New Blog, New Platform, New Goal

Here I am, starting fresh with my blog, one more time. Several times I tried to follow big plans for my blog, with lots of ideas about what to write. Eventually, I failed to keep up with it every time. I haven't been consistent with my plans.

This time, I'm confident it's going to be different. I can't make any promise, since it wouldn't be my job and I would write in my spare time, but I'll try harder to be consistent with my writing.

Topics

I'll be writing about the topics I'm keen on the most, and with which I have experience.

Security would be the first one, focusing on application security and software security. In this context, I will finally pick up again my series about Keycloak, how to set it up for identity and access management, and how to use it to provide authentication and authorization services to Spring and Angular applications. A particular focus will be on access control systems and privacy, which is what I've been working on lately.

I work daily with Spring and Java EE, but I'll be writing mostly about Spring. Some of the projects I'll cover will be Spring Framework, Spring Boot, Spring Security, Spring Security OAuth and Spring Data. I have recently started contributing to the Spring Security project. I'm going to keep doing that and bring some useful insights into some of my articles.

The field of Development is vast. I decided I'll have a section for that to share some useful tips and tricks, opinions about tools and coding, and views from a developer life.

Migrating from WordPress to Ghost

I've been using WordPress for about ten years. I have contributed to the WordPress community by talking at conferences and webinars, organising WordCamps  and Meetups, answering questions in the official support forum, helping with the translation of plugins and themes, contributing to the Core and Meta projects with code to fix defects and solve issues.

It wasn't easy, but I decided to move away from WordPress and migrate to Ghost. And I couldn't be happier with my decision. Ghost has everything I need for my blog, no need to install additional components nor to spend too much time on simple tasks:

• a superior writing experience, which has clearly been thought through carefully, well-architected and extensively tested;
• SEO optimization out-of-the-box;
• rich meta tags for Twitter Cards, Facebook Open Graph and Schema.org;
• clean and elegant template engine (by the way, the default theme is so nice that I haven't even changed it, maybe I'll make some customizations in the future);
• intuitive routes and redirects configuration;
• polished and intuitive administration tool;
• speed, it's extremely fast compared to other solutions, no need for extra components to increase its performance.

From a user perspective, I couldn't ask for more. Ghost has everything you could ever need for your blog. Maybe you're wondering about comments. It doesn't have a built-in commenting system, but that's fine because it's straightforward to integrate third-party solutions like Commento.

Now, let's talk about maintenance. Lately, I realized that when I found some time to write something for my blog, I would spend all of it on the maintenance of the platform. Especially considering the security aspect. I talked about security strategies for WordPress in London, Oslo, Turin, in webinars. I know what to do and how to do it, but it is merely too much time-consuming. When I have time for my blog, I want to spend it writing, not maintaining the platform.

Sure, Ghost would require less maintenance than WordPress thanks to its high quality and clean architecture. Fewer security risks, also. But I have decided to go with a managed solution. I like taking care of all the aspects of hosting a web application, but not for my blog. That is not the goal.

Luckily enough, the Ghost Foundation offers a fully managed platform as a service: Ghost(Pro). Ghost is open source, I could have chosen the self-hosted solution, but I want to spend my time writing articles for my blog. They take care of making my publication secure and stable. I take care of writing articles. It's a win-win!

Data Privacy

Data privacy is crucial to me. I choose carefully the online services I use every day, to be sure my data are kept secure and private. I pay extra attention when developing software: I work in the healthcare domain, where the most sensitive data about people are registered and processed. I have indeed been working on privacy and access control features for more than a year.

It's not surprising that I care about data privacy also for my blog and its visitors. Ghost(Pro) services are GDPR compliant. I rely on Iubenda to clearly communicate privacy and cookie policies for my blog. Regarding commenting functionality, I went with Commento, a fast, privacy-focused commenting platform.

Please, notice that they are all paid services. When it's free, you are the product. I don't get any revenue from my blog; I host no ads; I don't sell your data. But I do care about your data when you visit my website or when you decide to reach out to me by writing a comment. That's why I chose to invest in privacy-oriented services instead of using free products which collects your data and sell them. I hope you appreciate that.

Maybe you noticed that I use Google Analytics on this website. As you can read in my privacy policy, it is only used to collect anonymous data. All data sharing features have been disabled as well as the collection of any information that can be considered personal.

Conclusion

Starting a blog is easy. Keep writing is not. I'm excited to start this new journey and looking forward to seeing where and how far it will take me. I chose my topics, and I migrated my blog to a great platform. A few more steps and I'll be ready to go, see you then.