What I Wish I’d Known When I Started–WordCamp Orange County 2016

This morning, I delivered an extended version of this talk, which I first presented at WordCamp Winnipeg 2015. This session explored WordPress functionality that new developers often overlook, as well as some “gotchas” about Core behavior. As a 90-minute workshop, extensive discussion was encouraged, and successful–so much so that I only made it about halfway through the slides. But, as I said at the outset, the slides were more a suggestion to guide the discussion.

Continue reading What I Wish I’d Known When I Started–WordCamp Orange County 2016

My favorite thing about Fourth of July

Each year for the last 28 years, NPR’s Morning Edition has aired a reading–by the network’s hosts, reporters, and newscasters–of the Declaration of Independence. Hearing this is, by far, my favorite part of today’s celebrations.

NPR’s Annual Reading Of The Declaration Of Independence, 240 Years Later

Some things I read this week

Of the many articles I read this week, these stuck with me.

Yes, I’ve looked past Brexit, because its near-term impact is largely emotional.

Last, but certainly not least, is a striking article that someone resurfaced on Facebook recently:

What It’s Really Like To Be An Alcoholic (Thought Catalog)


Since I learned of the mass shooting in Orlando, an attack that targeted a community I’m part of, I’ve been filled with rage–not towards the shooter, though he certainly deserves no shortage of my anger–but towards the circumstances that let this happen yet again.

I’m full of rage towards the organized religions that teach love, forgiveness, and tolerance, while demonstrating hypocrisy by precious few sects or denominations welcoming the LGBT community. Instead, we’ve generally seen religious groups’ fervent support of hateful and discriminatory legislation go unopposed by religious leaders and organizations–which seems exactly opposed to the teachings they claim to follow.

I’m full of rage towards our elected officials and their empty rhetoric. They offer “thoughts and prayers” that claim to be heartfelt, but are delivered with no more emotion or sincerity than placing a coffee order. These statements come so frequently, and are so rarely followed by action, that they carry no weight, they have no significance.

I’m full of rage towards organizations like the NRA, the National Shooting Sports Foundation, and their ilk, which claim to defend Americans’ freedoms while blindly ignoring the consequences of their lobbying.

But ultimately, I’m full of rage because despite this being “the worst mass shooting in US history,” despite the frequency with which these attacks occur, despite this being a hate crime, we’ll likely endure another of these events in six months time. We’ll go through the same pointless “national mourning” process, and the country will go back to what it was doing–growing increasingly self-absorbed and isolated from opposing viewpoints, oblivious to the experiences of our fellow Americans.

Compiling nginx with OpenSSL 1.0.2 to maintain HTTP/2 support

Chrome 51 disabled support for NPN, or Next Protocol Negotiation, the mechanism that millions of nginx servers needed to establish HTTP/2 connections with Chrome users. For anyone running nginx compiled against OpenSSL 1.0.1, Chrome 51 users are still connecting over SSL, but only via the legacy HTTP/1.1 specification, which lacks the performance benefits HTTP/2 imparts.

Both the nginx project, and Mattias Geniar, provide lengthier explanations of what changed in Chrome 51:

For those wondering how to restore HTTP/2 support for Chrome 51 users, there is but one answer: switch nginx to OpenSSL 1.0.2. While OpenSSL 1.0.1 is only receiving security updates (and will stop receiving any updates after December 31, 2016), OpenSSL 1.0.2 is actively maintained and receiving new features, including the successor to NPN, which nginx supports: ALPN, or Application-layer Protocol Negotiation.

Continue reading Compiling nginx with OpenSSL 1.0.2 to maintain HTTP/2 support

Unintentionally rate-limiting VaultPress

Several weeks ago, I implemented nginx’s rate-limiting mechanism for all services hosted on my VPS. As a result, any non-GET request is subject to quite-low limits on how many requests can be made in a given timeframe. As I discussed further in “Rate limiting: another way I guard against brute-force logins,” I chose very-strict login limits as I’m the only person regularly authenticating with anything I host.

So far, there’s been only one unintended effect from these changes: VaultPress cannot reliably back up my site. Until recently, I hadn’t enabled any server-level access for VaultPress, which forced it to perform backups via HTTP requests triggered from WP Cron events. This approach was fine when requests weren’t limited, but VaultPress now finds itself blocked on every backup attempt.

Continue reading Unintentionally rate-limiting VaultPress