Last week Barbara and I attended the annual Google I/O Developer’s conference in Mountain View. We’ve attended every year since the first one back in 2008 and were glad to continue the streak.
As you may have noticed from my last few short posts here, I’ve been doing more writing over on Justia’s Legal Marketing & Technology Blog this year than in years past and as such I proposed the idea of live blogging sessions at Google I/O this year. My suggestion was readily approved and I set to work on planning which sessions I would Live Blog.
In the end I Live Blogged 7 sessions over the course of the 3 day conference and wanted to make sure those that follow me on my personal blog knew about them. Check out the list of sessions I ended up blogging, with links over to the individual live blog posts after the break.
Continue reading “Seven Blog Posts in Three Days”
My latest overview post on Justia’s Legal Marketing and Technology Blog is all about the Robots Exclusion Standard. I explain reasons why you may need to block certain content from search engines, as well as explain the different mechanisms available to you to do so. Check it out!
My latest post on Justia’s Legal Marketing & Technology Blog just went live and it is all about Structured Data and the Semantic Web. I talk and write quite a bit about the Semantic Web and decided it was high time I write a primer on just what it is and why it is important. Be sure to check it out over on Justia’s blog.
Automattic’s Jetpack Wordpress plugin now lets you automatically post your blog posts to Google+ on publish
Many people have long lamented that unlike Twitter, Facebook, LinkedIn, Tumblr, and many other services, Google+ does not let you use an API to post. There is an API for posting to Google+ Pages, but Google is restricting this feature to approved services. Apparently WordPress.com is one of those services, and in the latest 2.7 version of the Jetpack plugin for self-hosted WordPress blogs released yesterday, they are extending that service to your own self hosted WordPress blog.
It is interesting to note that the blog post on Jetpack’s blog indicates that this feature works both for Pages and individual profiles as well, which the Google+ Platform API documentation specifically says you cannot do.
This helps save time and energy when posting blog posts, and also helps if you schedule your blog posts for later. With this feature you can now schedule your blog posts to post at a specified time and rest easy knowing that it will be shared to Google+ at the same time. This is also a great feature for multi-author blogs. You can add multiple Google+ Profiles and Pages to the feature and have your posts post both to your individual profile as an author and to a shared page for the blog as a whole.
In the past, Google has specifically shied away from adding an API that will allow people to automatically post to Google+ in fear of becoming flooded with app-posted junk posts that have plagued Twitter and Facebook for years. This is why Google has kept the list of apps that can post to Google+ limited. It’s important to note that JetPack does not post to Google+ directly, but instead, like the rest of the services on JetPack, calls to an API on WordPress.com to have Automattic’s servers post for you.
Publicize also supports automatic posting to Facebook, Twitter, Tumblr and Path.
In light of the massive wordpress brute force attack going on, here is some advice to lock down your blog from being attacked.
After my blog was hacked a few months ago, I’ve been understandably more security conscious on my blog. One of the things I’ve done is install a few security plugins (most notably Wordfence Security). Wordfence is an absolutely fantastic security plugin, it monitors the files in your site to make sure that they don’t change unexpectedly, and more importantly it monitors login attempts (and other page requests on your site) for potentially harmful login attempts.
Over the past few weeks a global brute force attack has been targeting wordpress installations. I first found out about it because Wordfence started notifying me that there were more failed login attempts than usual.
Protect yourself and your blog with the following crucial steps:
- Don’t use “admin”:
- If you have a user named “admin” on your wordpress installation, get rid of it! If it is your only admin user, create a new one, log out of admin, and in as your new admin user, and then delete the user named “admin.” The brute force attack is trying thousands of passwords with the user named admin.
- Use a good password:
- Please don’t use “password” or “admin” or “god” or your birthday, pet’s name, or any other easily guessed password. Use a good password. The brute force attack is trying both a list of the top 10,000 passwords, and a dictionary random word attack. Protect yourself, don’t use a password that is easily broken!
- Use a security plugin to prevent login attempts:
- As I mentioned above, I use Wordfence Security by Mark Maunder. This plugin is fantastic. Not only can you set it up to lock people out if they fail to log in a certain number of times, but you can rig it where if they try a username you don’t have (like admin, because you followed step 1) it will lock them out immediately.
- It will also notify you when it has locked someone out, and can notify you if someone successfully logs in. This way you can have a warning if someone does manage to break through your secure password.
- It also monitors the files on your wordpress installation and notifies you if any of the files in your themes and plugins unexpectedly changes. This is a great plugin and I highly recommend it.
I hope this helps you secure your blog from this attack.
Battering Ram Image Credit: flickr.com/noii
No it was not because I was lazy and didn’t keep my blog up to date because I did. The blog was already running the most up to date version of wordpress available. The compromise most likely came through a vulnerability in one of the plugins or in the theme I was using.
My first inclination would be to pretend that such an embarrassing lapse of security never happened, but I thought that perhaps the tale of how I’ve brought things back up might help others who find their websites hacked as well.
Continue reading “Losing my Geek Cred: Nick.pro hacked”
Web Intents in Google Chrome 19+ changed what happens when you view an Atom or RSS Link, here’s how to get your XML Back
Since the very beginning, when met with an Atom or RSS feed, Google Chrome responds by rendering the XML as unformatted xml (unless your feed happens to have an XSL stylesheet like feedburner adds). One of the earliest bugs reported to Google is that this should not be, that it would instead be more friendly to invite the user to subscribe to the feed in a feed reader (like Firefox does) or render the feed yourself (like Safari does).
In the recently released stable Chrome 19, one of the new features is that instead of displaying the XML as unformatted xml, it fires off a view web intent instead. This may be a good first step towards making feeds friendlier to use. Instead of seeing a page the average reader doesn’t understand, they could be shown their own apps that they’ve installed. Continue reading “Web Intents are Great – Web Intents are Horrible”
I’ve been fighting with the PubSubHubbub protocol over the last few days. I apologize for the test posts which have been causing annoyances to what few readers I actually have. For those of you who have no idea what PubSubHubbub is, it is a method of allowing people to get updates about new blog posts in real time (or near real time).
Continue reading “What’s all the Hubbub about anyway?”
Even though my blog is self hosted, I like many wordpress users use wordpress.com stats from the Jetpack plugin.
This year, the great people at WordPress.com decided to create some really great looking Annual Reports for blogs using wordpress.com stats.
In 2011 I wrote only 12 posts, which is really pathetic, but nowhere near as bad as 2010 where I posted a whopping 3 posts. I resolve in 2012 to write more often.
My most popular post of the year? Pottermore Cheats: Earning more house points through failure then success in potion making where I outlined the flaws evident in the Potions system on Pottermore, which have since been fixed as I mentioned in my second most popular post of the year.
Check out Jetpack.me’s full 2011 year in blogging on nick.pro report.
Over a year ago, I migrated nick.pro from WordPress over to Drupal. I did this so that I could experiment with Drupal more, thinking I could make a more robust site if I did so. Unfortunately, while Drupal is a fantastic, flexible platform for web development, it is simply not efficient as a blogging tool.
Drupal was so cumbersome to use as a blogging tool that I ended up stopping blogging altogether. So for the first time in years of migrating this blog around and around, I’m reverting it back to a previous home on wordpress.
In the last year wordpress has come a long way, with lots of great new features that makes blogging even simpler then it was before.
I in no way mean to bash drupal, it’s still far and away the best CMS system out there for developing complex sites, but for a blog… it’s good to be home. My hope with this migration back to WordPress is that it will lite a fire under me to blog again. No more can I shirk my blogging responsibilities with the whine that writing a post in drupal is just too much work.