The most expensive backup is the one you never did!
This is how I Display Multiple Marker Location in One Google Map. The trick is how to make all marker visible (make the map range/area to fit all marker) using maps “bound“.
In this tutorial I want to explain Step by Step How To Create WordPress Settings/Options Page With Meta Box, like what you see in this screenshot:
WordPress have a decent Settings API and it offer a lot flexibility in design. Several plugins do “wild” things in their Settings Page, However for better user experience it’s best to use seamless design (blended) with other admin UI design.
One of my favorite admin UI element is Meta Box. Not only because meta box have an easy to use Meta Box API (so we can easily create meta boxes), but it also have user preference options where user can reorder (drag-and-drop) the position, toggle open/close meta boxes. and even changing Screen Layout to 1 or 2 column using “Screen Options”.
Benefit in using Meta Box in Settings Page:
- Nice UI : Neatly Group Complex Settings.
- Minimum Design Time : WordPress already have the design.
- Easy to use : because user already familiar with how the panel works.
- Extend-Ability : Other developer can easily extend our plugins and add options with familiar API.
So Let’s Start !
Brute Force Attack is a daily problem for WordPress sites. What’s interesting is that you cannot prevent it from happening. It’s unavoidable. You can only make harder for the attacker to attack your sites.
If we use CMS with login feature to manage our content, we cannot remove/disable the login functionality because we need it to get access to manage the site.
You can use the strongest password, two factor authentication, etc. But it will not stop the attack to your site.
Every single login attempt will cost you server resource. You cannot cache this page to reduce the impact because WordPress need to validate each login attempt.
But, we can try to discourage attacker by blocking IP addresses they use. If you use relatively good hosting, you probably have firewall system installed in your server to log and block attacker. But you can also install security plugin to add another layer of security. Several plugin for WordPress brute force protection:
- Limit Login Attempts : un-maintained plugin, if I’m not mistaken WP Engine auto-activate this plugin for sites hosted there.
- BruteProtect : Use their server to log IP addresses, kinda like Akismet for brute force attack. You need to register to their site to get API key for each of your site. Currently owned by Automattic.
- Login Security Solution : similar with limit login attempt, maintained. And have multi-site support. This is the plugin I’m using.
- And a lot more alternative…
It will reduce their attack, but because they seem to have unlimited number of IP Address, it’s actually (kinda) useless method to try to discourage them.
Quoting from Matt Mullenweg:
Supposedly this botnet has over 90,000 IP addresses, so an IP limiting or login throttling plugin isn’t going to be great (they could try from a different IP a second for 24 hours).
You can also read other sources to understand the scale of the attack:
- WordFench : Large distributed brute force attack underway at 40,000 attacks per minute.
- Sucuri Blog: Understanding Denial of Service and Brute Force Attacks – WordPress, Joomla, Drupal, vBulletin
Every single day in each sites I got hundreds of failed login attempt. Probably tens of thousands if it’s not protected by firewall and security plugins. It happen in every single site. Not even one site is free from brute force attack.
Several days ago, I ask for advice at Theme Hyrid Forum (private forum replies). I got several response. And from their response I create a custom solution for my sites and my clients sites.
I tested it in 10 different sites for 24 hours, the result is amazing. I got almost zero login attempt.
Even though it’s still premature to say that this solution is working. In this post I would like to share the custom solution I build to solve this problem.
I started my online life just as a hobby. The idea to make money online is interesting to explore. Almost no reason, just ’cause.
I created my first blog on blogger and purchased my first domain from Google Apps. Register to Google Adsense and think that I’ll start making $$$. I was wrong. It’s tough, need a lot of dedication. I need to learn SEO, content research, etc.
Sometimes you need to move/migrate files to another server/hosting, and you/your client only have FTP access to the server. And to download these files and re-upload to another server can take a lot of time using FTP client such as Filezilla. FTP do not have zip – unzip functionality, so you need to upload it one by one. And server to server transfer is a lot faster than downloading and uploading the files.
You can use this simple PHP script to move files from one server to another server.
Programmers are creatures with no social skills.
But John is a programmer, and he is not socially awkward at all.
Yes, but John isn’t a true programmer.
Jetpack Complex is a term used to describe a piece of software, a plugin or a theme in WordPress universe, that attempts to do too much and becomes painful to use for the user. An example of Jetpack Complex would be a plugin to display video that also tries to be your spelling and grammar checker program, sharing tool, and even contact form, resulting too much hard drive usage, server memory, and user time for maintenance by updating the part of the software they don’t actually use. 0
In earlier post about wp_is_mobile() I explain that we can use
wp_is_mobile() WordPress function to design theme by adding
But @samikeijonen mention that similar method was removed from twenty fourteen theme because if we use page cache/html cache the result will also be cached.
So I think the best way to use
“One is not allowed to execute commands on production which one has not written into a procedural document, executed on the staging environment, and recorded the expected output of each command into the procedural document, with a defined fallback plan to terminate the procedure if the results of the command do not match expectations.”
I just upgraded my Asus EEEPC 1025CE with 4GB of RAM using this tutorial: