It’s been a week since this blog went down due to security issues at my hosting provider. Nothing serious, in fact they were upgrading security measures in PHP and MySQL, to prevent piracy and other mischief. As a result, a number of security settings were enabled which disabled some (weak in sense of security) functions in my weblog. After an upgrade to PHP5, things were fixed, but it took me another 2 days to find out that my Serendipity engine was not able to deal with that because it relied on experimental PHP4 features. This proves two things that I’ve seen before in software engineering:

  1. Using experimental features of a platform in a product is stupid
  2. Quality attributes (like security) cannot easily be added to a product after development of functionality. Take them into account from the start.

Many thanks to the people at HostingExtreme for working on a secure hosting environment, and for helping me fix this.