Nov
11
2008
0

Safer Software Practices

Wordpress

Wordpress

I’ve been upgrading to the latest releases of WordPress as soon as each one comes out.  And, its a good thing too.

Over the last week or two a website named “Wordpresz.org” ((I’ve edited the link so that it goes to WordPress.org instead.  I don’t want contribute to these hackers fooling anyone else.)) was discovered.  The people who created this website were using a vulenerability in WordPress version 2.6.2 to redirect users to their website.  Their website purported to release WordPress version 2.6.4[1].  The problem was that they had hacked one file in the installation package to create a bigger security vulerability.

This just goes to show that:

  1. Monitor for Updates. Many programs these days automatically check to see if new versions are available.  If the program does not have this feature[2] , its a good idea to check about once a month or so.
  2. Update Frequently. Not all software updates are equal.  If the program is being updated to fix security vulnerabilities or improve the program’s stability, you definitely want to install the update.  This website’s installation of WordPress was already “inocculated” against this kind of attack because I had alled version 2.6.3 almost as soon as it came out.
  3. Use Official Sources. WordPress is open source software built using PHP and MySQL.  Since the program is open source, its easier to modify the code. ((As Uncle Ben said, “With great power comes great responsibility.”))  The themes and plugins available through WordPress.org are reviewed by other users for malicious code and for possible improvements.  If you’re not certain how to examine source code for malicious code, its best to only use official sources.
  1. The latest version is 2.6.3 which is just version 2.6.2 with a small but important security fix. []
  2. Or if you turn it off, as I sometimes do. []
Oct
24
2008
0

WordPress Update to v2.6.3

Wordpress Upgrade

Wordpress Upgrade

Quick Update

or those of you keeping score at home, I’ve updated to WordPress v2.6.3 last night. [1]  This version was released as a security fix.  Unlike other WordPress upgrades, this one took only a few seconds.

Less Quick Updates

Admittedly, prior updates probably only take about 10 minutes, max.  This 10 minutes includes roughly 9 minutes of backing the website and database up and 1 minute of actually uploading the new version.  Since the 9 minutes of backing up is essentially all processing/downloading time, there’s nothing for me to monitor which makes the whole process very painless.

Upcoming Updates

The kind folks over at WordPress have been hard at work on the version 2.7. [2]  If you scan through the above link, you’ll get to see what the new WordPress 2.7 control panel/dashboard is supposed to look like.

Best Thing About WordPress

(If you just can’t wait, skip down two paragraphs.)  Regular readers have heard me go on and on about the virtues of WordPress. [3]  The interesting thing about new versions of WordPress is that any upgrades would be seamless to a website visitor. [4]

A website that is easy to read is a function of the author

Website content is really all that matters to a website visitor.  Visitors don’t care about what software a website owner is using – just as long as the content is useful. [5]

A website that is easy to write is a function of the program

The single best thing about WordPress is that this program makes maintaining a website a breeze.  I would recommend WordPress to absolutely anyone interested in creating a website.  For the novice, the program makes it easy to write, edit, and delete single pages or the entire website without any knowledge of programming.  For the tech-minded, the program makes it easy to install, upgrade, and personalize a website.

If you know a little PHP, MySQL, and javascript you could do some c-r-a-z-y things with WordPress. [6][7][8]

  1. Talk about unnecessary decimal places. []
  2. I call them “kind” since a lot of these people are working for free. []
  3. You know, you three should really form some kind of support group for people who read unnecessarily nerdy and self-referential blogs. []
  4. I think its interesting, anyhow. []
  5. If they don’t care about what kind of software, they sure as heck don’t care its version 2.6.3. []
  6. You could even put together your own workers compensation calculators and EAMS search engines! []
  7. Am I going overboard with these footnotes? []
  8. The answer is “No, I’m not going overboard.”  In the immortal words of Ferris Bueller, “You can never go too far.” []
Sep
19
2008
1

Virtual Real Estate – Part II – Less Obvious Benefits

Got Spam?

Got Spam?

The last post in this series was about the obvious benefits of owning your own web space and domain name.  However, there are a lot of other benefits which might be less obvious.  Frankly, I didn’t realize these benefits until well after I had set up my own website.

Virtual Real Estate – Part II – Less Obvious Benefits

  1. Outsmart spam. When I need to sign up for a new online service or website, I just create a new e-mail address – and point it to my real e-mail address.  For example, If I want to sign up for PDRater.com, I register with the address, “pdrater@my-very-own-domain.com.”  If I start getting spam sent to that address – I delete the e-mail account!
  2. Organization. Just as with spam avoidance, I can create e-mail accounts for differnet purposes and have them all routed to the same place.  Later on, I can search for information I sent myself (or had others send me) by searching for “todo@my_very_own_domain.com.”
  3. Portability. If you may need files while you’re out and about, just upload them to your website and have the file available anywhere.
  4. Redundancy. There are a lot of companies that charge for online backups.  Why not just do it yourself?
  5. Resiliency. I made a point of purchasing the domain names through a different company than the one hosting my web space.  If one of those companies were to suddenly go off-line, I would be able to put up a new site in roughly an hour.  If the web host is down, just upload a new copy of your website to a new host and connect it to your original domain name.  If the domain name host is down, just buy a new domain name and point the web host to the new name.

Next in this series: I haven’t thought of a next segment yet!

Sep
18
2008
1

Virtual Real Estate – Part I – Obvious Benefits

Virtual Realty (get it?)

Virtual Realty (get it?)

I purchased my first domain name and web space in August of 2007.  Since that time I’ve probably purchased about a dozen more domain names.  There are some fairly obvious benefits to owning your own domain name and web space.[1]

Virtual Real Estate – Part I – Obvious Benefits

  1. Your own website! Admittedly, there are a lot of ways to get a website for free, but there are always tradeoffs (pop-up ads, no creative control, ads inside your pages).
  2. Accountability. When you own your own webspace, your web host is responsible for taking care of problems when things go wrong.
  3. More features. When you’re paying for your own webspace, you can set up your own MySQL databases, install programs like WordPress, set up an FTP account, etc.
  4. Custom e-mail addresses. Always wanted “I-Hate-Clowns@SuperCoolAwesome.com”?  Good news!
  5. Hopeless customizerI’ve already confessed my need to customize just about everything.  Being able to tinker with every little setting on a web server is a customizer’s dream.

Next in this series: Part II – Less Obvious Benefits

  1. Its more like leasing, but whatever. []
Aug
25
2008
1

Inside the Calculators – Part IV – MySQL

I recently gave a brief overview of my permanent disability and workers’ compensation benefit calculators. In that post I wrote a little bit about how my online benefits calculators work. Since then I’ve posted about my use of javascript, PHP, and AJAX in creating these permanent disability and permanent impairment calculators.

As I mentioned in the prior post in this series, my first few versions of this website and its workers’ compensation calculators did not use MySQL.  The initial versions of this site only saved information – which meant I only had to use PHP to open a file on the server, add an extra line of information, and then close the file.  This had several problems:

  1. Once my website became more popular, it was not uncommon to have more than one user online.  That meant the server tried to open the file – but couldn’t since it was already open.  This caused the program to freak out.
  2. In order to view just a little bit of information, I had to download the entire file.  This got crazy pretty quickly.
  3. Each time the file got larger, it would take slightly longer to open, append with more information, and close.

MySQL is an incredible tool for storing, organizing, and retrieving a large amount of data.   Like PHP, it is also open-source.  This means it is:

  • Well supported.  There are lots of online resources and books to help you learn.
  • Secure.  Lots of people spend a lot of time thinking of ways to prevent security vulnerabilities.
  • Customizable.  You can configure or even rewrite it, if you wish.
  • Interoperability.  You can save it to just about any format – including MS Excel spreadsheets.
  • Free.  Unlike Oracle or any of the MS alternatives, it is totally free.

So, why did I avoid MySQL?  I didn’t want to have to learn a whole new programming language.  I had to learn how to set up a database, tables within the database, how to search for information in a table, how to put information into a table, and how to change information which was already in a table.  There was a lot of trial and error.  I ended up doing some pretty cool things in the process of learning this language.  Some examples:

  • Teaching others some of the basics of MySQL
  • Writing a program for cataloging books
  • Writing several programs which performed various calculations to track invoices, billings, etc
  • Setting up several blogs/websites

The end result of learning this language is a more interactive website.  One of the last incarnations of this site was a version that would show different color schemes, advertisers, and messages depending upon the user.  All of this was made possible by large amounts of data stored in MySQL.

Thus ends my technical overview of my workers’ compensation permanent disability calculators!  If you have any questions, please feel free to email me or leave a comment below!

Use of this site constitutes agreement to its Terms of Use, Privacy Policy and Legal Disclaimer.
Copyright 2007 - 2017 - PDRater – PD calculators and Jay Shergill
Powered by WordPress | Aeros Theme | TheBuckmaker.com WordPress Themes