Fix to Try if WordPress Won’t Allow Comments

Posted on February 22, 2019 by curiouscat

One of the my blogs stopped allowing comments. If you experience this is might be due to an issue with https. The blog in question was serving https pages and everything had been working previously. I am not sure when the issue first appeared, but I noticed it after updating to WordPress v 5.1.

When I looked at the page source I could see the comment form was trying to submit to http (even though it was being submitted from a https page). I received a message that the page was going to be submitted in an insecure manner and did I want to submit anyway. I said yes and a new page was loaded (though it was blank). But no comment was submitted to the wordpress database.

Using another browser it gave a 405 error.

This page isn’t working
If the problem continues, contact the site owner.

HTTP ERROR 405

I couldn’t figure out why it was submitting to http. I remembered there is a general settings page (/wp-admin/options-general.php) and I went there and noticed the

WordPress Address (URL)
and
Site Address (URL)

fields were set to http. I updated them to https and then everything worked fine.

Copy Text From a File in Terminal

Posted on May 20, 2018 by curiouscat

If you just want to quickly copy the text of a file to the clipboard while in terminal you can just use:

cat [filename]

That will display the full text of the file to the terminal and you can just highlight the text and copy.

One case where this can be useful is as a quick and simple way to copy text to the clipboard of your laptop when you ssh into a remote server. If contents of the file are larger than a screen it can be difficult to scroll and copy the text you want to copy without using the cat command.

As a reminder: The intention for this site is quick and easy sample code and syntax reminders. I frequently forget the basic syntax of some thing I don’t use frequently and at times find it hard to find the simple basic information I want.

Fixing a Problem with WordPress Trackbacks and Pingbacks

Posted on April 29, 2018 by curiouscat

Trackbacks and pingbacks stopped working on several of my blogs. It turned out to be quite time consuming figuring out what was causing the problem. Eventually the following worked:

Installing php-xml

sudo apt-get install php-xml

And commenting out a check for empty $context variable (this doesn’t really make sense as the variable isn’t empty at this point but until it was commented out it just silently didn’t work) in the file wp-includes/class-wp-xmlrpc-server.php.

// if ( empty($context) ) // Link to target not found // return $this->pingback_error( 17, __( 'The source URL does not contain a link to the target URL, and so cannot be used as a source.' ) );

Anyway if the initial steps you take to deal when trackbacks and pingbacks on your blog stop working you might want to try these steps that worked for me.

Web Site Performance Monitoring Tools: Load Testing

Posted on July 14, 2017 by curiouscat

Determining the performance of web site and web applications is important. In order to create sites users want to visit they need compelling content but they also need to provide the performance users expect.

One of the wonderful aspects of creating web applications is the availability of software as a service solutions to meet your needs. These include monitoring tools and tools for testing the performance of your sites.

Image of LoadView testing - $9.99/mo + load test costs of each test

In this post I look at load testing using LoadView Stress Testing service. Tests are not cheap. The cost is $9.99 a month for an account plus the costs of each stress test you run. The next image shows the breakdown of a small stress test on this blog which cost $8.25 to

image of a small load test cost breakdown ($8.25 total)

Continue reading →

Don’t Assume All Web Users Have a Fiber-like Connection

Posted on February 8, 2017 by curiouscat

I have pointed out for more than a decade how poorly many web pages are coded. They often assume a very low latency connection and without it the user experience is poor.

Most of the web really sucks if you have a slow connection

The flaw in the “page weight doesn’t matter because average speed is fast” is that if you average the connection of someone in my apartment building (which is wired for 1Gb internet) and someone on 56k dialup, you get an average speed of 500 Mb/s. That doesn’t mean the person on dialup is actually going to be able to load a 5MB website.

This is so true. While living in Asia I had a perfectly good connection to watch high resolution video but just the latency would cause many websites to be unusable (or so frustrating you wouldn’t want to use it). The huge number of files that must be downloaded as well as the large size of that content is something that most sites don’t care about. I can only assume they just test the pages on their fiber connection and if it works they are ok. This is a very bad idea for nearly every website.

When I was at Google, someone told me a story about a time that “they” completed a big optimization push only to find that measured page load times increased. When they dug into the data, they found that the reason load times had increased was that they got a lot more traffic from Africa after doing the optimizations. The team’s product went from being unusable for people with slow connections to usable, which caused so many users with slow connections to start using the product that load times actually increased.

This illustrates some additional interesting tidbits: learning from data requires thought, potential customers are avoiding you for reasons you are likely unaware of. Learn to get a deep understanding of your customers and potential customers focus on the customer’s “Jobs to be Done.” Also learn to be thoughtful about the use of data: Understanding Data, Simpson’s Paradox, Managing to Test Result Instead of Customer Value, All Data is Wrong, Some is Useful, Data is only a Proxy – it isn’t reality.

The quoted post is good. But it doesn’t display a date 🙁 This is a very bad oversight for such an article (where the date of the article can greatly impact what you take from of it). By looking on the RSS feed I was able to see it was published in 2017.

Good Rails Security Checklist

Posted on January 5, 2017 by curiouscat

If you use Rails check out this useful Rails Security Checklist by Eliot Sykes.

Some Quick cli Syntax for Postgres

Posted on May 24, 2016 by curiouscat

How to Dump SQL result to a text file using cli

> psql -U postgres -d [database_name] -c ‘SELECT * FROM users’

How to exit postgres command-line utility psql
Type \q and then press ENTER to quit psql

Reset Root Password on MySQL Database
Notice that in PostgreSQL superuser is called postres (not root). If you forgot superuser password, you can reset it this way:

edit file pg_hba.conf

> sudo vim /etc/postgresql/9.3/main/pg_hba.conf

and find there a line similar to:

# TYPE  DATABASE        USER            ADDRESS                 METHOD
local   all             postgres                                md5

md5 here means that postgres asks for password. If there is this line then replace
md5 with peer, if there is no this line then add it

local   all             postgres                                peer

save the file, exit and reload postgresql service to pick up the updated configuration:

> sudo service postgresql reload

Then you should be able to get access to psql without providing a password this way:

> sudo -u postgres psql

In psql you can change user password using this command:

ALTER USER postgres PASSWORD 'new password';

PostgreSQL performance and monitoring

switch current database

\connect database_name or \c database_name

you can user autocomplete by pressing [tab]

list tables in current database

\dt

create a new database and import tables, data from a dump
in psql

CREATE DATABASE some_database

create a dump (in terminal)

> pg_dump dbname > outfile

You may notice that no password is used. That is because with Postgres you can setup a password file that is used to verify your access as such:

> vim ~/.pgpass

Then (format is hostname:port:database:username:password):

localhost:5432:mydbname:postgres:mypass
[ctrl-x] then confirm with y, then hit [enter]

save and exit

> chmod 600 ~/.pgpass

restore a dump (in terminal)

> psql dbname < infile

more details on dump-restore

create a user (it sql)

CREATE USER tester WITH PASSWORD 'test_password';
GRANT ALL PRIVILEGES ON DATABASE "test_database" to tester;

notice difference in quotation marks – in first case it must be single quotation mark ‘ and in the second case – double quotation mark “, otherwise PostgreSQL raises a syntax error

restart PostgreSQL

> sudo service postgresql restart

other regular service actions available too – [force-reload, reload, start, status, stop]

Also for Nginx (unrelated to this post really), Restart Nginx

sudo service nginx restart
other regular service actions available too – [force-reload, reload, start, status, stop]
reload only reloads configuration files, without stopping a service (which restart does)

The Edge-case Excuse

Posted on March 27, 2016 by curiouscat

I find the excuse that the bug is just for your small “edge case” as an explanation for why it won’t be fixed annoying.

I have found “edge cases” to actually mean we don’t want to fix it. Often the issue isn’t needing some special code to deal with an “edge case” it is the coding was done poorly and breaks in many different “edge cases.” It isn’t that those edge cases need to be coded for. It is that the code should have been written in a robust way that didn’t break for lots of “edge cases” but the excuse given for not fixing the fundamental coding fragility is the bugs found are just “edge cases.”

There are real instances where “edge cases” is a justifiable excuse. For example, adding in special code to deal with some odd category of users that just isn’t worth the cost.

But I just am so tired of fragile coding being excused as if breaking in lots of “edge cases” is perfectly acceptable when the only reason it fails is because the code is fragile instead of being built in a robust way to begin with. The issue isn’t that you have some special edge case that you want special coding for the issue is the code was written in an unnecessarily fragile way that makes it not work unless you follow a list of acceptable use cases.

Code should avoid adding in requirements that are not necessary. The edge case excuse I see used far more due to requirements that the code added which never should have existed instead of actually being an edge case that would require special code. For example, most web pages don’t require javascript (or IE, or flash, or downloading 5 mb of code to view simple text…) to do what should be done (display text, display images…) but some sites code their page to break if javascript… isn’t used by the user. Seeing this as an “edge case” issue missing the point of creating code that has superfluous requirements for the user that create “edge case” failures where they shouldn’t exist but for poor coding practices. In some cases jasvascript is required to do fancy things that are useful, in which case gracefully degrading and potentially not working fully is acceptable.

Locking and Unlocking a User in Ubuntu

Posted on February 19, 2016 by curiouscat

To lock a user in Ubuntu sudo usermod –expiredate 1 [username] Substitute the user’s username where username is shown below.

[code]sudo usermod –expiredate 1 username[/code]

This also can be shortened to

[code]sudo usermod -e 1 username[/code]

To unlock a user

[code]sudo usermod -e -1 username[/code]

This will disable the user both from accessing via password and from accessing via a private key.

You can also expire a user at a future date using

[code]sudo usermod -e YYYY-MM-DD username[/code]

To expire a password and force a user to enter a new password

[code]sudo passwd -e YYYY-MM-DD username[/code]

How to Manually Run Cron Tasks

Posted on September 27, 2015 by curiouscat

To manually run cron tasks you can use the run-parts command in Linux.

So to run your cron-weekly, for example, to test that a fix you just made runs without error (this is what I just did, in fact)

run-parts /etc/cron-weekly

run-parts will run all the executables in a directory (you must point at the directory). So if you have several files in cron-weekly to run, you can’t just point to one of the files.

You may run into environmental differences running the script as a different user than the cron test runs at, so you can run as that user if needed. You need to be aware this is a quick and simple way of testing part of the process but it doesn’t do a perfect job of testing if it works as a cron task. But it will let you catch some failures quickly and fix them in time for the actual cron task to run. So do check that the everything works after the real cron job runs.

This is just the kind of thing I said I would put in this blog. Simple stuff but things I forget – so I put it here to remember and maybe help out others, like me, that need really basic tips.

If you have a cron task item (or have setup the whole task this way) that is just a script and you just want to test that 1 item you may run the script directly. For example (for a Linux shell script):

sh /etc/cron.weekly/your_crontask_script.sh