1. The Zero-Telemetry Philosophy
error(first) operates on a principle of Data Minimization. We treat user sessions like production logs: transient, minimized, and purged when no longer operationally relevant. We do not use tracking pixels, behavioral profiling, or third-party marketing scripts.
2. Infrastructure & Caching Forensics
To ensure high-availability and performance, we utilize a multi-tier caching strategy. This system manages the delivery of content but does not ingest Personally Identifiable Information (PII).
A. Server-Side State (TTL Management)
Our custom caching engine (nivalis-cache.php) manages content delivery with the following parameters:
- Page-Level Cache: Disk-based caching with a 10-hour TTL. This provides CPU relief while ensuring content refreshes twice daily.
- Data-Level Cache (Transients): Database-heavy operations (e.g., Trending Post calculations) are cached for 1 hour to reduce database overhead.
- Precision Invalidation: When content is updated, our system selectively purges only the affected nodes (the post, home page, and relevant archives) rather than flushing the global state.
B. Edge & Browser Caching
We utilize a “Bust-by-Version” strategy to manage static assets:
- Asset Versioning: CSS and JS files are appended with a CRC32 hash based on their last modification time. This allows for “infinite” caching at the edge while ensuring instant updates upon file changes.
- Browser Headers: We set
max-age=0, must-revalidate. This prevents “stuck” versions in your browser while allowing CDN Edge nodes to hold a 24-hour cache for lightning-speed delivery.
3. State Management (Cookies)
We use a minimalist cookie set for functional rate-limiting.
| Variable | Source | Purpose | TTL (Expiry) |
|---|---|---|---|
nivalis_viewed | nivalis-post-views.php | Prevents “view count inflation” by rate-limiting post statistics. | 1 Hour |
comment_author_* | WordPress Standard | Optional persistence of name/email for comments (User opt-in only). | 1 Year |
Security: The nivalis_viewed cookie is set with the HttpOnly flag to prevent access by malicious client-side scripts.
4. Sub-Processors
Our infrastructure is limited to essential service providers:
- CDN/Security: We utilize Cloudflare for edge delivery and DDoS mitigation. The theme integrates with the Cloudflare Purge API to proactively dump cache when articles are updated.
- Analytics: We use [Insert Tool, e.g., Plausible/Fathom] for aggregate telemetry. We do not track individual user journeys.
5. Rights of the Operator
Users retain full rights over their data as defined by GDPR/CCPA. Since our caching system is content-centric rather than user-centric, we do not store “profiles” of your visit. Any voluntary payloads (comments or signal inputs) can be purged upon request.