I'm impressed with BlogEngine v3.2 and your focus on security. I write about scalability of multi-blogs.
In v3.2, for each new blog created by Admin, a disk folder is created that houses a number of files. Each blog folder serves as the basis of the URL. This design will not allow scalability nor a common user experience. Here's why:
1) When a million blogs are created, there would be a million blog folders and since Windows Explorer is not a relational database, lookup to render pages will be extremely slow if at all possible. Should architect the design to embed each blog folder into
some kind of database records, which will afford fast retrieval and hence scalability.
I understand for non-tech blog owners, xml as a datastore was used. However, whenever BlogEngine is configured to use SQL Server, then those blog folders mechanism should be transferred into SQL Server instead of continued use of blog folders.
2) The url generated to associate with each blog will means the url is different for each blog owner (e.g.,
) . This means no "common experience". Instead, what rendered on the page should be based on login id, not url mechanism. Further, at v3.2, the
url generated has a bug, it appended the blog twice name (e.g.,
...) in the url and i have to manually remove it to get to login page. This happens RIGHT AFTER admin created a new blog, subsequent invocation of blogs from Blog List don't have that url problem.
Please comment on my observations and suggestions. Thank you.