December 2007

You are currently browsing the monthly archive for December 2007.

WPMU for School: Security Quick Overview

December 28, 2007 in Uncategorized | 4 comments

WordPress Mu is now installed on our school’s shared server space. It appears to be functioning as I’d like it–now that I hacked together a nice .htaccess redirect making it easier to access individual blogs. Before we actually let the students loose on their blogs, I need to think through security and make sure I can deliver on the promises made at our last tech meeting.

First, can it be set up so that individual students can submit content that will only be published upon administrative approval? The answer is yes–although there are limitations. Let’s explore the roles/permissions system:

  • Subscriber: can view site (only relevant if blog is set to be visible only by subscribers).
  • Contributor: Can write and edit posts, but they are not published until and administrator approves the content.
  • Author: Can write, edit, publish, and delete own posts
  • Editor: in addition to author permissions, can moderate comments, manage categories, edit pages, and other people’s posts.
  • Administrator: Has control over any option or setting in the blog, including moderating posts and comments.

Clearly, in terms of security, students would be best set at the Contributor level. I worked through a post as a contributor–indeed it worked as expected. Just to be sure, I went back to my test post to see if I could edit it as a contributor after is was published/approved by the admin. I couldn’t–that is a good thing from a security point of view. With Joomla, an administrator must change a post’s ownership to ensure that it is not edited after.

Unfortunately, the Contributor setting does not allow a student to customize their website/blog. There really isn’t another setting that would allow adults to moderate posts by students, so there is no other choice. Perhaps a teacher could log in and change their template.

Comment is another area of concern. At first glance, it appears that comment settings must be done on a blog-by-blog basis. Comments can be disabled, held for moderation, or allowed to appear when created. These options may be over-ridden on a post by post basis. At first glance, it looks like we can satisfy the tech committees needs, by moderating comments, although I will be testing this further examining all aspects of the commenting and notification of comments via email.

Registration can be disabled allowing only an administrator to create new accounts. Unfortunately, this requires a unique email for each user. This can be a hassle as you need a working email account to receive WPMU generated password. Not good news for elementary teachers whose students often don’t have email addresses. I will be looking for a hack to change this.

Finally, you have a few means of controlling who can view the site. First of all, each blog post can be password protected–effective in keeping non users out (which I have mixed feelings about). That’s about it if it weren’t for a plugin called private blog. Normally the privacy tab only allows you to keep out search engines. With private blog, you can set each blog be visible to only members of the individual blog, the blog community (by all users of the school’s WPMU installation), or only to administrators. While I feel that blocking the general public from a blog defeats its purpose to some degree, there may be times and circumstances where a “walled garden” is appropriate or the only acceptable option in accordance with policies.

Overall, WPMU appears to provide the security options needed to proceed. In some cases, implementation could be less awkward. I would like to see more of this controlled globally rather than at the blog level. I will be testing it more closely with dummy accounts to more closely examine any potential security problems, and to work through a workflow to administer the site. If anyone would like to help out, let me know!

Tags: , , ,

First Impressions: WordPressMU

December 26, 2007 in Blogging, Technology | No comments

Our school tech committee approved student blogs on a limited basis, so I have installed WordPressMU on our school’s shared server space. WordPressMU is a multi-user blog platform based upon the popular WordPress. Hopefully this will meet our needs for blogging at our school.

Like Elgg, there are no automatic installers for WordPressMU, so it requires a manual install. You need to set up a mySQL database and a database user and password. Next, you must download and unpack the latest WPMU distribution on your computer and upload it to the server. Point your browser to the directory to which it has been uploaded and fill in the the fields. If there are errors, the installer suggests resolutions. You may need to work things out with your web-host (or your server settings), play with your .htaccess files, or perhaps set up php.ini over-rides. A beginner may be lucky and get through this with no issues. It can be frustrating though and it can take perseverance to make it through this stage–nobody is going to take care of your problems for you.

Once it is installed, the interface is very similar to WordPress. In fact, it is identical to WordPress with the exception of the Site Admin Tab. Under Site Admin, one can select Blogs, Users, Themes, Options, and Upgrade. Clearly, most of the day to day administrative work would be tackled in the Blog and User areas. The interface is clear and simple, yet I believe more powerful than it appears. Permissions appear to be set at the blog level. Overall, there is a more robustly developed back-end than is found on Elgg. However, like Elgg, some modifications involve hand editing individual files.

Like Elgg, support is scarce. Documentation is sketchy and the mu.wordpress forum is limited. Be prepared to do some digging if you need help or want to make modifications.

The next task is to work out security and administrative work-flows to determine whether or not WordPressMu is suited to the task of managing blogs at our school.

Tags: , , , ,

Elgg: Installation and First Impressions

December 23, 2007 in Uncategorized | No comments

I just installed Elgg, the open source social networking platform, on our school’s shared server space. I really cannot speak to the feature set as of yet. This pertains to the nuts and bolts of installing, configuring, and customizing the site.

To begin with, automatic installation is not available through cpanel/fantastico, so a manual installation is required. This is no big deal. One begins by creating a mySQL database for Elgg on the server. Next, you need to download the software and unzip on your computer. Next, upload the Elgg folder to your server via ftp and change the permissions on a file and a directory. Point your browser to the Elgg directory and the installer appears. Fill in your database settings, passwords and email information.

With luck, you’ll have no errors and you can get to the configuration page. That wasn’t the case for me because the school web site is on a server with register_globals on. Once that was rectified, I was able to access the configuration.

I installed version 0.9 RC2, so there were a few bugs to be ironed out. It wasn’t any real big deal, but sticking to version 0.8.2 would make things simpler. That being said, most RC2 releases have been more reliable in my experience.

The configuration pages allows you to name the site and change the tagline among other settings. Of particular interest for use by schools are settings to allow or disallow public registration and invitations. Additionally, the setting Walled Garden allows you to restrict access to outsiders. You can also set it to force log-in to make comments.

If you want to customize the theme, you have a couple of options. First, you can upload a theme to the server and over-write the default theme. You can also access the theme files through “default template editor” to edit the page shell and css. This requires willingness and ability to work with some code.

The front page content is edited using the “frontpage template editor” which also involves playing with some basic html code. You don’t have to be an expert, but having a knowledge of html and css is certainly helpful. Alternatively a handy code reference book should give you enough guidance to make the modifications.

Overall, the installation and configuration is more difficult than many other scripts, in which switching themes involves a click of a button and front page content can be edited with a wysiwyg editor. It certainly is much more difficult to set up than a ning site. Support and documentation on the elgg.org site are also somewhat sparse. I wouldn’t recommend elgg to someone new to setting up websites using open source software. On the other hand, if you have some experience and are not averse to some basic troubleshooting, it’s worth a look.

The ability to install the software on our own server offers compelling reasons to look further into elgg. I’ll explore the software features in the near future and posting more information here.

Tags: , ,

Content for the School CMS

December 18, 2007 in Uncategorized | No comments

Fall 2006, we launched our new school website wellscsd.com using the Content Management System Joomla as the cornerstone. I had spent the summer trudging through the ins and outs of its configuration and customization. As with any new project I was excited and energized pouring endless hours adding content once school started. I wanted to show everyone the great things that could be done through the school website hoping others would be inspired to contribute to the site.

The site was popular with the school and community and the number visits grew steadily. That inspired me to keep adding content and learn how to work multimedia into the site. I started adding video clips, slide shows, and podcasts. The hours dedicated to this work kept growing to the point that by the end of last year I was getting burned out.

I kept looking for help and got it sporadically. Unfortunately, I started to feel as welcome as a telemarketer as I hounded people–students, administrators, and faculty–to participate. The kind person that updated the lunch menu was the only exception. As a result, the multimedia diminished and articles were not as fresh often 2-3 weeks between updates with the exception of the lunch menu and automatic feeds from NOAA.

A summer vacation provided time away from school and the website (but certainly not time off). I came back with more energy, but it soon fizzled, especially as I directed my efforts toward my NYSCATE presentation on school websites. I got bored with the tedious entry of information and working with images. Even though a few individuals were submitting articles through the website, they always needed some sort of reworking. Things were really falling apart.

The day before my presentation at NYSCATE, I returned to the school website and saw that even the lunch menu items were missing. I logged in and reformatted and published a few articles in queue and decided to call the school the next morning to get the menu so I could put it in in time for the presentation. I woke up and checked in the next morning and found that the menu had been posted–a sign that things were changing.

When I got back, our superintendent called me into his office. He noticed the lack of content on the site and he understood that the burden was too much for any one person to bear. He set forth and has since implemented several proposals for keeping the site fresh. After this struggle for over 15 months to keep up the site, it took my failure due to a confluence of events to drive home the point that no one can do this alone.

Now the BOCES PR writer hired by the school has been trained to add content directly to the site. Office staff has been assigned specific roles such as entering school menu items, sports schedules, and event calendars. Time has been allocated for some staff training on our next professional development day.

This has freed me to explore some of the great ideas I found at NYSCATE. We are going to set up a parallel site wellscsd.com 2.0 dedicated to student work–writing, photography, artwork, podcasts, and video. We are also going to explore social networking platforms elgg and ning soon. In addition, we will set up wordpress mu, so that students can build their own blogs (or websites as they prefer to call them).

I wonder what I could have done differently to achieve this outcome. I still want to see more students and faculty to participate. Hopefully as we implement and demonstrate web 2.0 technologies they will see the value. I remain hopeful.

Tags: , , , , , ,

Ning in Education

December 10, 2007 in Uncategorized | No comments

NYSCATE created a social networking space on Ning for the 2007 conference. About 140 conference attendees have signed up and there has been some discussion of the conference and educational technology.

I did a little poking around the Ning site in general and I have found some other social networks that I have since joined. The first was Ning in Education. Ning in Education is a network dedicated to issues pertaining to using ning for educational applications. Issues such as Ning configuration, safety and privacy. It also appears to serve as a conduit for educators to express their concerns and needs to the folks that run Ning. A case in point, is that through the efforts of participants in the network, Ning will take the ads off Ning communities that serve grades 7-12. There are COPPA issues that they are working to resolve for students under 13. Ning in Education also pointed toward other great educational resources on Ning.

Classroom 2.0 is a very active community with over 4000 members. There’s really a lot of good information from other educators integrating technology in education–Web 2.o Technologies in particular. I recommend that you join this particular network.

I also set up a Ning social network so that I could get a sense of what can be done with the administrative controls. I was looking for reassurances that would help placate the fears of our tech committee. I discovered that you could make the site visible only to members and that membership could be on an invite only basis. Furthermore, it permits you to moderate and approve video and image uploads before they are displayed (although not text postings). Finally, as mentioned above, there is a procedure for getting rid of the advertising on school networks.

I will continue to explore the social networks on Ning, examples of school uses of Ning, and the ins and outs of administrating such a site. I will also be installing the open-source alternative Elgg soon and blogging on that soon too.

Tags: , , , , ,

Post NYSCATE 07 Tech Committee Meeting: Social Networking Software

December 8, 2007 in Uncategorized | 2 comments

When I brought up the idea of using Social Networking Software for our school, the first reaction was, “Huh?” After I described it as being related to MySpace, one committee member shot me a disdainful look and said, “Why would you want to do THAT?”

I explained that it is a tool for collaboration and interaction that our students already know and understand. Further, if we want he kids to use these tools that they are already using in a responsible and hopefully productive way, we need to demonstrate appropriate and safe use of these tools. I told them that we could set it up initially so that only our students and teachers have access to such a site through Ning or Elgg.

This allayed some concerns, but another brought up the idea that we cannot supervise what goes on in real time. I agreed that we would have to carefully monitor activities. I mentioned that my students already have the ability to message each other through one of my Moodle courses. This is monitored regularly as the teacher has full access to a transcripts and the same could be done with Ning or Elgg. Furthermore, we cannot monitor all student behaviors in the school itself and problems arise because of this. Just because there are problems from time to time, we do not prohibit movement through the halls. If there is a problem, we have to look into it and try to find the facts. Online, we have logs and transcripts that tell us exactly who said what and when they said it.

Finally, our superintendent came to my support, and the others gave reluctant assent. I have permission to investigate the use and try social networking on a limited and restricted basis.

I will probably install Elgg on our school’s webhosting account over the next few weeks. I like the fact that unlike  Ning, it will not have advertising.  After I get the feel of the environment, I’ll probably set up something with my fifth graders and those of one or two local districts for some kind of an on-line collaboration.

Here an interesting link to Wired Magazine’s website discussing the use of Elgg in education. I’m sending it to the other members of your tech committee to help answer the question, “Why would you want to do that?”

Tags: , , , ,

Post NYSCATE 07 Tech Committee Meeting: Blogs

December 6, 2007 in Uncategorized | 1 comment

I returned from the NYSCATE 2007 Conference reinvigorated with fresh ideas as to where to take my class and our school in terms of education and technology. I felt ready to renew my efforts to incorporate podcasting and wikis with my students. I had done some work with both of these in limited, halting ways in the past. Yet there are a couple new areas that we have not ventured into: student blogging and use of “social networking” such as found in Ning and the open source Elgg. This required a sign off by the tech committee, so I called for a meeting.

We convened last Tuesday after school. The committee was interested in the Smart Board technology, the on-line AIS (Academic Intervention Services for children failing or at risk of failing state tests) possibilities. The tone changed when I started discussing students creating content for the Internet.

I started by saying that my fifth grade students really wanted to create websites and that I thought blogs would be the way to go. The mere mention of blog made several in the room cringe. They chimed in with the usual objections:

  • What if they create inappropriate content?
  • What if they post personal information?
  • There are bad people out there…

I assured them that we can install WordPress MU (Multiple User) and it could be configured so that a teacher would have to approve content before it is published. This helped quiet some fears, but they still wanted to keep the blogs password protected so that only select individuals could view the blogs.

I protested that one of the most important motivations to a writer is a sense of audience and that cutting off access would defeat the purpose of this exercise. Furthermore, I wanted to enable comments so that students could see the reactions of their audience and interact with readers. Again, the same objections were raised. I asked that if the comments too could be moderated by a teacher would it be acceptable. I got grudging skeptical acceptance with the qualification of “Don’t expect me to have any part of this.” I continued saying that we already allow students to submit material to our school website that is published upon administrative approval.

Fortunately, our school superintendent was supportive and felt that with these precautions in place that this would be a great idea. He was able to see the power of ownership and audience that this would provide for the students.

So, over the next few weeks, I will be setting up WordPressMU on our hosted web account, learning the ins and outs of users, permissions, and administration. My next obstacle may be parents to whom I plan to send a very carefully crafted letter. I fear that a few may object. I guess I can offer to password protect the directory in which their child’s blog resides.

Of course, my next proposal–social networking software drew even more objections and fears–some that I had more difficulty answering. I’ll discuss that portion of our tech committee meeting in an upcoming blog.

Tags: , , ,