Go to QuaapSrv home
A Decidedly Unfancy and Mostly-Static Content Manager.


QuaapSrv on Quaap.com


This is the space for my "Content Management" (blogging) software.

I had a hard time finding blogging software that was simple, fast, and didn't use an external database. So, I decided to write my own.

Most content management software operates under the notion that everything must always be dynamic, then uses tons of caching and optimizations to workaround the inherent slowness of that approach. But almost all pages in the wild are 99% static and are updated at most a few times a day, or usually just a few times a year (or never again), and so they don't benefit from having everything generated on the fly like a wiki or a news site might.

So I wrote my own software, with the idea of keeping the pages as static as possible, with no Javascript libraries, Flash, or external databases.

The administration/editing console is written in php (because it's available everywhere), but the content pages are generated and published into static files and then not touched until the next update.

Well… almost. To avoid rebuilding everything when minor changes are made (like adding a link to a sidebar), the pages use SSI (shtml) to load in parts like the header, footer, and sidebar at access time, but that's still very cheap compared to almost anything else. And most of that can be disabled, anyway.

I've put it on github and am working out the kinks! If you discover any security related issues, please email your report privately to kukrlzlnikigepeitstihchzepejrmrvmwmaezemsssf[DOblarT]tgttowopmimd[AblarT]gcgamzmramauiiitlmln[DOblarT]cnctoaoimnmc instead of using the issue tracker.

2016-04-30   [Permalink]


An incomplete list of features

  • A simple, minimal style for the content pages
  • A set of simple and straightforward administration pages
  • Can handle multiple authors
  • Editing is done in plain text, using a special syntax for markup and formatting, which is a slightly extended version of wikicreole
  • Markdown/CommonMark syntax is also available
  • Formatting includes tables, lists, blockquotes, code, images, youtube videos, and html blocks.
  • Choose between chronological and reverse chronological order
  • Choose between showing full article, the extract, or even just the title in the index
  • Supports "long form" (articles) and "short form" (a single paragraph w/o a title: tweet-ish)
  • Basic CSS customizations through a GUI, or upload your own CSS file
  • Tagging
  • RSS
  • Commenting system
  • Built-in data backup
  • Basic page-access statistics
  • Generated pages are small and valid HTML5, with very little Javascript and no Flash
  • Extensible


  • PHP 5.2+ (5.4.8+ if using Markdown)
  • Sqlite3
  • Server Side Includes (SSI/shtml)
  • mod_rewrite
2016-06-22   [Permalink]

Sample syntax

Here's a sample article:

=This is the title

Here is a crazy video I //found//!

<<youtube ab2XI_pTBC8>>

[[http://cnn.com|A bunch of news!]]

Which would lead to this:

This is the title

Here is a crazy video I found!


A bunch of news!

2016-06-22   [Permalink]


How to install QuaapSrv.


Download the tgz/zip file.

Upload to your webserver

Place it on your webserver directory of your choice. It can be installed in the webroot or any subdirectory. For example, if you install it in the webroot, your QuaapSrv pages will be served from "http://yoursite/", but if you place it in a subdirectory "bob", your QuaapSrv pages will be served from "http://yoursite/bob/".

Uncompress and optionally configure

Uncompress the file.

At this point you can optionally make a few choices. Again, these are OPTIONAL.

  • There is a directory "admin" which you can rename to something else. Renaming it will make it more difficult for future automated bots looking for known flaws in software to exploit.
  • Copy admin/conf.php to admin/conf-custom.php, and change $libdir and $datadir to somewhere out of webroot, if possible. For example, change $datadir to "../../data" and $libdir to "../../lib" if that makes sense for your server. Then make sure to move the admin/lib directory to the appropriate place. You can also do this step later but make sure to move the "data" directory too.


Point your browser to https://yoursite/admin/admin.php or https://yoursite/SUBDIR/admin/admin.php or whatever you called the subdirectory and admin directory.

If https is not available on that link, check your host to see if there is another way to get to it, such as https://youraccount.webhost.com/admin/admin.php or https://webhost.com/~youraccount/admin/admin.php or something like that. It is very important to use https if at all possible, otherwise your password and session ID will be passed around in plain text, and could be compromised.

Mandatory installation steps are:

  1. Set the admin user's password.
  2. Confirm the "Base Url" is correct
  3. Confirm the "Contextroot" is correct: it should match the /subdirectory you chose, or be blank if it was a webroot installation.

Most options have sensible defaults for a standard blog, but you may want to change:

  1. "Default title": it is what appears in the title of the index pages.
  2. "Allow comments": whether visitors can comment on articles.
  3. "Tie login to IP": if you usually edit your pages from random places or over poor connections, uncheck this so you don't accidentally get logged out at a bad time.
  4. "Allow Markdown": if you plan to use Markdown syntax.

All of these can be changed later, so don't worry too much.

Now click "Save".

You'll need to log in as "admin" with the password you set.

Hopefully, after a few seconds the primary page of the administration console will show up, and inform you that the system pages were written.



If installation fails or something strange occurs that isn't obvious from the displayed error message:

Check your webhost's error logs.

Check the directory permissions. Most directories should be set to "755" (or "0755").

Check the file permissions. In most cases, php files should be set to "644" (or "0644").

If your scripts are timing out, use your webhost's php.ini configuration tool to change the "max_execution_time" to a larger value.

If installation failed half-way through, you can simply delete the "admin/data" directory and try again.

If it failed later and you already have documents created, you can delete the "admin/data/_options.sett" file, but you may want to make a backup first first as you'll lose your settings and may need a reminder of what was set.

If you you forgot your password, make a backup of "admin/data/_options.sett"and then delete both "admin/data/_options.sett" and "admin/data/_passwd.txt".

2016-06-22   [Permalink]

After installation

After a successful installation, you have some more choices.

The system pages "header", "footer", "sidebar", and "social" contain the customizations for the corresponding portion of each page.

Header and title

You can change the header on each page by editing the "header" system page.

If you don't want a customized header, unpublish the "header" system page, then "Rebuild All". A system-generated one will takes its place. If you don't want one at all, edit the header to be empty and publish it.

If you don't want a customized sidebar, unpublish the "sidebar" system page, then "Rebuild All". The system-generated one will still be present. If you don't want one at all, disable the sidebar it in the settings.

If you don't want a customized footer, unpublish the "footer" system page, then "Rebuild All". A system-generated one will takes its place. If you don't want one at all, edit the footer to be empty and publish it.

Social media buttons

If you don't want the social media buttons, unpublish the "social" system page, then "Rebuild All". You can also edit this page to add or change the social media buttons present.


There is a built-in comment system, but if you prefer to use a different one, create a page named "comments" and edit it to contain the proper html/javascript needed to pull in a third-party system, publish it, then "Rebuild All".

You can use the HTML extension <<<?html … >>> to add your html and javascript code.

You can use the following SSI directives to help:

  • <!--#echo var="THIS_NAME" --> The name of the current page (ie "welcome")
  • <!--#echo var="THIS_BASE" --> The base URL (ie http://yoursite.com)
  • <!--#echo var="CONTEXTROOT" --> The path part of the full URL (ie /thing)
  • <!--#echo var="THIS_URL" --> The full URL of the current page (ie http://yoursite.com/thing/welcome)
2016-06-22   [Permalink]


Here are some screenshots of the admin console. I took these from my local machine which does not have https, so you can see the repeated warnings in the screenshots.







2016-06-30   [Permalink]

All articles