A Static Site is awesome for bloggers. Easy to create (content), easy to maintain (website). And it allows you to tinker with your website design with just a bit of HTML/CSS know-how. The only issue with Static Sites is how to manage the comments section, as a bunch of static pages cannot handle form submission on their own.
But fear not, a bit of server-side scripting can solve it for you. The comments can be stored as individual files on the server, as I’ve mentioned in a previous post. After this, all I had to do was download the files on to my local machine and process them. In the beginning, I used to do it every week or so as the volume of comments was quite low. However, in the last six months, I’ve found that the increasing high influx of comments requires a daily check. Or, I will miss the genuine comments in the barrage of spam that hits my website every day.
As It Is (or The Current System)
I finally found the time to automate comments submission on my site. It’s been on my TODO list for so long that getting it done filled me with relief.
Let me give you a brief description of the setup I have so that you can better understand the automation performed.
- A PHP script on my server picks up the comments received through form submission on my website.
- The script processes the comment and saves it as a YAML file.
- I log-in periodically and download all the comments to my local machine.
- I check the downloaded comments and delete the spam ones. This remains to be a manual step.
- For each valid comment, I will check the post it belongs to and add it to that particular post.
- Build my website with the new comments.
- Deploy the new build to the web server.
Out of these steps, Step 4 is a manual one for me. As a result, I have 2 scripts:
- Download comments: A script to download comments and delete them from the server.
- Process Valid comments: A script to move each valid script to its post folder, build the website with new comments and deploy it to the web server.
Even if you are eliminating spam at the web server side (using Google Captcha or something similar), there will be spam leftover for a human to moderate. I would suggest not to eliminate the manual check from your moderation process. An attacker can design a handcrafted piece of code in a comment to wreak havoc on your web server. If you’re feeling brave, you can go ahead and write a single script ignoring the manual verification.
As It Should Be (or The Automated System)
I thought of BASH scripting to automate this process, as I usually have my MacBook Air with me wherever I go. I’m sure I will be using it for many more years to come!
To download comments, I used rsync Linux command. If the
rsync is successful, I delete the downloaded comments from the server. Here is a sample script.
This part declares the variables to be used.
rsync command to download the comment YML files.
The above part will delete comment files from the server if the
rsynccommand is successful.
else part above will usually be run if there are no new comments. I say ‘usually’ because the
else part is hit for any other errors as well. So it is better to keep logs of this part!
Once I run this script, I check all the comments downloaded onto my local machine and delete the spam. Now the remaining comments are ready to be processed by the next script.
Process Valid Comments
I will go through the script part by part, as before.
The variables are declared here.
for loop will process each comment file.
If no files found, exit the loop. Else, move on.
The above part is specific to my code. I check if the comment file has a line starting with
slug: . If it does, then it’s a valid comment. Else, move on to the next comment.
You can do processing specific to your comments in the above part!
I check for
SLUG, if it exists then I move the comment to its
post folder. If the
post folder doesn’t exist, then I create the
post folder and then move the comment.
This part gives information about the files that were processed (or not) by the script.
BASH may feel a bit weird to look at, and I agree the syntax is quite unintuitive. But you will get used to it after a while. After you build a small script like this, you will understand how shells work and model your script based on it.
There’s a caveat to using BASH (or any shell) scripting. Any shell can elevate to root privileges without you, the developer, intending it. And one of the easiest ways to do that is not quoting your variables. Have a look at the stack overflow thread, it’s worth the read.
I would suggest to run the BASH scripts from your terminal and never from outside your local machine. And this ties in with the manual verification step I’d talked about earlier. If the comment is not checked for spam, a carefully constructed piece of code can use your BASH script to attack your system!!
Use BASH responsibly, know the risks. It is quite powerful when used the right way.
I hope this post gave you enough information to automate your site! And Happy BASHing :)