File under: Cool shit you can do with Elasticsearch.
-
Scaling WordPress queries with Elasticsearch
-
Stop using tail -f (mostly)
Despite using the
less
command frequently, I had no clue that it could be used in place oftail -f
. So useful! -
The WordPress Talent Shortage Might Be a Pricing Problem
An interesting article — and ensuing discussion down in the comments — from Andy Adams. Definitely worth a read if you make even just a fraction of your living from doing WordPress dev work.
-
Too Many Images
I love single use command line tools. This one helps you determine a URL’s image weight and even lets you know where you should start optimizing.
-
Implementing Public Key Pinning
While HPKP — which helps reduce the attack surface for man-in-the-middle attacks against HTTPS traffic — is only supported in a very small handful of recent Chrome and Firefox builds, it never hurts to get ahead of the curve. Especially when it comes to your site’s security.
-
Cacio e Pepe Ramen
In a flash of epicurean genius, Sarah decided to whip up a batch of David Chang‘s Cacio e Pepe Ramen for dinner last night. And while it’s not something I’d eat all the time — it was actually super rich — I wouldn’t be against downing another bowl of it at some point in the (nearish) future.
-
Debunking the Hot Buttered Hype
Great in-depth analysis from Gizmodo covering every last bullshit claim made about Bulletproof Coffee.
-
WPScan Licensing
It looks like the WordPress security tool WPScan is looking to move away from the GNU GPL license for their software. That’s rather unfortunate, but after reading about companies trying to repackage and sell WPScan as their own work, I totally get where they’re coming from.
Chasing these companies takes time, sometimes a whole day of emails back and forth arguing the intricacies of the GNU GPL while they try and weasel their way out of complying to our license. This takes a lot of my time away from the important stuff, working on WPScan and the WPScan Vulnerability Database. Because of this I decided to add a clause to the license. If you want to sell WPScan you can pay for a commercial license, otherwise you can use it under the GNU GPL.
After a few months with this license it was pointed out to me that the GNU GPL does not allow these kind of clauses. What some individuals and companies decided was a ‘loophole’.
Their new (proposed) license has been posted as a Gist — which I’ve embedded below — and the developers are welcoming feedback.
If you’re schooled in Public/Open Source software licenses and are interested in the future of WordPress security tools, go leave a comment!
-
I’m in Love With the PAKO
While I never bought into the Flappy Bird hype, I totally get the appeal of infuriatingly brief casual games. So I decided to try out PAKO after finding it over the weekend.
The TL;DW (too long; didn’t watch) of the video above is this:
- Pick a closed, arena-style level.
- Don’t crash.
- Avoid cops.
Even though I haven’t had a single round that’s lasted longer than 35 seconds, it manages to be loads of fun without being throw-your-phone frustrating. If you’ve got a couple bucks burning a hole in your pocket — it’s only $0.99 on iOS, but slightly more expensive on other platforms — it’s definitely worth it.
-
Making Your Own High Performance WordPress Server
Clever forks of WP Engine’s Mercury Vagrant for the “roll your own server” types courtesy of Zach Adams.
I say “forks” because he’s actually crafted two different Ansible playbooks. One deploys WordPress, HHVM, Percona, PHP-FPM & nginx to a server of your choosing while the other adds Varnish, Memcached & APC to the mix.
I have a vested interest in folks signing up for service at WP Engine — seeing as how I work there and all that — but this is still pretty fantastic.
-
MyFitnessPal doesn’t use HTTPS
When logged into MyFitnessPal, all of the pages transmit over insecure HTTP. Everything you eat, your body measurements, your daily activity, and any activity imported from third party services are all transmitted insecurely over HTTP. If you’re on a public wi-fi network, anyone can easily intercept this private health information.
Even worse, if you manually change the logged-in URL from insecure HTTP to secure HTTPS, MyFitnessPal forces you back onto insecure HTTP.
Ew. Guess it’s time to switch to Lose It! then…
P.S. HTTP Shaming is full of some pretty surprising — and utterly heinous — behavior from companies & organizations that should know better. ᔥ
-
WordPress SEO Tamer
Love Yoast’s WordPress SEO but hate some of the clutter that it brings to your dashboard? There’s a plugin for that.
This plugin also — as Joost points out — breaks the business model that supports WordPress SEO’s development by blocking the ads for Yoast’s other plugins & services. You can turn the ads back on in Tamer’s options, but that’s still a pretty shitty thing to do. ᔥ
-
Little Bad Days
I used to have some little bad days, and I kept them in a little box. And one day, I threw them out into the yard. “Oh, it’s just a couple little innocent bad days.” Well, we had a big rain. I don’t know what it was growing in but I think we used to put eggshells out there and coffee grounds, too. Don’t plant your bad days. They grow into weeks. The weeks grow into months. Before you know it you got yourself a bad year. Take it from me. Choke those little bad days. Choke ‘em down to nothin’.
Tom Waits
-
Deploy Elasticsearch on Google Compute Engine
Thanks to Google, you can now quickly spin up an Elasticsearch instance for a few dollars a month. Couple that with WordPress plugins like ElasticPress & ES_WP_Query and you can get some pretty nice performance boosts in places where folks don’t normally bother to optimize.
-
WP Performance Profiler
The crew at interconnect/it makes some quality stuff, so I’m pretty excited to try this out.
-
Finish One Thing Today
It doesn’t have to be big.
It doesn’t have to be important.
It doesn’t have to be perfect.
It doesn’t have to be revolutionary.
It doesn’t have to be new.
…
It just needs to be finished.As somebody who has struggled with deadlines and perfectionism, I can totally get behind this.
-
The Personal Blog
There is something about the personal blog, yourname.com, where you control everything and get to do whatever the hell pleases you. There is something about linking to one of those blogs and then saying something. It’s like having a conversation in public with each other. This is how blogging was in the early days. And this is how blogging is today, if you want it to be.
Fred Wilson, totally nailing the purity and beauty of the personal blog.
-
All the Options in the WordPress Theme Customizer
In reality we’re taking the same problem of providing too many options and migrating them from the Dashboard to the WordPress Theme Customizer.
Bummer.
Tom McFarlin nails it once again.
-
wordpress-rest-api
Speaking of JavaScript, here’s a Node.js-based client for the JSON REST API that’ll eventually make its way into WordPress core.
-
Is JavaScript taking over WordPress?
Unless something totally crazy happens, WordPress is going to be written in PHP for the foreseeable future. However, the more that core turns into an API endpoint for all the JavaScript that’s being added to it, the less beholden the project has to be to PHP.
So maybe you should think about buying a JavaScript book or something.
Or don’t. It’s your fucking livelihood.