Month: August 2019

Spin Rewriter blog has a new (better) home

It has finally happened! 😀

After quite a bit of effort over the past week or so, we have finally given the official Spin Rewriter Blog a home it deserves.

As you must have noticed, up until this point the Spin Rewriter Blog lived right here — inside my own personal (AaronSustar.com) blog. Sure, all relevant posts were tagged with the “Spin Rewriter” keyword for easy browsing, but still — at its core, this situation was less than ideal.

It also felt jarring for visitors browsing the Spin Rewriter website that they were taken to an entirely different website when they clicked the “Blog” link in the main header. Sure, a lot of companies are doing it this way, hosting company blogs on dedicated blogging platforms (such as WordPress) — but it’s definitely not the best way of doing it.

And here at Spin Rewriter, we only want what’s truly the BEST for you, our awesome users. 😀

So, here’s what we did:

  • We set up our own custom, in-house blogging platform.
  • We moved all 292 existing blog posts from the current WordPress-based blog into our own blogging platform.
  • We updated and re-formatted all imported posts as required (this included moving all uploaded images to the primary Spin Rewriter website).
  • We created 3 new types of subpages on the Spin Rewriter website: Blog Home (self-explanatory), Blog Archive (e.g. when browsing posts by month) and Blog Post (when reading an individual post).
  • We added “301 redirects” from all existing Spin Rewriter related blog posts on AaronSustar.com to their rightful place on the Spin Rewriter website. As you know, SEO is pretty dang important!
  • We rolled out the new on-site blog to our live (production) servers.

And that’s it. With that, all of our existing 292 blog posts about Spin Rewriter now live on the Spin Rewriter website, in its Blog section.

And now I’m off to write the first ever blog post that will only appear on the new on-site Spin Rewriter Blog.

It’s a big one. A HUGE ONE. And you’re welcome to read it here!

Further improved security

In early August we noticed a brute-force attack that was targeting our login form.

The attackers were targeting 6 specific Spin Rewriter accounts, and they were sending us hundreds of login attempts per minute that were coming in from a variety of different IP addresses.

These login attempts were trying what appeared to be a set of predetermined passwords (we have no way of knowing the exact passwords that were used in the attack because we always hash the passwords before storing them, like every web service should).

So, first the good news: None of the accounts were compromised. The attackers gave up after a couple of hours, after getting nowhere.

And the even better news: In light of this, we’ve taken another look at our login system and the code that powers it. We are extremely satisfied with how well it has done, and we’ve now also tweaked a few parameters to make the login system even more secure, out of an abundance of caution.

Without revealing too much (this information could help guide potential attackers in any future attacks), our login system remains truly state-of-the-art, following all modern security standards, now also including rate-limiting after a set number of failed login attempts in a certain time frame, and so on.

So you can rest assured that your Spin Rewriter account (and all of your articles and other information inside of it) is safe and waiting for you — and you only. 😉