In late January 2020, Jeff Starr of Perishable Press transitioned the 7G Firewall from beta to production, but I just caught wind of it today.
Rambling thoughts about WordPress
If you give a mouse a cookie, he’s going to ask for a copy of your privacy policy
All my websites should have a Privacy Policy. Even though its a GDPR requirement, and it would please me to replace my privacy policies with a simple statement: “Privacy Policy deleted to annoy evil European despots.”
Read more If you give a mouse a cookie, he’s going to ask for a copy of your privacy policy
Switching Themes – Wonkiness Expected
My site may look a bit wonky for awhile – I’m not sure how wonky or for long. I gotta switch themes.
Cloudflare and the Incredible Magical Expanding IP Whitelist
Doing some routine firewall tinkering in Cloudflare, I happened to notice that my IP whitelist – which I have never deliberately added anything to – had grown huge. Apparently it had been growing slowly over the years, I just didn’t notice.
Read more Cloudflare and the Incredible Magical Expanding IP Whitelist
The Tor Dilemma
HSTS
Along with DNSSEC, HTTP Strict Transport Security (HSTS) is an important but under-implemented web security protocol. Unlike DNSSEC though, HSTS seems to finally be on its way, slowly but steadily, toward widespread implementation. HSTS is currently used by about 12.5% of all websites, and is supported by newer versions of major web browsers. Read more HSTS
DNSSEC – why is it so rarely used?
One of the many great reasons to use Cloudflare is its easy-breezy, user-friendly support for DNSSEC, even on the free tier. Read more DNSSEC – why is it so rarely used?
Good bots
Cloudflare offers a field called cf.client.bot that I can use to avoid having my firewall rules inadvertently block search engines and other good bots. But what does Cloudflare consider a “good bot”, and does their definition match mine? Kinda hard to say. Cloudflare does not make an up-to-date list of good bots available to the public. But, I can set a firewall rule to Allow cf.client.bot, then monitor the firewall event log over time to see which bots are being allowed. I’m unlikely to catch all the good bots, but I will get a pretty good idea. Read more Good bots
Helpful Online Resources
Some of the helpful free online resources I use … these are not specific to WP …
Lazy Loading Images
Doing some routine research, I came across an article titled WordPress 5.4 Will Add Lazy-Loading to All Images. It got me thinking – I had never bothered with lazy loading. Maybe I should. I wonder how much it improves load time. Read more Lazy Loading Images
WP as FrontPage
Way back in the prior millennium I got my start developing websites using FrontPage. FrontPage was much maligned by web elitists, but it worked great for me. Its intuitive WYSIWYG editor is still my favorite of all that I’ve used. I clung to my flat HTML site for years after FrontPage was discontinued, struggling to update it using whatever free tool Microsoft offered at the time. Finally in 2015 this approach – using crappy tools to maintain an antiquated site – became so obviously untenable that I was forced to find another solution. I found WordPress, fell in love with it, and never looked back.
Cloudflare slopes get slippery
For many years since it’s founding in 2009, Cloudflare stood firm as a bastion of Internet freedom, refusing to police the content of the sites that use its services.
Three Simple Rules
It just keeps happening. WordPress sites keep getting hacked. It seems like every week there is another news story about a massive brute force password attack or a vulnerability in a popular plugin. But I don’t need to fret if I just follow three simple rules …
Battling the Bots
What bots should I welcome onto my site, and which should I block? Ideally, I’d like to allow only good bots, and block all others. This turns out to be impractical to achieve, but I’ll do the best I can.
Read more Battling the BotsFree Professional Themes and Plugins
A hacker outfit calling itself WP-VCD has become a prevalent source of malware infections by exploiting a basic human weakness – our love of free stuff.
