I enjoy sharing the pathetic phishing emails that make it past my spam filters. After watching various waves of phishing campaigns come and go over the past 20 years, I have come to accept that it’s just a part of life on the Web. Phishing scams have been happening since the dawn of the Internet, with no signs of stopping anytime soon. About the best you can do is practice safe email handling practices and never open any links or […] Continue reading »
Quick tip for my free WordPress plugin, Simple Download Counter. SDC is optimized for successful downloads in most server environments, but there always is an exception to the rule. For example, on some servers, a download’s content-length header may be calculated incorrectly for GZIP and possibly other file formats. This tutorial explains how to define your own headers for downloads when using Simple Download Counter, so you can dial in perfect downloads for any server configuration. Continue reading »
BBQ Firewall is built to be powerful, lightweight, fast and flexible. It’s code base is kept super lean, leaving extra functionality out of core while supporting new features via simple addons. For example, this tutorial shows how to use an addon to display the total number of blocked HTTP requests on the plugin settings page. This can help you get a basic idea of the plugin’s effectiveness. Continue reading »
My free WordPress plugin, Disable WP REST API, disables the REST API for all users who are not logged in to WordPress. So if you’re using a plugin such as Contact Form 7 that requires the REST API, it’s not going to work if Disable WP REST API is active on site. But there is a way to make it work. This quick tutorial explains how to set it up in two steps. Continue reading »
Recently WordPress sites have been getting hammered with random-string comment spam. The attackers are clever, using random text strings for every vector except the payload, which usually is the URL used for the comment’s Name link. But for these weird comment spams, the apparent payload is the email address. It’s the only part of the comment that’s not made up of random gibberish. Continue reading »
I use domain-based emails for 99% of my email activity. The other 1% is comprised of assorted 3rd-party email services and temporary slash disposable addresses (like for testing purposes and one-off sign-ups, etc.). I can tell you whole-heartedly based on 20+ years working online that self-hosted email is THE WAY to go. Continue reading »
In case you hadn’t noticed, I’m on another one of my posting sprees. Going through the past year’s worth of half-written drafts and collected code snippets, and sharing anything that might be useful or interesting. Here is a bit of .htaccess that brings together several redirection techniques into a singular plug-&-play code snippet. Continue reading »
Your website’s robots.txt file probably contains some rules that tell compliant search engines and other bots which pages they can visit, and which are not allowed, etc. In most of the robots.txt files that I’ve looked at, all of the Allow and Disallow rules are applied to all user agents. This is done with the wildcard operator, which is written as an asterisk *, like this: User-agent: * This site’s robots.txt file provides a typical example. All of the allow/disallow […] Continue reading »
Prismatic is a free WordPress plugin that adds syntax highlighting to code samples. You can use either Highlight.js or Prism.js to make your code snippets look amazing. By default, Prismatic highlights code snippets in both post content and post comments. This quick tutorial shows how to disable highlighting in post comments by adding a simple code snippet to your WordPress. Estimated time to complete ~2 minutes. Continue reading »
Prismatic is a free WordPress plugin that adds syntax highlighting to code samples. You can use either Highlight.js or Prism.js to make your code snippets look amazing. This quick tutorial shares a way to customize Prismatic to save time scrolling thru a bunch of language options. Huge time-saver and simple to implement in a few minutes. Continue reading »
I have thought a lot about making an nG WordPress plugin. The problem is that writing to .htaccess via PHP/plugin is risky with lots of ways to fail and make users confused and angry. And nobody wants that, in fact just the opposite: my plugins strive to give users the most awesome experience possible. Continue reading »
Simple Download Counter is a free WordPress plugin that does exactly what it says: counts the number of times your files are downloaded. SDC is designed for maximum ease of use. The goal is a clean, lightweight “set it and forget it” solution for keeping track of downloads. Simply add your files via the plugin settings and display download links via shortcodes. Simple Download Counter does the rest. Continue reading »
New WordPress plugin! Simple Login Notification does one thing and does it well: sends an email alert whenever an admin-level user logs in to your site. I use this plugin on all of my sites to keep an eye on any unauthorized activity. Not that I’m expecting any, but if it does happen I definitely want to know about it. The plugin size is only 4 KB (zipped) with virtually zero impact on performance or anything else. Win win win, […] Continue reading »
I’ve been developing WordPress chat plugins for over 10 years, and have received tons of great user feedback for the free version of Simple Ajax Chat (SAC). So many ideas and ways to improve the plugin that it just made sense to bring it all together and build a new “pro” version. So after several months of intense plugin development, I am excited to launch my latest WordPress plugin, SAC Pro. SAC Pro is completely rewritten from the ground up, […] Continue reading »
When I spend time on something, like an interview, I like to know that it was actually published somewhere. Below is an interview that I completed for a web-hosting company that apparently now is missing in action. It covers how I got into web development, upcoming projects, web security, work flow, writing books, WordPress, and more.. Continue reading »
WordPress 5.7 features a new Robots API that provides filter-based control over the robots meta tag. So if your site is running WordPress 5.7 or better, you will notice a new <meta /> tag included in the <head></head> section of your web pages. By default, the meta tag added by WordPress has a value of max-image-preview:large, which is fine IF it is the only robots meta tag on the page. If your site already has its own meta robots tag, […] Continue reading »