Active Directory Provider and More

March 9th, 2010 by Dario Solera | 1 Comment | Filed in Community, Security

I’m very happy to announce that thanks to the hard work of Matt C. and Bill F., we now have an official, fully-supported Active Directory Provider. You can find it in the standard download packages as well as in the source code.

The provider basically works like this: you map AD groups with STW groups, so that every time an AD user accesses the wiki, it is authenticated against Active Directory. The provider copies user’s data locally, most importantly the username, the display name and the email address, while the password is generated randomly. You can even setup the web.config to allow Windows Authentication (when the site is trusted in IE), so your users never have to authenticate manually.

I think it’s a great result, so I renew my thanks to Matt and Bill.

On a side note, ScrewTurn Wiki 3.0 is now available via the Microsoft Web Application Gallery, providing a simple installation experience. You can choose to either install the file-based or SQL Server-based version. It’s been quite hard to get the package right, but I think the result is worth the pain.

ScrewTurn Wiki 3.0.2 and Community Strategy

February 10th, 2010 by Dario Solera | 6 Comments | Filed in Community, Versioning

Just a quick announcement: ScrewTurn Wiki 3.0.2 is now available.

This new version includes a truckload of bug fixes. I know, it took a very long time, but I’m happy to  say that ScrewTurn Wiki has never been so stable and reliable. Granted, there will be more bugs, but I really feel comfortable with this release. Sure, there are still some rough edges, but nothing I can’t live with. Mostly, it’s all about not-so-good performance with huge pages. The strategy of not including new features in minor releases has paid off after all.

I hate when software doesn’t work, so I’d like to thank everyone for reporting bugs and being patient enough for waiting a fix. You guys rock.

We also released a new blog theme, so if you’re reading this via RSS, you might want to fire up your browser.

Community Strategy

We’re struggling a bit on figuring what the community really wants from ScrewTurn Wiki. I’m not talking about features, but rather about contributions. There has been some interest lately in creating a ScrewTurn Wiki Contrib project, hosted probably on Google Code, where contributors can commit their work.

We’ve taken a look at several Contrib branches of well-known .NET open-source projects, and I have to admit that the feeling is quite bad. Maybe I’m wrong or I simply looked at the worst examples, but Contribs projects feel like they are the big ball of mud of open-source, as if they have no organization. Most importantly, they rarely have any useful documentation. In short, I don’t feel like having a Contrib project would really help STW users, but I’m open to suggestions and examples.

What I really think would be helpful as a starting point is a more community-oriented management of plugins. I can see that potential contributors are driven away by the lack of feedback from plugins users. Here is what we thought:

  • each plugin would have a dedicated page on our site, maintained by the author and including documentation and necessary information, also allowing for discussions (eventually, we might also create dedicated areas in our forum)
  • each plugin can be rated, and its downloads are counted
  • we will list all of the plugins in one page, and each entry includes the rating and number of downloads, plus a one-line description (our own plugins would end up there too).

So, what would you like to see for the ScrewTurn Wiki community?

New Year, New Management

January 20th, 2010 by Dario Solera | 20 Comments | Filed in Community

Sit down. Make yourself comfortable.

The Background

I started working on ScrewTurn Wiki in early 2006. It was supposed to be a simple content management system for my personal website and a way to learn ASP.NET 2.0, but it soon turned out to be of interest to others, thus I decided to release it to the public.
Four years has come past, and it’s been a great journey. I learned a lot of things and the project survived three major releases and a Visual Studio and .NET version upgrade. In the meantime, I graduated and I worked in a couple of great companies, one Italian and one French. I had the chance to work on though problems with the help of cool technologies.

I wanted to found a software company since when I started attending my university courses. You know, we’re all a bit excited by the story of our predecessors: Larry and Sergey come to mind. To me, the most important source of inspiration are guys like Joel Spolsky and, more recently, Giacomo “Peldi” Guilizzoni, which is my new hero. Superstar startup founders are not the end of the story. You can learn a lot from less famous yet very competent entrepreneurs, and I had my chance to do so.

The Outcome

Well, the time has come. On January 7, 2010 I officially founded a new company, together with two other guys, Matteo and Michele: it is called Threeplicate Srl and of course it’s based in Italy.

What will we be doing? We’ve got something going on behind the scenes, but we’ll continue maintain, expand and improve ScrewTurn Wiki. Technically, Threeplicate has acquired ScrewTurn Wiki but don’t worry, your favorite wiki engine will continue to be free and open-source.

The Reasons

It’s been a hard decision, but STW is now too big to be developed by a single person and a fundamental change is needed, otherwise the project would collapse under its own weight. Mind you, Threeplicate will not be entirely focused on STW. Our goal is to make it an important part of our business, but we’ll diversify our activity quite a bit.

Besides that, we’re sure we’ll be able to build an even better ScrewTurn Wiki, with more frequent releases. We believe that STW will gain credibility especially for large, long-term projects. I’m sure that being a “real” company rather than a freelancer will attract some more sales of commercial licenses, helping to push the project forward.

Thank you for making this possible. After all without you, the users, ScrewTurn Wiki would be totally irrelevant.

Moving to FeedBurner

January 9th, 2010 by Dario Solera | 1 Comment | Filed in Community

I’ve finally made the decision to move the blog feeds to FeedBurner. I suggest you to update your feed reader to the new address:

http://feeds.feedburner.com/ScrewTurnWiki

Thank you for your attention.

Backup Plan

December 16th, 2009 by Dario Solera | 2 Comments | Filed in Uncategorized

As a couple of my favorite bloggers recently suffered a total data loss on their server and they had no reliable backup plan, I thought someone would be interested in how we do backups for the ScrewTurn website.

For a starter, the SVN repository is hosted at Unfuddle. svn.screwturn.eu is just a read-only mirror.

The backup is done this way, daily, via a set of batch scripts:

  • a comprehensive backup of the MySQL database (used for phpBB and WordPress) is generated using the integrated scheduler
  • the database backup file and all the other data (websites, SVN repository, etc.) is packed in a ZIP file
  • the ZIP file is downloaded via FTP from a remote machine; the latter runs in Italy while the server runs in New Jersey, USA.

The most important part: how can we make sure that the backup works? Because we used it to migrate the site to a new server, and it works. The backup is all-inclusive: even scheduled tasks are backed up. The only thing that is not included is the IIS metabase, but for that I have a copy stored on my PC (also backed up daily).

Trivia:

  • daily backups are preserved for an entire month offsite and for a week on the server, in case we need to restore something that’s been accidentally deleted (or hacked)
  • the ZIP file containing the backup is roughly 465 MB, growing 1.5 Mb a day
  • backups take up to 25% of our daily network traffic.

I’m personally a bit paranoid about backups, but I think they’re worth the time and money spent.

Bottom line: in case the whole datacenter blows up, we would only lose a day worth of data, which consists of a dozen forum posts, on average. All the other data is either a copy itself (SVN) or does not change very frequently (content of the wiki, the blog).

What’s Up?

December 14th, 2009 by Dario Solera | 1 Comment | Filed in Community, Development, Localization

There is nothing much going on lately, except bug fixing and translations. ScrewTurn Wiki 3.0.2 will have some completed or new languages (including Spanish, French, German and Afrikaans). The plan is to release the maintenance version as soon as those languages are ready. All non-complete languages will be remove from public releases, but will still be available in source code and nightly builds.

Besides that, we’re receiving a lot of valuable feedback on the v3 release and we’re planning changes for the next major version. Main focus area are the search engine and the editor, which got better in v3 but still require quite some work.

2009 has been a wonderful year for us, so we’d really like to thank everyone who has contributed time, translations, code, patches and feedback to the project.

There will be an interesting announcement in roughly a month, so stay tuned for updates. In the meantime, don’t hesitate to leave some feedback in the forum. Don’t forget you can also follow us on Twitter.

On Dumb Crackers

November 12th, 2009 by Dario Solera | No Comments | Filed in Internet, Security

It happens that there is an old version of a PHP-based CMS application that is affected by a bug that, if I understand correctly, allows an attacker to alter the content of a part of a site, called snippet.

ScrewTurn Wiki has snippets (but they’re secure).

The funny thing is that we get a ton of attacks that try to apply the same technique used for the above-mentioned CMS to our website because, I think, there is a page called snippets. Crackers are getting dumber I guess…

STW, in such cases, simply crashes as the HTTP query string is a complete mess, so no worries, we fail fast. At any rate, even if the request was well-formed, an attacker cannot bypass the security configuration like she’s doing in the above-mentioned CMS: permissions are checked for every single request, including all post-backs.

Do People Understand Free Licenses?

October 23rd, 2009 by Dario Solera | 3 Comments | Filed in Off-Topic

Do people understand free licenses? Most importantly, do they understand the difference between the GPL, the Apache License, the BSD license? I don’t think so.

Why am I saying this?

You might be aware that I recently introduced an “Internal Usage” commercial license for ScrewTurn Wiki. It started as an experiment to see how many people would ask to purchase such license because their business isn’t compatible with the GPL. It turns out that there is roughly one request per week.

I’m generally a honest and fair person, so every time a user asks to purchase such a license, I invariably force them to notice that they can use and even modify the public packages for free, without any type of small print involved. I wouldn’t feel right selling them something that others get for free.

I’ve been surprised to know that quite a few managers or business owners in the software development field don’t even understand what the GPL is and what does it grants you to do. They’re ready to waste 100 Euros for getting even less than what is publicly available (commercial packages don’t include translations for example). It’s not much money, I know that, but what if it was 500€? or more? What if you’re doing the same mistake for many other applications, or even worse the mistake of not using a useful and perfectly suitable application because you’re afraid of its free license?

Guys, please, please spend a couple of hours studying the different free software licenses that the industry has agreed upon in the last several years. It’s very important for your business and, given the trends of the industry, you’ll probably have to deal with free software even more in the upcoming months and years.

Call for Translators

October 19th, 2009 by Dario Solera | 2 Comments | Filed in Community, Localization

ScrewTurn Wiki 3.0 still lacks decent translations in some relevant languages:

  • French
  • German
  • Spanish.

Additionally, there are several languages that were previously available in v2 but are still missing in v3:

  • Brazilian Portuguese
  • Danish
  • Dutch
  • Norwegian
  • Polish
  • Romanian
  • Serbian
  • Slovak
  • Traditional Chinese.

If you’d like to take over the translation in any of the above languages, or in any new language, please don’t hesitate to drop us a line at info@screwturn.eu. The translation process should take between three and five hours.

Note: translations are not included in the commercial editions, so your contributions are not being sold.

The Future of Desktop Edition

October 15th, 2009 by Dario Solera | 5 Comments | Filed in Community, Marketing

I’m seriously considering to discontinue ScrewTurn Wiki Desktop Edition. It takes too much time to maintain the desktop server and most importantly the installer (which has always been a bit clunky, not even supporting in-place upgrades). If you ever worked with Windows Installer and WiX, you know what I mean (plus, consider that the upgrade from v2 to v3 adds a lot of complexity).

As you may remember, last spring I published a survey and it turned out that less than 18% of the respondents used the Desktop Edition at the time. It’s still a big amount of users, and I don’t want to disappoint them, but the problem persists.

There are only two ways to fix this problem: discontinue the Desktop Edition, or make it commercial (paid) so that it justifies the required work. I’m currently more inclined towards the second option.

I don’t have decided yet, so for now the Desktop Edition will continue to exist for v2 only.

« Older Entries

Side Projects

  • RESX Synchronizer allows to synchronize multi-language .resx files (used for the development of ScrewTurn Wiki).
  • Pixel Picker enables to pick the color of pixels on your screen — very handy for day-to-day graphics-related activities.

About

  • Copyright ©2006-2010 Threeplicate Srl. All rights reserved. Some of the icons created by FamFamFam.
  • See our Privacy Policy.