I think this makes 100% sense from an operations perspective. Anytime you can "outsource" a lower priority web service - fantastic.
However, from a community advocacy perspective - I am less convinced. I would be curious if anyone from that team could chime in as well. The security argument makes a great deal of sense to me - making the primary production sites vulnerable should always be avoided if at all humanly possible to do so. Here are some lingering questions I would have for Advocacy and Ops: 1. How closely are we working with WordPress.com staff on this setup? 2. Will we be paying for the service? (I know it is minimal - more curious than anything) 3. Is the Automattic (company behind WordPress) privacy policy compatible with WMF's current and proposed (as it exists now) privacy policy? 4. Will people be required to register with WordPress.com to participate in the blog? 5. I recognize we utilize a lot of corporations - but most do not handle our content (I suppose data centers and bandwidth - but I digress) - generally that has been our own or a nonprofit like Freenode (if you count IRC as content service). Additionally, they use ads - which has been a hot topic on project sites. Recognizing the blog is not really a project site that is covered as tightly under our principles - can someone speak to the compatibility of Automattic's policies and values with WM and WMF? How are we getting around the ads? 6. Are there other services on WMF servers that could be potential security threats? Are OTRS, Mailman, and Etherpad subject to these concerns as well? Is there a likely possibility that other services will be moved in the future? 7. Should all of these services be moved to a separate server? Is that feasible? I appreciate that WMF is having this dialogue before the switch actually happens. I agree it is a compelling idea. - greg aka varnent On 5 Sep, 2013, at 5:16 PM, David Gerard <[email protected]> wrote: > On 5 September 2013 22:07, K. Peachey <[email protected]> wrote: > >> That is a argument for changing the blogging tool/platform, Not changing to >> non self-hosted environment. > > > tl;dr Wordpress is the only blog that isn't shit. And Wordpress.com is > a fine place to host a blog if you don't want ever to have to think > about the nuts and bolts of securing the thing. > > _______________________________________________ > Wikimedia-l mailing list > [email protected] > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > <mailto:[email protected]?subject=unsubscribe> _______________________________________________ Wikimedia-l mailing list [email protected] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[email protected]?subject=unsubscribe>
