Instant Scanner

June 19, 2013Geekery, WordPressJason Cosper

Have you guys heard about Instant Server? It’s pretty rad. Basically, you push a button, wait a few seconds and they give you 35 minutes of usage on an SSH-able server. Once the 35 minutes is up, you can either pay to keep it running or they trash the server instance.

Anyhow, after trying to figure out some of the fun things I could do with it, I’ve come up something that security minded WordPress folks might find useful.

There’s this command line security scanner called WPScan that performs a bunch of non-intrusive checks against WordPress installs. Folks with Linux based systems can install and run it easily. It’s also a fairly trivial install for folks who’ve set up Homebrew on their Macs. But if you don’t want to mess with installing Xcode on your MacBook or you have a (gag) Windows machine, try this out…

Spin up an Instant Server instance.
Log in via SSH.
Run the following command:
sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev git make && git clone https://github.com/wpscanteam/wpscan.git && cd wpscan && sudo gem install bundler && bundle install --without test development
After that finishes running, you should have roughly 30 minutes left on the server.
Run this command:
ruby wpscan.rb --url example.com --enumerate
(Make sure to replace example.com with your own domain.)
Sit back and let WPScan tell you about any security issues you might need to address.

If you stay on top of core, plugin & theme updates, you shouldn’t really see anything surprising. But it’s always better to know your threats and limit your exposure, right?

99U dug up this fantastic interview with James Murphy (of LCD Soundsystem) that covers feeling like a failure in your late 20′s and how to deal with it. It’s something I really wish I’d heard when I was floundering hard a few years ago.

Fork This DMCA Takedown

February 20, 2013GeneraldmcaJason Cosper

Over the past few months, I’ve had to help several clients file DMCA takedown notices. Yeah, I think the DMCA stinks. But it’s also the most expedient option for squashing content scrapers and self-titled “curators” who don’t spend a lot of time worrying about things like attribution.

Anyhow, because of this, I keep finding myself in need of a well-crafted — but still fairly generic — DMCA takedown notice template. Which normally means I have to do a quick Google search for one. And then I have to spend a bunch of time doing boring, time-consuming find & replace work.

So the last time this came up, I swiped a publicly available example notice and made some edits. And, naturally, I turned it into a Gist so folks could fork it and use it for themselves.

Hope someone out there finds it useful!

The Theme of Tomorrow, Today!

February 18, 2013Geekery, WordPresstheme, twentythirteenJason Cosper

The WordPress team just dropped what they’re calling their “first draft” of Twenty Thirteen into the wild. And while I know that it’s not a finished product yet, I like it so much that I’ve decided to use it here. At least for a little bit.

Can you blame me? I mean, just look at it…

Sexy, right?

But how did I get my grubby little hands on a copy of the theme before it was even released? Well, if you’ve got Subversion installed on a Mac, it’s as simple as opening your favorite terminal application and running this command:

cd ~/Downloads/ && svn co https://wpcom-themes.svn.automattic.com/twentythirteen/ && zip -rv twentythirteen twentythirteen && rm -rf twentythirteen/

What does that command do? Allow me to give you the step-by-step rundown…

Changes the working directory to your user’s “Downloads” folder.
Performs a SVN checkout of the Twenty Thirteen theme from Automattic’s WordPress.com theme repository.
Creates a zip file called “twentythirteen.zip” in your Downloads folder.
Deletes the “twentythirteen” folder.

Once the command finishes running, log into your WordPress dashboard, go to “Appearance > Themes”, select the “Install Themes” tab and click “Upload”.

All you have to do then is upload the theme from your computer and activate it. Simple!

And by “simple” I mean you have to be comfortable with the command line and hope to God that you have Subversion installed.

Should you not have the SVN binary on your Mac, perhaps the exciting world of pre-release themes isn’t for you. Don’t fret though, I’m sure Twenty Thirteen will find its way to the official theme repository soon enough.

P.S. Since Twenty Thirteen isn’t exactly finished yet, I wouldn’t suggest installing this on your production site. But if you’re borderline crazy — like me — feel free to join me in saying “fuck it”.

Just don’t come crying to me if something goes wrong, okay?

I’ve always had a very large soft spot for subway maps. Especially the one Massimo Vignelli did for New York City back in the 70′s. So when this NYCTA Graphics Standards Manual surfaced earlier this week I was thrilled.

Hopefully I can get a little time to obsessively study it this weekend.

My Dear Sarah

February 14, 2013People, SarahJason Cosper

S + J

Seven years after our first date, I’m still so happy to have found you. You make every day — even the really crappy ones — wonderful.

Happy first date anniversary, baby!

Press Your Heart Out

February 11, 2013Foodaeropress, coffeeJason Cosper

Since Christmas, I’ve been brewing most of our coffee through the Aeropress that Sarah gave me. And while we’ve really enjoyed the coffee — especially when you compare it to what we’d get out of our old $20 drip pot — the process has started to make me obsess over all the little tweaks I can make.

I mean, if there’s a better cup of coffee to be had, I seriously want to go to there.

Anyhow, thanks to my desire to over-research everything, I’ve spent a lot of time looking at metal disk filters, grinders & brewing recipes. Which led me to the popular (in coffee nerd circles, at least) inverted brewing method.

To be perfectly honest, inverted brewing is kind of intimidating. Mainly because I don’t like the thought of “flipping” a cylinder of near-boiling water before I’ve, well, had my first cup of coffee.

So when gridwriter mentioned the Heart Roasters Aeropress method — which I seem to have missed in my fairly extensive research — I was really excited. I have yet to try it, but I’m really looking forward to giving it a shot.

For the folks who haven’t committed to cleaning the unused core files out of their WordPress install, the Old Core Files plugin for WordPress looks like it should be useful. I only say “looks like” and “should” because I’m already tidying my site’s files on the regular. But this’ll definitely save me from having to do my future sweeps manually.

All Basses Covered

January 30, 2013MusicJason Cosper

I’ve been meaning to write something for almost a month now. It’s not like I have writer’s block or anything. Far from it. I’ve just been a bit preoccupied with work.

Fortunately, I’ve had this mix from DJ Shadow to help me crank through the past few weeks of long, 10+ hour days.

“All Basses Covered” is the set that got him kicked off the stage at Mansion in Miami for being “too future”. Which is a shame, because it’s fantastic.

If you haven’t heard it already — and you’re up for some next level shit — give it a listen. Or, better yet, download it directly from SoundCloud.

Cat Flag, "Damaged"

Alright, The Kitten Covers… You win this round.

Also, this site has been a thing since 2011? How have I not managed to hear about it before today? I must be getting bad at using the internets.