I’ve finally made the decision to move the blog feeds to FeedBurner. I suggest you to update your feed reader to the new address:

http://feeds.feedburner.com/ScrewTurnWiki

Thank you for your attention.

As a couple of my favorite bloggers recently suffered a total data loss on their server and they had no reliable backup plan, I thought someone would be interested in how we do backups for the ScrewTurn website.

For a starter, the SVN repository is hosted at Unfuddle. svn.screwturn.eu is just a read-only mirror.

The backup is done this way, daily, via a set of batch scripts:

• a comprehensive backup of the MySQL database (used for phpBB and WordPress) is generated using the integrated scheduler
• the database backup file and all the other data (websites, SVN repository, etc.) is packed in a ZIP file
• the ZIP file is downloaded via FTP from a remote machine; the latter runs in Italy while the server runs in New Jersey, USA.

The most important part: how can we make sure that the backup works? Because we used it to migrate the site to a new server, and it works. The backup is all-inclusive: even scheduled tasks are backed up. The only thing that is not included is the IIS metabase, but for that I have a copy stored on my PC (also backed up daily).

Trivia:

• daily backups are preserved for an entire month offsite and for a week on the server, in case we need to restore something that’s been accidentally deleted (or hacked)
• the ZIP file containing the backup is roughly 465 MB, growing 1.5 Mb a day
• backups take up to 25% of our daily network traffic.

I’m personally a bit paranoid about backups, but I think they’re worth the time and money spent.

Bottom line: in case the whole datacenter blows up, we would only lose a day worth of data, which consists of a dozen forum posts, on average. All the other data is either a copy itself (SVN) or does not change very frequently (content of the wiki, the blog).

There is nothing much going on lately, except bug fixing and translations. ScrewTurn Wiki 3.0.2 will have some completed or new languages (including Spanish, French, German and Afrikaans). The plan is to release the maintenance version as soon as those languages are ready. All non-complete languages will be remove from public releases, but will still be available in source code and nightly builds.

Besides that, we’re receiving a lot of valuable feedback on the v3 release and we’re planning changes for the next major version. Main focus area are the search engine and the editor, which got better in v3 but still require quite some work.

2009 has been a wonderful year for us, so we’d really like to thank everyone who has contributed time, translations, code, patches and feedback to the project.

There will be an interesting announcement in roughly a month, so stay tuned for updates. In the meantime, don’t hesitate to leave some feedback in the forum. Don’t forget you can also follow us on Twitter.

It happens that there is an old version of a PHP-based CMS application that is affected by a bug that, if I understand correctly, allows an attacker to alter the content of a part of a site, called snippet.

ScrewTurn Wiki has snippets (but they’re secure).

The funny thing is that we get a ton of attacks that try to apply the same technique used for the above-mentioned CMS to our website because, I think, there is a page called snippets. Crackers are getting dumber I guess…

STW, in such cases, simply crashes as the HTTP query string is a complete mess, so no worries, we fail fast. At any rate, even if the request was well-formed, an attacker cannot bypass the security configuration like she’s doing in the above-mentioned CMS: permissions are checked for every single request, including all post-backs.

Do people understand free licenses? Most importantly, do they understand the difference between the GPL, the Apache License, the BSD license? I don’t think so.

Why am I saying this?

You might be aware that I recently introduced an “Internal Usage” commercial license for ScrewTurn Wiki. It started as an experiment to see how many people would ask to purchase such license because their business isn’t compatible with the GPL. It turns out that there is roughly one request per week.

I’m generally a honest and fair person, so every time a user asks to purchase such a license, I invariably force them to notice that they can use and even modify the public packages for free, without any type of small print involved. I wouldn’t feel right selling them something that others get for free.

I’ve been surprised to know that quite a few managers or business owners in the software development field don’t even understand what the GPL is and what does it grants you to do. They’re ready to waste 100 Euros for getting even less than what is publicly available (commercial packages don’t include translations for example). It’s not much money, I know that, but what if it was 500€? or more? What if you’re doing the same mistake for many other applications, or even worse the mistake of not using a useful and perfectly suitable application because you’re afraid of its free license?

Guys, please, please spend a couple of hours studying the different free software licenses that the industry has agreed upon in the last several years. It’s very important for your business and, given the trends of the industry, you’ll probably have to deal with free software even more in the upcoming months and years.

ScrewTurn Wiki 3.0 still lacks decent translations in some relevant languages:

• French
• German
• Spanish.

Additionally, there are several languages that were previously available in v2 but are still missing in v3:

• Brazilian Portuguese
• Danish
• Dutch
• Norwegian
• Polish
• Romanian
• Serbian
• Slovak
• Traditional Chinese.

If you’d like to take over the translation in any of the above languages, or in any new language, please don’t hesitate to drop us a line at info@screwturn.eu. The translation process should take between three and five hours.

Note: translations are not included in the commercial editions, so your contributions are not being sold.

I’m seriously considering to discontinue ScrewTurn Wiki Desktop Edition. It takes too much time to maintain the desktop server and most importantly the installer (which has always been a bit clunky, not even supporting in-place upgrades). If you ever worked with Windows Installer and WiX, you know what I mean (plus, consider that the upgrade from v2 to v3 adds a lot of complexity).

As you may remember, last spring I published a survey and it turned out that less than 18% of the respondents used the Desktop Edition at the time. It’s still a big amount of users, and I don’t want to disappoint them, but the problem persists.

There are only two ways to fix this problem: discontinue the Desktop Edition, or make it commercial (paid) so that it justifies the required work. I’m currently more inclined towards the second option.

I don’t have decided yet, so for now the Desktop Edition will continue to exist for v2 only.

The day has finally arrived. After furiously working for 2 years, ScrewTurn Wiki 3.0 is now out of beta and is available for production use.

There are quite a lot of new features, as you probably know if you follow this blog. A brand-new website is also online and I hope it will make it easier to find the information you’re looking for.

No software is perfect, ScrewTurn Wiki included, so I expect quite a lot of bugs to be reported in the next days. I’m pretty confident that there won’t be any giant problem, although there still is an open issue concerning the SQL Server Pages Storage Provider that, in some configurations, causes a lot of errors and is basically unusable. I’ve been working very hard on this issue but I’ve never been able to reproduce it on my dev machine, so it is very difficult to understand what’s going wrong. On the other hand, pre-release builds have run for many weeks on our public website without major problems. My personal opinion is that 3.0.0.333 is much more stable and reliable than what 2.0.0 was when first released.

Unfortunately, this first v3 release only includes a sub-set of the usual UI languages. The missing ones will be added soon.

I also want to thank Jeff Sheldon and Andy Henderson who have recently joined the efforts to build a better wiki software. Another developer will soon join us, but more on this later. The contribution of Matteo Tomasini has also been very important as he built most of the new WYSIWYG editor.

On the development side, we are now discussing all technical matters in a dedicated sub-forum, so that anyone can see what’s going on. We will also start using Twitter more regularly to publish updates and other potentially interesting information.

As usual, your comments and opinions are welcome.

I hate IE6. Well, actually I hate IE in general, but anyway.

I would like to completely forget IE6 and pretend it never existed, as I’ve been able to do for a while now. Then I discovered Expression Web 3 SuperPreview and I decided to test the new website layout (not yet public) in IE6. It’s totally, completely broken.

Luckily, the main themes for ScrewTurn Wiki look almost-decent even in IE6. They are at least usable. Actually, they look almost the same in IE6 and IE7, and they also look almost identical in Firefox 3.5 and IE8 (the difference is exactly one pixel).

Now, according to Google Analytics, 7.32% of screwturn.eu visitors still use IE6, and IE8 has become more used than IE7 only in the recent weeks and only by a tiny percentage. According to the data, IE6 usage has decreased by ~33% in the last five months and that’s a nice thing. I only wish the upgrading process would be faster.

Killing support for IE6 makes roughly 1,200 potential users a month turn away because the website layout does not support their browser. Even worse, you make some of the existing users unhappy.

Google Chrome is used by 8.78% of the visitors, so you might argue that we should focus on Chrome rather than IE6. There is a subtle observation due in this case: many corporate users are forced to use IE6 for absurd IT policies. On the other hand, I hardly believe that Chrome users do not have IE8 or Firefox at hand.

That said, I think I will keep pretending IE6 never existed, it’s simply too much of a burden to keep testing layouts in IE6 (not even considering JavaScript).

I hope IE6-bound corporate users will beg their IT admins to upgrade. Come on, IE6 is 8 years old and it’s the most unsecure browser known to mankind. It’s time to move on. I mean it.