Why is this website here?

The most accurate answer is it's fun to work on, and it's primarily just a place for me to have fun putting things into little boxes. Literally making this site, by itself, is pretty fun and relevant to me. It involves both technical work and consolidation of ideas. I get tons of this at work anyway since I'm a developper, but the difference is this is my playground, so there is no time pressure, I can put whatever I want, however I want it on here.

Most of my learnings, proffessional practice, readings and ideas are not public, and since I don't update my Linkedin, probably never will be. Some stuff would be fun to share though, so I'll do it here.

The things that appear here are interesting enough to me that I've put some time into publishing them, and that's about all this place is. There are no big plans for it.

That doesn't mean there aren't any plans for it though. A few things that might pop up are:

• A climbing journal (I like to climb)
• A reading list, or maybe book reviews
• Projects or technologies I work on, with or even just find interesting

While working on this site, I learned how to setup an Apache Webserver (which I had done before with guidance). It's pretty freaking easy to setup. I primarily followed the Digital Ocean guides, as well as using Webbkoll to check that I was implementing the correct security policies for the backend. I also used SSL Labs to test for known issues in the transport layer protocols used and to check for known vulnerabilities. Funny story, this site isn't IE11 compatible because of some TLS settings I think, oh well... No one is going to visit it anyway. Both of these site provided not just "ratings" but also a wealth of links and information so I learned along the way what was going on. Really nice examples of usefull sites, both of which are bookmarked in my browser now!

I used Let's Encrypt to generate a cert, and it was also fun to mess around a bit with the aliases for my website (which you might have noticed redirect you from the root domain to malc.olmwatt.ca!). HTTP headers, DNS records, even public key encryption and certificate validation are all things I learned about in my networking class during my degree, and they are all things that I use routinely. However Apache was a new ecosystem for me and I've never been a webmaster before, so some of the basics of implementing these standard policies were interesting.

On a more personal level I decided not to do anything fancy with the actual site, because I find most sites I go on annoying as all fuck. Here is an exercise in minimalism I guess, but not that bullshit minimalism where your fullscreen webapp needs 5 seconds of scrolling to tell me you have two product lines and some contact info. I mean minimalism in that I decided against using pretty web templates and stuff, and pretty much my whole site is a few shitty html pages and some basic CSS. I'm happy with the decision.

I also learned how to setup Fail2Ban and put MFA on a linux machine (which is already denying password logins, thank you very much), which is pretty neat. Technically one component of security would be not publishing these details, but literally this site is like I said before, a couple HTML pages running on a minimum power VM. Go nuts hacking it I guess it's not like you would find anything very interesting on it.