I have no major beef with Creative Commons. To the best of my knowledge those that make their works available through CC are good, well-meaning people. I have used a few CC images and I am grateful for them. I do have a Creative Commons quibble though …
‘Correct’ attribution: Copyright vs. Creative Commons by @bryanMMathers is licenced under CC-BY-ND
There is a very special place in hell reserved for those who subject their website visitors to pop-ups. It is below the level of serial killers and just slightly above the level reserved for Hillary Clinton. Pop-ups are so viciously, fundamentally evil it would not surprise me to learn that Hillary herself invented them, perhaps with assistance from Internet-inventor and billionaire climate alarmist Al Gore.
Choosing images to use in my pages and posts can be a minefield. How do I steer clear of unintentional copyright infringement? I could pay for commercial images from a reputable supplier, but that would violate my guiding principal of not paying for web stuff when at all practical. My preference is to always use images that are verifiably public domain. When I can’t find or create an applicable public domain image I resort reluctantly to Creative Commons, though I cringe at the hypocritical requirements and restrictions.
In other posts I give my point of view on the security advantages of using Cloudflare. But what’s to stop a bad guy, gal, or bot from accessing my site directly by IP address? I can try to keep my IP address secret, but a determined hacker will find it without too much trouble. He or she or his/her robot minions could then avoid Cloudflare security by attacking my site directly – unless I take explicit measures by allowing only Cloudflare traffic.
An interest of mine, in addition to WP, is document accessibility. Over the years I’ve learned quite a bit about it, in particular relating to PDF files. My website on the topic is TaggedPDF.com. I know much less about web accessibility, just have never made it a focus of study since from an income perspective (another interest of mine) it seems to be well-covered by others. So, I got to wondering, how are my sites when it comes to WP accessibility?
It’s Sunday, too hot to be outside, and I’m kinda bored. I think just for fun I’ll test-drive a few of the website speed checkers that clutter the web. Speed matters. WP, like any CMS, is handicapped from the start. My browser asks a flat html site for a page, the site says “OK, here you go.” By comparison, WP says “OK, sure. Hang around a bit. I’ll query and pull a bunch of stuff from the database, fetch some images, some CSS and Javascript files, and build that page for you.” So, I do what I can – or at least what I think makes sense – to make my sites speedy.
Since 2011 Cloudflare, even on their free tier, has offered a very promising, very frustrating feature called Rocket Loader. Rocket Loader promises to greatly accelerate the loading of JavaScript, turbocharging JavaScript-heavy sites like those that use WP.
Read more Rocket Loader rocks! (finally)
One thing that consistently amuses me on the usually excellent WP support forum is the experts’ responses to questions about bad bot login attempts …
Bots constantly pound away at WP login pages – usually using ‘admin’ as username and a list of common passwords. These hacks are easy to thwart. Just use a non-obvious username and strong password. Problem solved, right? Well, kinda – with a strong password and a username other than ‘admin’, I won’t be hacked by this vector. But I refuse to accept my site being constantly under attack as somehow ‘normal’.
Should my websites use standard plain text http, or https (i.e. SSL)? I need to consider ease of implementation, search engine optimization (SEO), security, and speed.
Web cache deception hacks are a fairly recent threat, first described by Omer Gil in February 2017. In certain situations a hacker could leverage a misconfiguration between a web server and a proxy cache like Cloudflare to reveal sensitive information that could help the hacker takeover my account. To be honest, this seems like a very unlikely threat. The situations that could cause it seem complex and obscure, and large scale attacks of this sort have not been observed in the wild.
The free WP Health Check plugin is a relatively new arrival, having been introduced a few months ago by “The WordPress.org community”. It has a remarkably polarized set of user reviews – divided almost exclusively between 5s (“Works great!”) and 1s (“Warning! Broke my site!”). The authors strongly urge to backup your site before installing and using this plugin – always a good idea.
The GDPR – the grotesque deprecation of personal responsibility, the ultimate pinnacle of arrogant, tyrannical, despotic big nanny government – is effective as of the date of this post. Do not go gentle into that good night. Rage, rage against the dying of your rights.
Also freedom to bear arms.
Apparently Norman Rockwell never illustrated that one. I bet it would have been cool.
Hotlinking is the practice of directly linking to images on a website and embedding them in another website. It has legitimate uses but is frequently used as a dastardly means of stealing both images and bandwidth.
With all the available choices of web development tools, why WP? The web is already rife with comparisons of WP and its competitors. No need for me to add to the clutter. Just sharing my point of view …
The best approach to installing WP is a surprisingly testy topic. Manual or auto WP install? WP purists espouse the manual method using the Famous 5-Minute Installation. Dunderheads like myself much prefer the automatic install script provided by web hosts.
