If in doubt; then delete

The title is a joke. I hate deleting things. A digital packrat, it takes knowing that deleting something will likely fix an actual problem to delete it. And my delete is to move it out of the way not actually destroy the file.

Anyway, I discovered this blog was hosed. I had noticed Gotcha Jerks Part II was missing from various social media sites. So, I went to post it and found the whole blog hozered. It just displayed a Fatal PHP Error for class.jetpack-tracks.php and so I started to look on the WordPress.Org support page when I decided to move the whole Jetpack plugin directory to jetpack.bad and “see what happens.” Well, that restored the blog. The plugin claimed it needed an upgrade, so I ran that. All is well.

Easier than my initial resignation.

I went to “diff -r jetpack.bad jetpack” to get a comparison of the differences between the bad one and the good one, but the bad no longer exists. Thus the title. I am considering deleting and reinstalling Jetpack to ensure what I have is pristine. I have a nagging feeling that the upgrade moved jetpack.bad to jetpack then updated some files. Delete and rebuild would give me more confidence I purged lingering bad code from the plugin. Additionally, the lingering issue from WordPress and SSL a month ago might be related? In sum, I suspect there are subtle issues lingering and a clean sweep is in order.

WordPress and SSL

For a while my self-hosted WordPress has been a royal pain in the ass. Trying to compose through the WordPress.com interface through Jetpack would show occasional errors that “Saving of draft failed” or an inability to communicate. Sometimes it was usable, sometimes there were so many errors I gave up and used the site. The site admin interface sometimes made me login every hour or every couple minutes.

I reinstalled Jetpack a couple times. I poked around on the WordPress support forums which I apparently could not search.

So I searched via Google and ran across this How to Fix WordPress Keeps Logging Out Problem article. It dawned on me that I had let my hosting provider setup SSL for the site. The WordPress Address and Site Address fields were using http. So I changed them to https. That seems to have solved the login issues.

I am writing this through the WordPress.com interface and got a failure on saving the draft. So there is something else to make it all better.

Scary Password Policy

Doing a training thing for work next week. The training coordinator sent an email to 25 of us about how to access the learning portal. The username is email and password is a single word with an exclamation point. My first instinct was get in ASAP and change the password since so many other people have access to my password.

Only.

There is no link. I click and click and clink. I cannot find it.

Finally, I look at the source code and notice features in it that reveal this portal is running on WordPress. So, I added “wp-admin/profile.php” to the URL and get a 404. I added it to the domain and bingo, I was at my own profile. So, I used the WordPress password feature to generate a strong password and change it.

I wonder how many people have taken training from these people and bothered to change the password?

WP to G+

WordPress Jetpack finally enabled publishing to Google+. So, I guess my blog posts will finally head there.

UPDATE: Google permissions are hard. The first test post showed it was “Shared privately” which by looking closer appeared only to myself. My default permissions for approved applications is “Only Me.” I had to go into Settings > Manage Apps & Activities > edit next WordPress.

WP Annoyance: False Plugin Compatibility

Before upgrading from WordPress 3.6.1 to 3.7, the Updates page said two plugins also in need of updates were both 100% compatible with 3.6.1 and unknown with 3.7. A conservative administrator might wait for WordPress to list 100% compatibility with 3.7 before upgrading to it. I upgraded anyway because really I use both fairly minimally.

After the upgrade I went to upgrade these plugins and both were listed at 100% compatible with 3.7. Seems unlikely both were fixed in under 2 minutes. So, it seems like even though the data was there for 3.7, for some reason it was obfuscated from 3.6.1? Annoying.

Posting To Your WP From Foreign Sites

(This assumes a WordPress.org site not one on Wordress.com hosting.)

Placing your username and password in the database of third party sites is not very good. If the account provided is the WordPress administrator account, then that means credentials for the most important account are potentially exposed. The password is going to be kept in the clear or in a form decryption is easy so it can be used to post to WordPress.

Better instead is to create a limited user with the Author role for this purpose. These accounts are so easy to create that I make one for every site I use to post to this blog. If any of these sites are hacked or the credentials otherwise given to others, then the potential damage is just the posts belonging to that user.

One stumbling block for this is WordPress.org installs want a unique email address for each account. A workaround I use is either generating email accounts via my hosting provider or the +anything for Gmail.

Also, it makes easy identifying the posts which came from the foreign source. My Goodreads posts are an example where that site is setup to post for an account I specially created for that purpose.

Disqus

I am trying out the Disqus comment system for this blog through the WordPress plug-in. I’ve had an account through them for years for my Tumblr. Not sure why I did not bite this bullet years ago. More and more sites I visit use it. It lets commenters authenticate through Disqus, Facebook, Twitter, or Google. The WordPress native comments are spam ridden even with Akismet. Plus the Disqus WordPress plugin is much more user and administrator friendly than Facebook Comments for WordPress.

Twexports

Data portability is good both for users and systems. But I like being able to export my data for another reason: search. Some times I want to build on an old conversation. It would be easier with an eidetic memory. Lacking that, knowing the terms I would have used, searching for it should yield that conversation. Except social media sites tend to suck at search. Twitter only goes so far back. Facebook searches contacts, pages, etc but not content like status updates. Even this WordPress site is far better at a term entered matching the same term that exists in the system.

Twitter intends to let us download a file with our tweets. I am excited because I can search it.

“We’re working on a tool to let users export all of their tweets,” Mr. Costolo said in a meeting with reporters and editors at The New York Times on Monday. “You’ll be able to download a file of them.”

Probably it will disappoint. The main disappointment will be that replies from others will not be present. So I will see where I address something to someone else, but not what they said to prompt the response or other’s followup. It will be like listening to someone have a conversation on a mobile phone where you get only half the conversation. At least, when I went to look at my earliest entries in Facebook’s archive file when it operated like Twitter, that was the disappointment I had.

P.S. What a bad title, right?
🙂

Information Diet

Do we consume too much information? I might. Lately I have thought about reducing the amount of following I do. Typically I hit this point when I realize it takes me all weekend to catch up. To be fair I reach this point by getting all caught up over a long weekend and seeking out new stuff.

  • 40% the blog or news feeds (over 100),
  • 40% Facebook friends (remove over 250),
  • 40% Tumblr following, (remove 45),
  • 40% Twitter following (remove 100),

Then there are the potential stoppages:

  • Stop following tags on WordPress.com, Tumblr, Blogspot, Flickr.
  • Stop using some social media sites entirely like Google+ or Diaspora.

Given my social preferences, I have lots of time to spend online.