Cognitame Changelog #5
Published: Sep 01, 2019 03:27 Modified: Sep 01, 2019 17:11
A lot of small edits were made to the site to get this thing back to where it was before I decided it needed a complete rewrite. Along with sharing the videos I made here, I thought it would be a good idea to record the changelog on the site since the last video.
- HTACCESS Cache Control was set to 1 year, all content on this website will be cached for a year. Considering how often the code of this website changes and breaks, that might seem aggressive. But I'm also going for speed here. As I work on the site more and more, I'm hoping it will get more reliable and changes will matter less as I go.
- Users are denied access to the HTACCESS file. This is a small security issue. I'm not expecting anyone to be able to break the site by seeing what I have on that file. But I'm not a hacker and I don't know what kind of havoc can be wrought with a small amount of information.
- Directories hide their contents. For example, if you go to cognitame.com/images, you will only see the words Index of /images. Where normally under that you would get a list of all files in that folder. This prevents users from looking for pages I haven't properly secured and taking advantage. I could deny access to directory pages entirely, but I thought it would be fun to make them all look empty.
- Block spam and malicious bots. Comment spammers, auto downloaders, email harvesters, site rippers, I've taken a list of these types of bots and am blocking them from site access. These things are everywhere, and I've been hit with them many times before, it's almost impossible to keep up to date with all of them. But I've done my best to block as many as I can.
- Fixed up the Creative Commons License code. The code CC gives you to embed a license isn't the best. There were three issues I needed to fix. First, the image wasn't properly compressed, I converted it to webp and compressed it for optimal loading. Second, it was linking to the license on both the image and the text link. This is bad practice for screen readers so I removed the link from the image. Third, the link was going to http and then redirecting to https, I simply made sure the link points to the canonical https.
- CSS is now using font-display: auto. All this does is allows the browser to decide what it wants to do when fonts fail to load. For most (almost all) browsers this just means the font is given a very short amount of time to load, and if it doesn't, it uses a fallback. I'm already using a manual timeout on fonts so that they load last. So when visiting this site without it being cached (first visit, or after cache resets) you'll get a short amount of time where you'll see all text rendered in standard serif font before it switches over to Raleway/Spectral. This helps the page load ready to read and use as quickly as possible while deprioritizing the fonts.
- Added an Admin link to the bottom for my own use. Users without a username and password should not be able to get access to any of it's options. This is just something that allows me to quickly edit already existing pages or post new blogs from anywhere on the site.
- Changed all the passwords... in my last video I had to black out a password that was showing on screen. That wasn't the first time a password showed up, another video shows one while I was working on the site locally. Either way, everything has been changed and there's no secret way to gain access to the site.
- Removed structured data from database. As I mentioned before, the structured data for this site is automatically generated from preexisting information in the database. I had originally planned on entering that manually when creating new pages and blogs. Seeing as how that is automated, I've removed that and allowed my scripting to do all the work.
- Created PNG backup images for Safari support. Safari is the only major browser that doesn't support WebP images. Makes sense considering it was developed by Google.... I guess? Either way, if you're using Safari, images should fallback to PNG. Featured images on blog posts (the first image on the top right) are in PNG only due to the limitations of the amp-lightbox code.
- Fixed a auto-canonical issue. When creating new page or blog, I can put 'self' as the link to have the PHP automatically set the canonical URL of the page to itself. This way I don't have to know what the id is and set it to driver.php?id=x&type=x. However, that wasn't generating as planned. I fixed the issue by making sure that gets set before all other variables are pulled from the server. I believe the issue is I was running into a loop problem where the URL would set properly, but then the code was use the old data from the variable already set and that would get re-pushed to the server. Either way, the problem has been fixed.
- Fixed a font issue. I was running into an issue where fonts were only loading on blogs and pages or the index. Not both. The problem was with relative URL's. I had to make sure that no matter where you are on the site, the code start from root, the index folder and works it's way into the font folder. (../includes/fonts/..) instead of (/includes/fonts/..) and (/font/..).
All of these are pretty simple issues. But I expect these sorts of things to continue to pop-up as I move forward with the site. Hopefully as I add and build I won't have to come back to these things and keep refixing them. I do want to spend more time on building than fixing... but that may be asking for too much.