What is Software and what is a Theme?

I’ve gotten a few more questions on upgrading from Tendenci 5 to Tendenci 7. It seems we have been overzealous in explaining the changes at https://tendenci.readthedocs.io/en/latest/ and here and here and very extensively here. Perhaps too much info and too technical.

Listening to a client I realized that maybe “geek speak” on my part was part of the challenge. Definitions:

  1. Themes – The “theme” is the visual part of your site that makes you unique. When a major change happens, like the rapid growth in mobile traffic, it is not uncommon to have to purchase or pay to upgrade your theme with WordPress, Drupal or Tendenci.
  2. Software – The “software” stack is all of the functionality below the theme. Open source projects are driven by a community and most modules or add-ons strive to be backwards compatible.
  3. Game changers – sometimes a company like Apple will invent a “game changer” like the iphone. Awesome! Oh, but wait. You can’t write software that works on a device that either didn’t exist or was a tiny fraction of visitors to your site when you first deployed your theme.
  4. LTS Timelines – Who sets the timeline for LTS (Long Term Support) major releases? In Open Source it is driven by the community around a project. Frequently it is a combination of software and “dependencies”.

Examples?

To use a large open source project as an example, WordPress users (like me – my blog is on wordpress) sometimes need to pay to upgrade a premium theme when WordPress does a major release.

WordPress has a theme compatibility checker.
https://codex.wordpress.org/Themes/Theme_Compatibility/

As WordPress makes changes and improvements, sometimes these impact WordPress Themes and their underlying code and use of Template Tags. When a new version is announced, WordPress users are recommended to check the various WordPress Theme Compatibility lists to ensure their WordPress Theme is updated and ready for the new version.

Drupal, another major open source project, lists information on how to upgrade themes to work with each version here:
https://www.drupal.org/docs/8/theming-drupal-8/theming-differences-between-drupal-6-7-8

Tendenci, a much smaller but growing open source project, is doing the same thing for the same reasons. You want a unique brand (your theme) and new functionality (the software) and you’d like it to be as low cost as possible. Hence software updates are “usually” free, it’s just when a “game changer” happens that you need to update your theme.

If you are really curious what is in a theme, there is a great infographic on WordPress themes here.

For more on EOL support on Tendenci 5 you can read this really long blog post. And of course your site will still work if you don’t upgrade, it’s just the Django community has moved on so it’s best to move with them!

Release Process
Django Framework Release Process

Please see this comprehensive blog post for more detail on the Tendenci 5x to 7x upgrade process.

 

NonProfits and Associations Love Tendenci

Written specifically for the NPO/Association market, Tendenci has continued to grow and adapt to meet the specific needs of these groups. From building on an open source framework that allows complete freedom  – to mobile responsive software design – to online forums and newsletter features that keep the community involved, Tendenci continues to invest in the NPO sector. And the NPO’s have responded!

We are pleased to continue our relationship with the following organizations that have recently released upgraded websites and extend a warm welcome to those that are new to the Tendenci community.

  1. University and College Designers Association Selects Tendenci for New Membership Website

    UCDA Tendenci Website

  2. Groundwater Resources Association of California Launches Tendenci Membership Management Website

    GRAC Tendenci Website

  3. The Children’s Assessment Center of Houston Releases New Mobile Tendenci Website

    CAC Houston Tendenci Website

  4. American Association of Singapore Launches Upgraded Mobile Tendenci Website For Their Membership

    AA Singapore Tendenci Website

  5. American Citizens Abroad, Inc. Launches Tendenci Membership Management Website

    American Citizens Abroad Tendenci Website

  6. Rice University Energy and Environment Initiative (EEi) Presents Transformative Solutions with New Website

    Rice University EEI Tendenci Website

  7. International Association of Directional Drilling Chooses Tendenci for Fast Launch of Member Website

    IADD Tendenci Website

Why Tendenci Chose Python over PHP

Note: this is a repost from the eschipul.com blog.

This blog is a WordPress blog written in PHP. And WordPress, which is written in PHP is a great platform when secured properly.

So why did our team choose to rewrite Tendenci Open Source and in the Python Programming language? It is a question I get asked a lot. We’ve never been a company that likes to talk in the negative if at all possible, yet it is important to talk about the megatrends going on given we work with associations and nonprofits.

Python Growing in Academia
Why Python instead of PHP for Tendenci

Source: https://www.upguard.com/blog/which-web-programming-language-is-the-most-secure

programming vulnerabilities
Vulnerabilities in each language

Source: http://info.whitehatsec.com/rs/whitehatsecurity/images/statsreport2014-20140410.pdf

security-report

Source: http://info.whitehatsec.com/rs/whitehatsecurity/images/statsreport2014-20140410.pdf

Popularity of a language is a trend, and what you want is as many developers familiar and liking the language of your open source project as possible. This means you have a better chance to have a secure web site and therefore a more secure future.

To be fair – as Disraeli said – “lies, damn lies and statistics” – so there is no one perfectly secure language any more than there is a perfectly “safe” hammer. There will always be operator error and programmers make mistakes.

So we’re not saying Python is perfect, and all of us have used most of the other languages on those charts at some point. We’re just saying we are pleased so many other programmers also like Python and Open Source. THAT is the best that can be done to secure your future online. Secure code that you can examine yourself and even host yourself!

Addendum: As I post this on the Tendenci Blog. Given we focus on non-profits, associations, memberships, education, medical, religious – basically the do-good cause-based organizations, I believe it is particularly important that the project is as transparent as possible. Sometimes it is healthy to inform everyone of WHY we made a decision seven years ago. Python was the right call.

Security Diligence Required to Prevent ePub or Mobi Javascript Hacks

Why Tendenci doesn’t support epub uploadS through the standard ui.

We love knowledge and knowledge sharing. And all of us read a lot – more and more on mobile readers. And yet the Tendenci software doesn’t support uploading epub files. First understand you have TONS of options to achieve your business goal and keep your site secure.

Free ebooks? We recommend you upload the epub to a resource like an Amazon S3 bucket or Dropbox and link to it from your site. That immediately solves the problem – you have a link to the resource on your site, just not “in” your site for safety and security.

Selling ebooks? Look at Amazon or Shopify or google it for tons of options. Even if the books are free, “selling them” on shopify will give you analytics and insight into consumers who are interested in your topic because they are being delivered to people next to other books!

As for the upload restrictions in Tendenci, here is why we are cautious:

While knowledge is great, security is more important. YES – TECHNICALLY YOU CAN PUT EPUB FILES ON YOUR TENDENCI SITE. But to do so your network administrator will need to do it for you for security reasons. The reason is that epub and mobi files can contain viruses or malware just like many other file formats (*cough* “Adobe flash” *cough*).

A book can have a code example. Depending on how your browser or e-reader “reads” that code example it may or may not execute the code. And that may or may not be malware. Typically the code itself would not be infected and would pass a virus scanner. Rather it would call another site and download a virus from that alternate location.

For more on the wonderful functionality that makes epubs more accessible, but also a security threat if not carefully vetted, visit http://epubzone.org/news/epub-3-and-interactivity

Two screen shots from the epubzone.org site are pasted below.

epub javascript

And examples:

pop ups from js in epubs

To be sure I love learning sites that have code that I can use to learn with in my web browser. MOOCs are awesome. But Tendenci is not a MOOC. So our current system is not set up to allow uploads of epubs or mobi given the millions of people who log into hundreds of open source tendenci sites hosted or in the wild. We are just cautious.

And again – there are alternatives.

  1. Upload it to a different location and link to it <– RECOMMENDED!
  2. Sell it with a company like Amazon who takes care of all of it for you <– RECOMMENDED!
  3. Have your Network Administrator upload it if you must. But if this is the case, why not just make it a PDF? <– NOT RECOMMENDED

PS – One part of being a hacker is you are frequently accused of being an “Eeyore.” This is tiring. And incorrect. Caution online is really – well – the teamwork of Q and Bond. Aware of current reality. Curious. The ability to think perhaps a bit deviously. To know what is possible – both good and bad – to protect you.

to use “www” or not to use a hostname and just go to the apex domain?

Stop using URLs without the www or some other prefix. They are not your canonical domain (so sayeth Google) and in fault tolerant networks they aren’t scalable (so sayeth Amazon and every other cloud provider.)

In the old days we had physical servers with specific IP addresses and the server routed a visitor to the correct site. Ah, the good old days. Now everything is flipped. In the cloud we use multiple smaller virtual servers and your web site can literally exist in different places at the same time. That means your IP address can be different at any moment.

So without getting too much into the cloud magic, one thing it does require to help future proof your site is for people to use a “real” URL for their website.

WAIT! Chill out, it’s not the end of the world. It’s not like https://tendenci.com doesn’t redirect to https://www.tendenci.com – no need to change your business cards or letterhead. But your “canonical name” includes a hostname (the “www” or “intranet” or “webmail” parts of the name.)

What you do NOT want to do is insist on blah.blah because it will, I promise you, come back to hurt you in the near future. It’s the Internet – things change. So we change with them.

From: https://blogs.akamai.com/2016/01/make-your-infrastructure-vanish.html

Root domain redirects

Let’s assume a user is navigating to your website www.acme.com. However instead of typing www.acme.com, they only type acme.com. Time to get a little technical. Hostnames are connected to a DNS based CDN like Akamai via a CNAME, which is a type of DNS entry that aliases the IP address resolution of one hostname to another hostname. For example www.acme.com could CNAME to webserver.acme.com and when resolving www.acme.com, DNS would follow the resolution chain of webserver.acme.com. For a fully qualified hostname like www.acme.com, you create a CNAME that will resolve to a hostname your CDN controls, which intern directs users to a CDN server that will serve your user. However it’s not possible to create a CNAME for a root domain like acme.com. It must have an A record, which resolves to an IP address. To get around this, many websites resolve their root domain to the IP address of their origin, and then have their origin server perform a HTTP redirect to their www hostname. This is another place your Origin can be revealed.

Can we hack a work around? Yes, in fact many clients still have “A” records that point to an IP address. Just know this is a case of “you’re doing it wrong.” Your registrar should do the redirect to a FQDN like www.tendenci.com and then have a CNAME record for it. It’s the future. And I’m just the messenger.

Google’s article on using canonical URLs also explains it quite well https://support.google.com/webmasters/answer/139066?hl=en

google-canonical-urls

Which goes on to explain:

While these systems make it more convenient to develop and distribute content, they cause some challenges when people use search engines to reach your page. For instance:

  • Consolidating link signals for the duplicate or similar content. It helps search engines to be able to consolidate the information they have for the individual URLs (such as links to them) on a single, preferred URL. This means that links from other sites tohttp://example.com/dresses/cocktail?gclid=ABCD get consolidated with links tohttps://www.example.com/dresses/green/greendress.html.
  • Tracking metrics for a single product/topic. With a variety of URLs, it’s more challenging to get consolidated metrics for a specific piece of content.
  • Determining the URL you want people to see. You prefer people reach your green dresses product page via https://www.example.com/dresses/green/greendress.html rather than https://example.com/dresses/cocktail?gclid=ABCD.
  • Addressing syndicated content. If you syndicate your content for publication on other domains, you want to consolidate page ranking to your preferred URL.

To address these issues, we recommend you define a canonical URL for content (or equivalent content) available through multiple URLs.

The good news? By fixing your DNS to NOT use the apex domain your web site is ready for the future and more fault tolerant today. It’s a good thing.

Tendenci Continues to Win and Retain Business Clients

Tendenci’s growth makes it a great value for businesses focused on security and ease of use in a very robust open source project.

It is true that Tendenci is a very large open source project focused on the NPO sector, but value is value and businesses love Tendenci as well. How big is Tendenci? Login to the demo site to see for yourself at https://demo.tendenci.com (please remember the demo site resets every hour for spam prevention).

So it’s great to see all of these clients utilizing Tendenci and continuing to benefit from Open Source!

  1. Trendsetter Engineering Showcases Breadth of Services on their Tendenci 7.2 Responsive Site

    trendsetters-pic

  2. Subsea Technologies Inc. Offers Product Sales and Rentals for Underwater Operations using Tendenci Open Source Software

    Open Source for Business
    Subsea Technologies Launches Tendenci 7.2 site
  3. Ann Iverson Upgrades Online Presence with Mobile Tendenci Website

    Recent Responsive Sites running Tendenci Open Source Software
    Recent Responsive Sites running Tendenci Open Source Software
  4. Brooks Acevedo Attorneys at Law Launch New Site to Educate Home Healthcare Provider

    Recent Responsive Sites running Tendenci Open Source Software
    Recent Responsive Sites running Tendenci Open Source Software
  5. John Surtevant Launches Mobile Tendenci Site to Expand Market Reach

    Recent Responsive Sites running Tendenci Open Source Software
    Recent Responsive Sites running Tendenci Open Source Software
  6. Harris Leasing Upgrades to Tendenci 7 to go Mobile Responsive Nationally

    Recent Responsive Sites running Tendenci Open Source Software
    Recent Responsive Sites running Tendenci Open Source Software

Tendenci is flexible enough to let you turn off modules you don’t need, and SEO friendly enough to make it a great alternative to proprietary CMS systems.

  1. No Proprietary Technology Lock In
  2. No Long Term Contracts
  3. No “Named User” pricing to prevents “Knowledge Silos”
  4. Greater Functionality
  5. Open Source and an Open Community

These are all things that forward thinking companies, not just non-profits, are starting to realize. And the wave of technology continues to compound behind large open source projects like ours (the entire Tendenci community’s). So sayeth the data.

which_web_programming_language_is_the_most_secure_

Source: https://www.upguard.com/blog/which-web-programming-language-is-the-most-secure

 

 

Tendenci Exports – Plus Easy Ways to Make Static Copies of Your Site

Today’s Tendenci community knowledge share. Here are three very easy free or low cost methods of making a static copy a web site. Use with caution, just know you have the power.

On Windows you can use HTTrack https://www.httrack.com/

HTTrack_Website_Copier_-_Free_Software_Offline_Browser__GNU_GPL_
Download a static version of a web site to your PC

On a Mac computer you can use sitesucker ($5) http://ricks-apps.com/osx/sitesucker/index.html

SiteSucker to download a static site to your Mac Computer
SiteSucker to download a static site to your Mac Computer

On the go? You can also use sitesucker from the app store to download to your iphone or ipad for $2 http://ricks-apps.com/ios/sitesucker/index.html

Use IOS to download your site for $2
Use IOS to download your site for $2

Of course for structured data in Tendenci, there are TONS of ways to export including exporting a copy of your entire database. There are help files on common exports like How to export your membership . There are too many options to list them all, but I’d encourage you to visit the support center or just google “tendenci exports” for more.

If you are on version 5 and want to “kick the tires” on Tendenci version 7, use https://demo.tendenci.com – you can login here https://demo.tendenci.com/accounts/login/ using “admin/admin” or “user/user”. It does reset every hour or so because of spammers but you can still get a feel for it. A HUGE upgrade from version 5.

Tendenci Admin Default Dashboard
Tendenci Admin Default Dashboard

There is also a previous post on making a static copy of your site here that is a bit more technical as well.

Why do we point out all of the ways to copy your Tendenci site (or most sites really)? Doesn’t that make it easier to leave?

Yes. Yes it does. BUT people rarely leave. Or if they do, they typically stay on Tendenci and self host. They’re still part of the Tendenci community which helps us all.

Another reason we promote exports and offsite backups is because we know the more freedom you have, realizing you have that freedom especially on the Tendenci open source platform, makes it less likely for clients to leave.

Think about it. Why would anyone who actually understands their product is open, does far more than other options, is lower cost, and they can self host if they want… why would that person make the decision to leave? It’s illogical.

I mean, who wants to be the President of an Association that takes it backwards in time to proprietary technology or an older open source software built on an unpopular programming language? That’s not in the best interests of the association long term.

Tendenci is written in Python and uses Java and Javascript libraries. This linked chart says it all.

programming-popularity-2016
THE 8 MOST IN-DEMAND PROGRAMMING LANGUAGES OF 2016

Popular programming languages means more coders for open source projects written in that language. And more capable people to modify and customize your install if you choose.

One of our goals is FREEDOM from the tyranny of per-user-licensing, proprietary products that want to own YOUR DATA, long term contracts, sites that post your events on THEIR site so if you leave then the history of that event is gone in the blink of an eye. Companies don’t own your data and they shouldn’t trap you.

We think that is unethical and just wrong.

Membership Management Software should be Open Source, Accessible, Responsive, and Search Engine friendly by default. Tendenci does all of those things.

Further we believe that Open Source Membership Management Software should be written in a Modern Programming Language like Python (watch out for bunnies) and the software should documented and open source (free, as in beer.) Even the US Government likes Open Source!

Want to change something? Get involved! Post on the forums at https://ww.tendenci.com/forums or post an issue at https://github.com/tendenci/tendenci/issues . If you are a programmer or into documentation, submit a pull request.

We make it easy to leave because we hope you don’t. Hence Tendenci has an incredibly low churn rate. That creates stability you can count on.

#peace

Tendenci 5.x EOL is Approaching !IMPORTANT!

URGENT REMINDER – TENDENCI 5.X IS APPROACHING “END OF LIFE” AND STOPS BEING SUPPORTED IN NOVEMBER 2016. 

tendenci-mobile-responsive-standard

Mobile and responsive is the new baseline and we need to get everyone updated for security and to be secure and mobile responsive. The timelines are listed on our site at https://www.tendenci.com/tendenci-life-cycle/ .

timelines

Upgrade pricing from 5.x to 7.x is a one time cost and we’ve done our best to standardize them and make the process affordable.

https://www.tendenci.com/tendenci-upgrade-options/

A Longer Explanation for those who like knowing all of the details. Because we like being open and transparent.

Let’s keep it simple. Think about tires. When you buy tires, over time, they wear out. You can’t keep adding tread to them. At some point you have to get new tires or you are in an unsafe vehicle risking your own safety as well as that of everyone that rides with you or is near you on the roads. It’s irresponsible to drive an unsafe vehicle.

Or as Billy Joel explains it:

WHY CAN’T WE JUST KEEP GOING AS IS? YOU KNOW, JUST IGNORE IT?

(Yes, I really got this question recently.) Because software that is outdated can have security holes. Security updates are the most important. Tendenci runs on top of lots of other amazing open source products, which are called “dependencies.” Tendenci’s dependencies are listed here in the code.

Yes you have your own site. But you are sharing email servers, backup servers, email relays, security scanners, proxy servers, firewalls, access control lists, IDS/IPS systems and they are all are part of an environment that is watched very closely.

Going back to the car analogy. Porsche doesn’t make every component or the tires that are installed on their cars. When you wear out the tires, you have to upgrade. Similarly if a component that Tendenci uses is not maintained by the project behind it, then you are in danger of hurting others. A simple example would be if someone found a way to hack your site and sent spam emails, then the shared email server for the server-farm your site is in could get black-listed. That hurts ALL of the clients using that shared resource. Just like when your tire blows and you wreck into another car. It is then fundamentally your fault for not maintaining your vehicle.

Why do I want to upgrade if I just don’t care about security?

This is a bad idea. There is performance, functionality and a ton of new features you are missing out on. For more click the image below to go to the newsletter that highlights a lot of it.

some-new-stuff

And this is what we now consider baseline – responsive across all devices.

If you are thinking “THIS IS THE FIRST I HAVE HEARD OF THIS!?” .. um…

No. No unfortunately it is not. It’s just the first time it got your attention. We get it given we also miss communication sometimes given the amount of noise in our inboxes. Here are some links below so you can catch up a bit. And Tendenci 7.x is WAY ahead of Tendenci 5 because of industry changes – you really want to upgrade.

But yes, we have communicated this over and over and over. Links:

  1. Tendenci’s Version Lifecycle is here: https://www.tendenci.com/tendenci-life-cycle/
  2. Dates are driven by Django Supported Versions timelines: https://www.djangoproject.com/download/#supported-versions
  3. Tendenci Notification in News on Tendenci bumping from django 1.4 to 1.8 https://www.tendenci.com/articles/tendenci-open-source-lifecycle/
  4. Tendenci email newsletter sent to all clients onTendenci bumping from django 1.4 to 1.8 and some of the great new functionality https://www.tendenci.com/tendenci-upgrade/

Your users and the search engines expect you to have an SSL encrypted and mobile responsive website that is ADA compliant. NEW technology that consumers use and new behaviors have emerged and people expect more. Blame Al Gore and Apple and Microsoft. Tech changes fast.

WE LACK THE POWER TO MAKE EXCEPTIONS AS WE DO NOT CONTROL THE FRAMEWORK.

To our open source and our hosted clients, it is imperative that you do NOT ignore the pending “end of life” for the 5.x version of Tendenci. You must upgrade. From December 2015:

Django 1.49 EOL drives Tendenci 5 EOL date – time to upgrade

From the DjangoProject website:

django-supported-versions

And the future is outlined as well:

django-future-roadmap

PLEASE DO NOT IGNORE THIS NOTICE. TENDENCI IS A COMMUNITY. AND OUR COMMUNITY IS PART OF THE DJANGO ECOSYSTEM. WE MUST STAY SAFE.

Is there a charge to upgrade your site from Tendenci 5 to Tendenci 7?

Yes. Why? Because from Tendenci 6 forward we require all sites to be responsive (meaning they work on mobile devices). To achieve this we chose bootstrap as the front end css framework for standardization. Bootstrap 3 is very flexible with many options for low cost templates such as found on wrapbootstrap.com

What is the cost of upgrading from T5 to T7?

If you are a developer, there is no cost besides your time. Just follow the instructions at https://tendenci.readthedocs.io/en/latest/ . If you run into a problem post an issue on github at https://github.com/tendenci/tendenci/issues

If you are not a programmer or developer then you will need to work with one to complete the upgrade. It can be our team or a Django developer of your choice.

Please remember that Tendenci is fully open source and available at https://github.com/tendenci/tendenci/ in addition to the documentation linked above. No gotchas or hold-backs. Just very direct and honest communication of the facts and accountability through code reviews.

Did clients get charged upgrading from Tendenci 6 to Tendenci 7?

No, they did not. The upgrade from Tendenci 6 to Tendenci 7, then 7.1 and now 7.2 was all done automatically. These sites were already responsive and it is the front graphics changes that require human intervention as opposed to scripted updates.

Why are you charging to upgrade from Tendenci 5 then?

Because the layouts used back then were not standardized because there was NO CLEAR STANDARD. Thus every site was a bit different. On Tendenci 6 and 7 they are strictly standardized on the front end on Bootstrap 3+, a front end responsive framework made by Twitter. The appearance of Tendenci 7 sites is very diverse, it’s just the behind the scenes name-spaces that require updates.

Do we have to use your company to upgrade?

Of course not. Tendenci is open source. The whole freedom thing. We are the only membership management software company ranked in the top 20 by Capterra that is open source. You are part of a community with Tendenci, not some locked down solution that holds you hostage. 

If we don’t use Tendenci to upgrade, who can we use?

Python and Django are very popular. You are free to use any developer you want, self host or host with us.

The whole point of Tendenci is to enable freedom so you aren’t trapped with a proprietary vendor that locks you in by retaining control over your data, including redirecting links from your events to their domain so when you leave, you lose all of your inbound links and search engine rank. We do not support that practice. Unfortunately many non-profit boards don’t catch it until it’s too late and make the mistake of locking in future boards with no way out.

How easy is it to leave Tendenci? How do we know you won’t make it difficult?

Well first because that would be against our values. We make it easy to leave because folks have a tendency to come back when they experience the alternatives. We have found that the easier you make it to leave, to be free, the less likely people are to leave because the alternatives don’t share our values, particularly when it comes to data ownership. It’s your data. You own it and should have access to it at any point. Period.

An example: I believe (this is Ed typing) that WordPress is the best blogging platform in the world and I also love that it is open source. This blog is on wordpress. Yes we pay for hosting. And no, I don’t plan to leave WordPress. Even my personal blog is on wordpress hosted at another provider.

I don’t plan to leave WordPress specifically because I know that I can leave if I wanted to take the hassle on myself. I don’t – I have my hands full taking care of our team and clients. I just like knowing that freedom is an option because WordPress is like Tendenci – OPEN SOURCE.

You sound kind of over-the-top about open source and data exports? Prove it!

We’ve proven it. Look at our history. Look at our open source project.

Tendenci Commits
Tendenci Commits

 

 

 

Data doesn’t lie. And your site most likely has a repo on https://github.com/tendenci/tendenci/ to which we can provide you access. (they are obviously secured for your protection.)

We can also run backups directly to your own AWS cloud instance for S3. Actions speak loudly.

Type “Tendenci exports” into Google to see the number of options to export your data.

T5 clients – for you it’s not all automated but you have the same rights as everyone else. By that I mean, if you are on T5 not all of these exports were available 5 years ago through the interface but we will gladly provide a full database export that you can then import into postgres yourself. (Note: The technology simply wasn’t available back then, but the moment it became possible (which happened when we were on T6) we enabled clients to do full database downloads themselves. It’s YOUR DATA.)

Is this “charge to upgrade” going to happen every two years?

This one is a trick question. We have more work than we can do so charging you for updates is not our goal. But you already know that if you use the nav editor and the theme editor so you can make your own updates. Tendenci is about empowerment.

Tendenci is open source so you can work with a different developer and host with them if they are more cost effective for you.

Disruption causes adaptation which comes with a price tag

Disruption happens. That darn iphone. With candor, LTS releases tend to last two years. We didn’t invent the iphone or android so the switch to mobile responsive design was effectively dictated by changes in technology. We do our best to keep your costs down, but when Steve Jobs changes the world, we all get caught up and have to adapt. That isn’t a conspiracy, it’s an opportunity.

Are you sure? Is there ANY way I can upgrade for free?

I so wish I could wave a magic wand and make your entire site bootstrap3 responsive, but I can’t. Our contractors and employees deserve to be compensated just like you do. But you know that. Maybe there is someone your know, or maybe you, can redo your site’s theme in bootstrap3 to control costs. It is an option.

What I do know is YOU will not succeed with a non-encrypted and non-responsive web site. When we chose to make ALL SITES RESPONSIVE for all releases after Tendenci 5, yes, it required us to contract with graphic artists for your upgrade and obviously these talented people deserve to be paid for their work.

What is Tendenci doing to help us control costs?

We already have far greater functionality at a lower price than all of the proprietary vendors. True, we don’t have a sales team to fill out a 5 page excel RFP, but we have a demo site where you can see for yourself at https://demo.tendenci.com admin/admin login (resets every two hours.)

The comparison grids several competitors have on their sites are WILDLY INACCURATE. Our target client wants the additional functionality of Tendenci, to be a part of a community, they understands open-source, they are cause focused more than monetary focused, and knows how to do due diligence.

Tendenci open source means GREATER FUNCTIONALITY. The freedom is a bonus.

But the competition says they have greater functionality?

They don’t. Do a fact check and judge for yourself. Facts are facts. See above. Just for fun, ask to look at their code. #heh Why? Because a community of interested people will add to Tendenci and everyone benefits instead of all of the money going to a proprietary vendor who says they own your data.

Your data is your data.

Do I really need to upgrade my Tendenci site now as it’s been fine the last 11 months since you first told us we had to upgrade? Can’t this wait until next year?

NO! November 30 2016 or you need to self-host or move to a dedicated server. We cannot be responsible if the underlying software is no longer being maintained and therefore may not be secure. That legal burden falls on your board.

This is NOT Tendenci making the decision or driving the timeline. We blogged about this last December in particular as soon as we learned of the announcement from Django. See above.

Why can’t I get a personal hand written note like in the old days?

Man, I miss those days. Unfortunately, we simply can’t identify every stake-holder inside of every NGO/NPO/Association/Business we work with or who self hosts. By definition there is constant turn over on non-profit boards. And we have no way of tracking open source clients using Tendenci in the wild.

We love our open source clients, but we aren’t “big brother” and don’t currently have a 100% method of tracking or communicating with these awesome developers outside of the blog, facebook, twitter and newsletters.

OK, after we upgrade, what then?

We are working hard to keep upgrades and updates automatic and at little or no cost. The evidence speaks for itself in the no-cost site updates from 6.0 to 7.2x. Judge us by our actions.

Yet, if someone invents another disruptive technology, well, logically there could be a cost for an upgrade once it requires changes that can’t be automated.

If you host with us, contact, budget and schedule your upgrade. If you self host then please read all of the documentation which explains the full process and is posted and available online at https://tendenci.readthedocs.io/en/latest/

So how much does does this cost if we go with Tendenci team to do our upgrade? It scales with the type of upgrade you want to do and they are listed on our site here:

https://www.tendenci.com/tendenci-upgrade-options/

It’s always hard to have a crucial conversation with clients. I strive for candor and fairness as the leader of the company behind the community. We want you happy. Technology changes. We’ve done our best to keep the price as low as possible. Thus in closing, I’ll leave you with another image of a happy puppy because they make us smile, and like Tendenci, they enjoy a community of supporters but also being able to run free every once in a while.

happy-puppy

Our first transparency report

We just posted the Tendenci government transparency report for January 1 to June 30, 2016 to our site. Nothing to report, but a new process put in place keeping with the values of the Tendenci community.

Why? Because all companies that store information, like electric companies, phone companies, email providers, search engines, etc, must respond to requests from the government. That includes us. The solution is transparency reporting because we think you have a right to know.

Tendenci Transparency ReportingWhy now? The (previous) absence of transparency reporting including a canary clause was brought up at a recent convention. We listened to you. We agree with you. So we fixed it. It’s pretty boring and let’s hope it stays that way.

Thank you to the client who asked about it! Tendenci is a community and we appreciate dialog that helps the community. Y’all rock!

You can find Tendenci’s transparency reports at https://www.tendenci.com/transparencyreporting/

What’s next? We would love to hear from you about your best practices for data retention. If you are willing to share, please post those in the Tendenci forums.

malicious stuff – it’s real

sguil_rocksOn our little company blog on our tiny corner of the Internet (relatively speaking I guess) this is the current reality. Mind you this is just our blog and not attacks on our site or on client sites.

Tendenci blog stats – blog.tendenci.com
132,055 Blocked malicious login attempts
282,058 Spam comments blocked by Akismet

#joy

Note that Tendenci is not a blog platform – it’s on Python and Django and open source https://github.com/tendenci – but our blog is on wordpress as my personal blog is. WordPress is doing an amazing job fighting hard against the constant php attacks.

The numbers above speak for themselves. I still think WordPress is the best blogging platform out there. But just WOW. I just don’t know that people understand what they are up against.

Yes I’ll share some of the data on attacks on our cloud infrastructure which aren’t that far off as a percentage. This is just me pointing out that the Internet isn’t a nice place. If you have a WordPress blog I HIGHLY recommend you install JetPack from WordPress (free) as well as Securi. It’s worth it.