Seven Blog Posts in Three Days

Google I/O 2017 Keynote

Last week Barbara and I attended the annual Google I/O Developer’s conference in Mountain View.  We’ve attended every year since the first one back in 2008 and were glad to continue the streak.

As you may have noticed from my last few short posts here, I’ve been doing more writing over on Justia’s Legal Marketing & Technology Blog this year than in years past and as such I proposed the idea of live blogging sessions at Google I/O this year.  My suggestion was readily approved and I set to work on planning which sessions I would Live Blog.

In the end I Live Blogged 7  sessions over the course of the 3 day conference and wanted to make sure those that follow me on my personal blog knew about them.  Check out the list of sessions I ended up blogging, with links over to the individual live blog posts after the break.

Continue reading “Seven Blog Posts in Three Days”

Automatically post your WordPress blog to Google+ with Jetpack

Many people have long lamented that unlike Twitter, Facebook, LinkedIn, Tumblr, and many other services, Google+ does not let you use an API to post.  There is an API for posting to Google+ Pages, but Google is restricting this feature to approved services.  Apparently WordPress.com is one of those services, and in the latest 2.7 version of the Jetpack plugin for self-hosted WordPress blogs released yesterday, they are extending that service to your own self hosted WordPress blog.

It is interesting to note that the blog post on Jetpack’s blog indicates that this feature works both for Pages and individual profiles as well, which the Google+ Platform API documentation specifically says you cannot do.

This helps save time and energy when posting blog posts, and also helps if you schedule your blog posts for later.  With this feature you can now schedule your blog posts to post at a specified time and rest easy knowing that it will be shared to Google+ at the same time.  This is also a great feature for multi-author blogs.  You can add multiple Google+ Profiles and Pages to the feature and have your posts post both to your individual profile as an author and to a shared page for the blog as a whole.

In the past, Google has specifically shied away from adding an API that will allow people to automatically post to Google+ in fear of becoming flooded with app-posted junk posts that have plagued Twitter and Facebook for years.  This is why Google has kept the list of apps that can post to Google+ limited.  It’s important to note that JetPack does not post to Google+ directly, but instead, like the rest of the services on JetPack, calls to an API on WordPress.com to have Automattic’s servers post for you.

Publicize also supports automatic posting to Facebook, Twitter, Tumblr and Path.

Warning: WordPress Brute Force Attack

Battering Ram Image Credit: flick/noii

After my blog was hacked a few months ago, I’ve been understandably more security conscious on my blog.  One of the things I’ve done is install a few security plugins (most notably Wordfence Security).  Wordfence is an absolutely fantastic security plugin, it monitors the files in your site to make sure that they don’t change unexpectedly, and more importantly it monitors login attempts (and other page requests on your site) for potentially harmful login attempts.

Over the past few weeks a global brute force attack has been targeting wordpress installations.  I first found out about it because Wordfence started notifying me that there were more failed login attempts than usual.

Protect yourself and your blog with the following crucial steps:

  1. Don’t use “admin”:

    • If you have a user named “admin” on your wordpress installation, get rid of it!  If it is your only admin user, create a new one, log out of admin, and in as your new admin user, and then delete the user named “admin.”  The brute force attack is trying thousands of passwords with the user named admin.
  2. Use a good password:
    • Please don’t use “password” or “admin” or “god” or your birthday, pet’s name, or any other easily guessed password.  Use a good password.  The brute force attack is trying both a list of the top 10,000 passwords, and a dictionary random word attack.  Protect yourself, don’t use a password that is easily broken!
  3. Use a security plugin to prevent login attempts:
    • As I mentioned above, I use Wordfence Security by Mark Maunder.  This plugin is fantastic.  Not only can you set it up to lock people out if they fail to log in a certain number of times, but you can rig it where if they try a username you don’t have (like admin, because you followed step 1) it will lock them out immediately.
    • It will also notify you when it has locked someone out, and can notify you if someone successfully logs in.  This way you can have a warning if someone does manage to break through your secure password.
    • It also monitors the files on your wordpress installation and notifies you if any of the files in your themes and plugins unexpectedly changes.  This is a great plugin and I highly recommend it.

I hope this helps you secure your blog from this attack.

Battering Ram Image Credit: flickr.com/noii

Losing my Geek Cred: Nick.pro hacked

If you attempted to visit my blog on Friday using either Firefox or Chrome, you most likely received a warning that the site was compromised and dangerous.  While I’m still not sure how they got through, I can tell you that my blog was compromised.  Code was injected into the site in every place where javascript was being output that attempted to install malware on the computers of people who visited nick.pro.

No it was not because I was lazy and didn’t keep my blog up to date because I did.  The blog was already running the most up to date version of wordpress available.  The compromise most likely came through a vulnerability in one of the plugins or in the theme I was using.

My first inclination would be to pretend that such an embarrassing lapse of security never happened, but I thought that perhaps the tale of how I’ve brought things back up might help others who find their websites hacked as well.

Continue reading “Losing my Geek Cred: Nick.pro hacked”

Web Intents are Great – Web Intents are Horrible

Since the very beginning, when met with an Atom or RSS feed, Google Chrome responds by rendering the XML as unformatted xml (unless your feed happens to have an XSL stylesheet like feedburner adds).  One of the earliest bugs reported to Google is that this should not be, that it would instead be more friendly to invite the user to subscribe to the feed in a feed reader (like Firefox does) or render the feed yourself (like Safari does).

In the recently released stable Chrome 19, one of the new features is that instead of displaying the XML as unformatted xml, it fires off a view web intent instead.  This may be a good first step towards making feeds friendlier to use.  Instead of seeing a page the average reader doesn’t understand, they could be shown their own apps that they’ve installed. Continue reading “Web Intents are Great – Web Intents are Horrible”

2011 on Nick.pro

FireworksEven though my blog is self hosted, I like many wordpress users use wordpress.com stats from the Jetpack plugin.

This year, the great people at WordPress.com decided to create some really great looking Annual Reports for blogs using wordpress.com stats.

In 2011 I wrote only 12 posts, which is really pathetic, but nowhere near as bad as 2010 where I posted a whopping 3 posts. I resolve in 2012 to write more often.

My most popular post of the year? Pottermore Cheats: Earning more house points through failure then success in potion making where I outlined the flaws evident in the Potions system on Pottermore, which have since been fixed as I mentioned in my second most popular post of the year.

Check out Jetpack.me’s full 2011 year in blogging on nick.pro report.

Migrated Back to WordPress

wordpress powerOver a year ago, I migrated nick.pro from WordPress over to Drupal.  I did this so that I could experiment with Drupal more, thinking I could make a more robust site if I did so.  Unfortunately, while Drupal is a fantastic, flexible platform for web development, it is simply not efficient as a blogging tool.

Drupal was so cumbersome to use as a blogging tool that I ended up stopping blogging altogether.  So for the first time in years of migrating this blog around and around, I’m reverting it back to a previous home on wordpress.

In the last year wordpress has come a long way, with lots of great new features that makes blogging even simpler then it was before.

I in no way mean to bash drupal, it’s still far and away the best CMS system out there for developing complex sites, but for a blog… it’s good to be home.  My hope with this migration back to WordPress is that it will lite a fire under me to blog again.  No more can I shirk my blogging responsibilities with the whine that writing a post in drupal is just too much work.