The best way to run a blog is to run your own blog server. This can mean running an instance on someone else’s web server (some ISPs have special hosting deals for bloggers on popular platforms such as WordPress), but usually means having shell access to your own server (I’ve previously written about my search for good cheap Xen hosting [1]).
There are platforms that allow you to host your own blog without any technical effort. Three popular ones are WordPress.com, LiveJournal.com, and Blogger.com. But they give you less control over your own data, particularly if you don’t use your own DNS name (blogger allows you to use their service with your own DNS name).
Currently it seems to me that WordPress is the best blog software by many metrics. It has a good feature set, a plugin interface with lots of modules available, and the code is free. The down-side is that it’s written in PHP and has the security issues that tend to be associated with large PHP applications.
Here is a good summary of the features of various blog server software [2]. One that interests me is Blojsom – a blog server written in Java [3]. The Java language was designed in a way that leads to less risk of security problems than most programming languages, as it seems unlikely that anyone will write a Blog server in Ada it seems that Java is the best option for such things. I am not planning to switch, but if I was starting from scratch I would seriously consider Blojsom.
But for your first effort at blogging it might be best to start with one of the free hosted options. You can always change later on and import the old posts into your new blog. If you end up not blogging seriously then using one of the free hosted services saves you the effort of ongoing maintenance.
Just a comment on using Java as the programming language of the blog…
The compromises of most blogging code relate directly to the quality of the blog developer, when using features of the language in a non-secure way – not due to the choice of language (correlation is not causation…). For example, SQL injection due to tainted html-form values.
Note there is some history of PHP-built sites being hacked in a big way, especially when using PHP4, but that is mostly due to bad runtime defaults; a good developer should have mitigated those problems.
If you don’t mind losing user comments, you can use a blog engine that compiles to static HTML, such as Ikiwiki. That eliminates entire classes of security and administration headaches in one swoop.
I like pyblosxom in static rendering mode for good security.
On the downside this means you don’t get comments, and there’s no web interface for editing posts, so it may not be well suited to new users without a unix background.
Sure, I’ll blame c next that we have buffer overflows in operating systems.
Oh wait, it’s true – but then again we’d have no operating systems without…
“that tend to be associated” is a very failing argument. No other blog software written in PHP has such a bad security record as WordPress.
So don’t blame an easy to learn language for what so-called programmers make of it.
MovableType is nice too – its now open source which is great. I’m much more familiar with WordPress, but I especially like that MovableType renders content out to static files.
Although I’m currently using Typo without too much hassle, I will never suggest it to anybody, it had quite a few problems itself.
I actually considered more than once switching to blojsom, migrating isn’t too hard, what stopped me on the switch to blojsom, or any other Java-based blog platform for what it’s worth, is the absolutely bad state of Textile filters in Java. I considered writing my own, but my Java skills aren’t the best and I don’t have time for that :/
But yeah beside that (which I sincerely don’t know if it still applies at all!), blojsom is quite great.