Blog Archives

securing WordPress

Part of securing a WordPress installation is checking up on your file permissions. In order to prevent overwriting by malicious code, limit the permissions to read-only except where necessary.

Here’s a good start:

Relative PathSuggested permissions
/0755
/wp-admin0755
/wp-includes0755
/wp-config.php0444
/wp-content0755
/wp-content/themes0755
/wp-content/plugins0755
.htaccess0444

I should also mention that I highly recommend WordFence for securing the internal WP system itself.

Tagged with: , , , , ,
Posted in how-to

essential and useful WordPress plugins I’ve tested and used

After installing and removing zillions of them, here are my faves:

BJ Lazy Load

Lazy loads images and other embedded media so that they are not sent to the client until the client scrolls near it. Saves bandwidth and makes for speed.

Breadcrumb NavXT

Automatic breadcrumb links on pages to ease navigation

Child Theme Configurator

Easily create and edit child themes based on themes already installed. This way you can update the third-party theme without losing custom changes to it.

Easy Updates manager

Allows disabling of updates of specified resources (WP core, themes, plugins, etc.). Useful if you don’t want your client bothered by update notifications.

Google Analytics Dashboard for WP

GA integration which inserts the tracking code on every page and also gives you a nice traffic history report on the admin dashboard.

Insert PHP

Allows insertion of PHP code in the WP content editor using tags like [ insert_php ]

Public Post Preview

Creates a link to an unpublished version of a page or post that you can share with anyone. Viewer need not be a registered user or admin. Perfect for in-place-UAT.

SEO Ultimate

Handles automatic metadata generation and tons of other SEO features.

TinyMCE Advanced

Must-have enhancement for the WordPress WYSIWYG content editor which adds many features.

UpdraftPlus

Automatic backup and restoration via S3, Dropbox, Google Drive, Rackspace, FTP, email, etc. I use this for weekly backups to my Google Drive.

Wordfence

Extensive security and virus-prevention package with automatic scanning and malicious user lock-out.

WordPress HTTPS

Helps WordPress cooperate with SSL/HTTPS-configured sites.

WordPress Visual Icon Fonts

Makes Font Awesome and Genericons icon sets available in WordPress.

Tagged with: , , , , ,
Posted in how-to

firing background tasks in PHP

Background case

madisonrightnow.com is a collection of near-real-time information about a metropolitan area. Traffic, weather, parking lot usage, and loads of web cam images are displayed on one page. Data come from a wide variety of sources: images come from cameras, weather data comes from a web API, and parking lot utilization come from good ol’ fashioned page scraping. All these transactions are triggered when a user wants to view the page. It is a challenge to get near-real-time information to the client from so many sources without a lot of pre-processing on the server end, and without the client having to make connections to a myriad of hosts to get images and other data. I found that asking the client to load all this makes the page too slow to load.

The solution is to build a server-side caching mechanism, so all the data and images are ready to go when the page is hit, and so that all transfers are between madisonrightnow.com and the client without having to wait on anybody else. This can cause the data served to be a little older, but is much better than asking the client to open connections to dozens of hosts and wait for every one to completely reply before the page can render. Under the caching scheme I developed, all data on the page are loaded from my server in order to give the user a smooth experience when expanding UI panels after the client renders it.

Continue reading “firing background tasks in PHP” »

Tagged with: , , , ,
Posted in how-to

email mail merge in Office 2010 with hyperlinks

The goal of this tutorial is to perform a mail merge which includes a unique URL (web address) for each record. That way, you can send email with unique URLs for each recipient, which may be useful when sending surveys or tracking individual followup.

This is the procedure to embed a hyperlink into a mail merge in Microsoft Office 2010, using Word and Excel.

Continue reading “email mail merge in Office 2010 with hyperlinks” »

Tagged with: , , ,
Posted in how-to

how to fix call log popping up unexpectedly on Samsung Galaxy devices

If you recently paired a Samsung Gear smartwatch with your Samsung Galaxy phone, you may experience the phone’s call log appearing inadvertently. To fix this, open the Gear Manager app, tap Notifications, and uncheck the Smart relay feature.

Tagged with: , , , , ,
Posted in how-to

Can’t move VMWare Fusion on Mac OS X?

If you get some message like “You don’t have permission to move this Application” or some such thing, try this in Terminal:

sudo chown -R username /Applications/VMware\ Fusion.app
sudo chmod -R 777 /Applications/VMware\ Fusion.app

Tagged with: , , ,
Posted in how-to

how to set up a VPN with Asus RT-N16 and Mac OS X

rt_n16_209Here’s a step-by-step guide to getting up and running with a VPN connection between your Mac and Asus RT-N16 router with factory firmware.

Continue reading “how to set up a VPN with Asus RT-N16 and Mac OS X” »

Tagged with: , , , ,
Posted in how-to

how to create an iPad video kiosk

Screen shot 2013-10-18 at 4.07.21 PM

I was recently tasked with building an iPad floor display that would loop a series of video clips indefinitely in a public place. Surprisingly, it’s not very obvious how to do this, and the third-party applications for looping video don’t work, are expensive, or show ads on the screen while the video plays.

The following solution requires no extra software or apps at all.

Continue reading “how to create an iPad video kiosk” »

Tagged with: , , , , , ,
Posted in how-to