thousand bells and whistles (cough apache cough). It uses barely any resources and can be thrown on even the smallest of servers. If you’re setting up a hidden service that isn’t the next Facebook, I’d highly recommend Nginx
Google Analytics is a powerful tool, though its also ubiquitous. Therefore, if it were only used on a single site there wouldn’t be much of an issue, however the fact that it is used on many sites means that Google can follow users around the internet. Moreover, because it’s externally hosted it won’t work very well on I2P.
Piwik is a great open source alternative. Piwik has not only many of the features that Google Analytics has, but also the ability to anonymize IP addresses. This means that should your server get compromised any user information would be effectively useless. That’s not to say that the analytics are useless, simply that it can be configured that the data is detailed enough for site-metrics, but generalized enough not to pinpoint any users. Lastly, because Piwik is self-hosted it works great with Tor and I2P, as no external requests need to be made.
Meant for sites that are on clear-net, or have additional access through hidden services. Piwik on purely hidden service doesn’t work well.
Content Management System: Jekyll
Wordpress is both ugly and constantly under attack. If you don’t keep it updated you’re going to get owned. That’s why static site generators like Jekyll have been making quite the splash. Not only does Jekyll lack all the security holes that Wordpress or Drupal have, but it’s also significantly faster. This is because rather than generating your site server-side and on-the-fly, Jekyll works by building your site into static HTML files, which you can then upload to your server.
Jekyll is built for blogs, and uses Ruby to turn posts written in Markdown into static HTML pages based on a template. It supports pagination and a whole slew of other features that can be customized for a very tailored website. Jekyll can also be integrated such that it only operates on a small section of a website (such as how it’s implemented on this site), but can keep other specific areas updated as well (such as a homepage). Jekyll also has plugins to minify HTML, create archives, build RSS feeds, and much much more. I’d highly recommend it for any blog, especially one that might be hosted on Tor or I2P.
I’m always searching for new tools like Isso and Jekyll, so if you know of some post it in the comments below!