[Talk] AUUG web needs work

david.newall at auug.org.au david.newall at auug.org.au
Thu Apr 8 19:32:09 EST 2004 

Earlier today, david.newall at auug.org.au wrote:
> I think it's worth sending to talk verbatim.  Any objections if I do that?

David J N Begley <d.begley at uws.edu.au> wrote:
> No objections.

---------- Forwarded message ----------

Date: Thu, 8 Apr 2004 10:02:46 +1000 (EST)
From: David J N Begley <d.begley at uws.edu.au>
To: david.newall at auug.org.au
Subject: Re: [Talk] AUUG web needs work

Earlier today, david.newall at auug.org.au wrote:

> Without intending to sound negative, may I respectfully suggest that the
> current procedures for maintaining AUUG's web aren't working?  A quick
> browse shows most pages are out-of-date:

This is probably symptomatic of an underlying problem:

 ----------
% telnet www.auug.org.au 80
Trying 150.101.248.57...
Connected to www.auug.org.au.
Escape character is '^]'.
HEAD / HTTP/1.0

HTTP/1.1 200 OK
Date: Wed, 07 Apr 2004 23:27:34 GMT
Server: Apache/1.3.27 (Unix) PHP/4.2.3 mod_ssl/2.8.12 OpenSSL/0.9.6g
X-Powered-By: PHP/4.2.3
Connection: close
Content-Type: text/html

Connection closed by foreign host.
 ----------

Isn't OpenSSL version 0.9.6g covered by a security vulnerability?  Ignoring
that Apache is at least two versions behind, PHP is at least _six_ versions
behind and mod_ssl is at least four versions behind.

I realise that it is just not possible nor practical to be running the latest
version of _everything_, but if AUUG should be "leading by example" in any way
then it should at least be using the Web site as a showcase for not only what
can be achieved with open source products, but also how they should be used
(ie., ensure patches/security fixes are installed, software updated, etc.).

From the perspective of the average SMB operator who may be pointed to the
AUUG site (or may stumble across it whilst following some curiosity about this
"open source" thing), there is certainly little present to encourage them to
think that "open source" is little more than "cheap and nasty".  :-(

For example:

- the AUUG logo on the home page uses poor antialiasing (particularly for
  the text) which leads to "jagged edges" on high-res screens;

- there is a stylesheet yet a lot of style information appears hard-coded
  into the page;

- cross-platform display or consideration seems minimal (eg., "Helvetica"
  is not a valid font on Windows - this just gets mapped to Arial which
  is similar but not identical to Helvetica);  and,

- tried running the page through the W3 validator or any accessibility
  checker lately?

How is the Web site currently operated - manually by users logging in with
FTP/SFTP/SECSH and manipulating files owned by UNIX-level users?  If so, maybe
that's part of the problem - AUUG may need to get serious about looking at a
CMS (open source, of course) and providing browser-level and WebDAV-level
access for remote page/asset management (since there is even a command-line
WebDAV client for UNIX systems, nobody can claim to be left out).  Depending
on the capabilities of the CMS, things like checking for out-dated pages and
informing the nominated "responsible person(s)" could then be automated.

Sorry if this sounds too critical, but you did raise the issue!  Too many
ideas, too little time.  :-)

It's been a number of years since I had an official rôle in running a "public"
Web site but all these issues and the problems you raise about currency I've
seen happen before (there were too many different people trying to directly
maintain and manipulate too many different parts of the Web site which either
looked nothing like each other, duplicated information or just fell into
disrepair).

Perhaps the first two things should be:

- create a concise "corporate statement" covering the purpose of the AUUG
  Web site (ie., why does it exist, what is it supposed to do/achieve);  and,

- document the existing technology (software relationships at least in some
  abstract form), processes (what is _supposed_ to be happening at the
  moment but is not - and why) and people (everyone with some responsibility
  for some aspect of the site) of the existing Web site - makes it easier
  to make forward progress if you know the status quo in detail.

Cheers..

More information about the Talk mailing list