I.T. Security and Linux Administration

May 31 2013   6:56PM GMT

Dynamic or static website?

Eric Hansen Eric Hansen Profile: Eric Hansen

Should you run a dynamic or static website?  Its typically a tough call.  Dynamic sites offer a lot of functionality that, for obvious reasons, you don’t get in a static version.  However, there are some things to consider:

1.  Dynamic sites end up giving a lot more overhead and resource usage from your server (not good if you plan on running multiple sites on one server)

2.  Static sites, while may not have search functionality, can still provide other options like a tag cloud (just make sure you use good tags is all)

3.  Dynamic sites are more vulnerable to security issues opening up a flood gate to hackers entering your server

#3 is the biggest concern I have.  WordPress, for example, is an amazing piece of software for blogging…and now website management.  Its not hard to install a theme, plop a plugin or two in, add some pages and make a blog post welcoming the world.  Static sites, however, can be very tedious to work with, even if you template-ize the whole thing (i.e.: put common code in separate files and include that at run time).

What does that have to do with security?  Everything.  WordPress has been hot under the gun lately for some security issues, as well as Drupal having some issues not too long ago (though not with their software…yet).

In rebuilding my business’ website, I had to sit down and really think about what was used and not-so-used.  I didn’t make a lot of blog posts, no one commented, and for all intents and purposes the page design broke in different instances.  Basically  I had a set up that was using around 50MB of RAM (Apache2 + PHP + MySQL), powering WordPress, and was doing nothing that its intended for.  So what if I cut all that down?

If someone wants to comment, I have Disqus available.  Now the main focus on the site is not about blog posts, but about what my business offers.  I can still use Apache, but why?  Sure I might need it for my CMS (client management system), but my website won’t need it.  Install Nginx, have that serve the static content, off-load everything else to Apache via proxy and be happy.  Apache won’t be trying to do so much with the disk and resources now, and I’m able to improve speed performance by not running my rarely-modified files through a pre-processor (i.e.: PHP).

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: