Preemptively deplatforming my own website: a ludicrously overbuilt WordPress hosting setup

It’s cheap, easy and fast to host your videos on YouTube! Why would you bother to do anything other than hosting your videos with a hosting provider? You can just paste the video URL into WordPress and it’ll Just Work, embedding your video! You don’t even have to think!

Here are a few reasons: major hosting platforms aren’t in the business of agnostically hosting my content nearly as much as they are in the business of soliciting uploads and driving engagement with their userbase so they can maximize ad revenue. They constantly push “views” and other metrics on you if you start uploading, which drives one to care more about the popularity of uploaded content rather than living ones life and taking the odd video or photo for friends and family. The press is always to be a good serf for the digital sharecroppers, although the term of choice these days is “content creator”. Me, I’m a bit old-school, don’t fancy producing content to line the pockets of Google’s shareholders. Moreover, I don’t trust them to not pull the rug at the slightest provocation; start charging for uploads, for hosting, to completely de-list my videos en masse for malicious copyright infringement claims (or who knows! merely including my childrens faces or voices!), the list of possible downsides is pretty much endless. I’m also extremely paranoid, and expect that every frame is scraped for faces and pumped directly into the NSA and probably mainlined over into Zuckerberg’s machine in some nightmarish data-sharing arrangement.

Not that my personal setup is going to prevent any of the above happening, but I’ve got a hair more control over my life if I set things up correctly for myself.

Let’s step back for a second, and enumerate the design requirements for this website:

  • share videos and photos of my children reasonably privately with friends and family
  • upload arbitrary numbers of photos and videos without worrying about disk utilization on the underlying servers
  • deliver oodles of bits of video and imagery to my friends and family (and sure, others, so long as I care to) without costing myself astronomical ingress and egress fees
  • deliver those bits very very quickly, so that the impatient folks in my life can actually view them
  • support comments

In a nutshell, I want to ship a personal social network. I want my friends and family to be able to see photos and videos, to be able to put some kind of role-based access control in place around that private content, and for folks to be able to interact.

In a comical twist of synchronicity, the PHP website authoring toolchain/spittoon/pile-of-chairs that goes by the name of WordPress and was released just before Facebook allows one to build a narcissists-paradise of a personal website where you can get everything that Facebook provides, except for the low-friction and low-value interactions from your ultra-extended network.

The classic adage here is “if you’re not paying for the product, you are the product”, and it’s worth noting that for approximately 20 dollars a month, I get:

  • ~unlimited photo and video hosting
  • private posts, private videos, private photos
  • uploads from mobile
  • social login
  • persistent links to all of my content
  • deplatforming and shadowbanning insurance

I haven’t really started leaning on the CDN for content distribution (not having uploaded much either), but at a free terabyte per month and 8.5 cents per gigabyte after that, costs should be reasonable for the forseeable future.

Cart remains before the horse, so let’s walk through the truly trivial architecture at work here.


  1. WordPress hosted on EC2
    1. $4.15
  2. Managed by Lightsail
    1. $8.32
  3. Route 53
    1. $1.10
  4. S3 bucket for static assets (JS, CSS, cached pages)
    1. $0.03
  5. S3 bucket for media uploads (photos and videos)
    1. $0.03
  6. CloudFront distribution
    1. Probably free

And, the WordPress-specific tooling that makes it all work together:

  • W3 Total Cache for static asset minification, compression, S3 upload and CloudFront serving
  • WP Offload Media to ship uploads to S3 and host them out of CloudFront
    This plugin is also an option on putting another layer of security on photos and videos, something like 60 dollars buys the pre-signed URL upgrade, which ensures that content URLs are a) unique per viewer and b) expire (although this does nothing to prevent folks from pulling assets directly out of the webpages, but shrug. Defense in depth and so on).
  • Super Socializer for federated login
  • PublishPress Permissions for the roles implementation and to enforce that viewing specific post categories requires specific roles
  • WP Mail SMTP for email (new accounts, password resets) (plugged into Amazon SES for delivery)
  • A custom shortcode for embedding .mov files
    I lost patience trying to figure out how to get the media manager in WordPress to emit custom HTML for .mov files, so I wrote a custom shortcode that craps out the appropriate HTML element. Technically I coached ChatGPT/Codex to write it! Snippet:

    function mov_embed_shortcode( $atts ) {
        $atts = shortcode_atts(
                'src' => '',
        $src = esc_url($atts['src']);
        return '<video preload="" controls="controls" width="300" height="150"> <source src="' . $src . '" /> Your browser does not support the video tag. </video >'; }
    add_shortcode( 'mov-embed', 'mov_embed_shortcode' );

    Usage is [mov-embed src=""]

I suspect that I’ve put about 40 hours into the infrastructure of this website so far, and I’m pretty pleased with where it sits. I can upload much as much imagery and video as I feel like without worrying about exhausting disk space or costing myself an arm and a leg in EC2 data egress fees while hosting at arbitrarily high resolutions. I’ve been dorking around in AWS for several years now, so I’m comfortable with the security boundaries I’ve set up around this particular wad of PHP. For example, when I encounter suggestions like “give the IAM role for WP Media Offload S3FullAccess” my eyebrows climb and I bake a custom policy that’s far more appropriately restrictive (they do at least bother to document the minimal possible policy but you have to know to look for it). I also know out of the gate that I want to use some kind of a blob store, and then host that stuff from a CDN, and keep the blob store private and so forth, so there’s little learning here for me and much doing. Kind of like gardening.

Friends have asked in the past (when I ran a previous blog, also WordPress, of an entirely different provenance, and on a ludicrously overpowered physical server) why I even bother doing this? Why not plain text files? Why not hand-crafted HTML? Surely nobody will ever comment on your blog. Surely you’ll never actually need the content distribution setup.

Do you know folks who enjoy gardening? What about home improvement projects? I enjoy neither getting paint on me clothes, nor dirt beneath me fingernails. I still enjoy screwing around with computers to a certain degree, and doing it in the small brings me some of the joy I imagine that cultivating a beautiful garden brings those who are into gardening. Knowing that I can upload media willy-nilly I hope gives me the mental freedom to do so. Knowing it will deliver quickly gives me confidence in posting. Having some kind of social login makes me confident that if my elders wish to view photos and videos of my kids, they can do so.

We do easy things, and we don’t do hard things. If releasing changes to software is difficult and encumbered by checklists, QA or Product staff getting involved at the last minute as changes are going to production, the whole team will develop a resistance towards shipping constantly.

This garden is where I practice what I preach around systematizing workflows, ironing out kinks and sanding off rough edges. I like writing, and writing in public has always helped me refine my voice and style. While I hope this machinery will reduce frictive points; past behavior suggests I’m simply going to stop posting for the next 3 months, having scratched the itch and made my personal website hilariously fast.

The last thing I want to take care of is to update the DNS record for the media CDN so that it’s instead of some garbage CloudFront URL, makin me look like a noob, but every time I do that something goes haywire with DNS on my home network and I bail. Until another day!

Leave a Reply