Author Archives: mrjones

Importing and Trouble Shooting WordPress Imports

4 minutes, 3 seconds

I’ve recently achieved the life long dream of having one single WordPress instance for all my blogs and blogs I host. No more days of upgrading 15 different instances, but the forgetting that one rarely used instance and having that one instance get hacked. No more uploading the best new plugin to every which directory on the server. One install to rule them all!

However, as part of this, it meant exporting and importing a lot of content. I got pretty good at this as well as figuring out a lot of tricks along the way. Here’s some of my knowledge I gleaned that might help you if you’re faced with the same task!

Backups – Before starting down the path of any major code or data transfer, you should be sure you have backups of all your data. But, this isn’t a big deal for you, right? Right! That’s because you already back up all your blogs both on site and off. If you need help, check out WordPress Backups in the codex. Don’t forget, your backups are only as good as your restores. Be sure you test your backups to make sure they’re good!

Easy testing – Let’s say you have your WordPress network install for your fancy pants website at: http://wp.fancypants.com.  This means that, by default, to create a new site called “eatatjoes” you’ll need to:

  • Create the new “Eat At Joes” WordPress instance in the network admin site
  • Add a new ServerAlias in your apache vhost:
    ServerAlias eatatjoes.wp.fancypants.com
  • Add a new DNS entry:
    eatatjoes.wp.fancypants.com. 60 IN CNAME wp.fancypants.com.
  • And finally, don’t forget to restart apache:
    apachectl graceful

That’s a whole lot of work just for an instance that you’ll likely move to eatatjoes.com and do all the steps above again.  Instead, what I did was:

  • Create a wildcard DNS entry for *.wp.fancypants.com.  For me this was easy to do in Namecheap, my registrar and DNS host.
  • Create a wildcard server alias in your apache vhost:
    ServerAlias *.wp.fancypants.com
  • And finally, again, don’t forget to restart apache:
    apachectl graceful

Now, any time you create a instance, say irockaroundtheclock, in the network admin <BAM!> it will just work at irockaroundtheclock.wp.fancypants.com.  No editing of apache files, no updating DNS and no forgetting to bounce apache.  When testing instances and needing to delete failed import attempts to start from scratch with a different sub-domain, this made things very easy. This does assume you’re using name based hosting.

Good Prep – I’ve found that this is the checklist for successfully importing of a blog:

  • Using your new easy-to-test-a-new-instance set up from above, be sure you know how to create a new instance in the network admin interface.  You don’t want to cut your teeth learning how to create a site for the first time and then realize you’ve lost hours of work because you made a first timers mistake. Create and delete ’til you get it right!
  • Inventory all your plugins and themes on your old sites and add them to you new network site. Watch out for incompatible plugins from old sites which might throw a wrench in the works.
  • The first plugin you install in each new instance will need to be WP’s own Importer. While we’re on the topic, read up on the codex entry.
  • Create all your users before hand.  This way when you’re creating a new site or importing it’s easy to assign the existing user to be the owner. I choose to uncheck the “Send this password to new user via email” and disseminate passwords via one time secret instead.
  • You may also opt to communicate to your users that you’ll be doing some testing.  If you fat finger an import, it can email each of the authors that you just created an account for in the new instance.  See prior step as well!

Loss-less Data Imports – Having written a WordPress plugin or two, I know that plugins store their data in either the posts database table, along with your existing posts, or their own table created when the plugin was installed. If your importing data for a plugin that follows the “use the posts table” model, then you need to activate and configure this plugin before you import.  If you don’t, you’ll either lose the data for the plugin or it might be missing pieces or be corrupted. The bummer is if your plugin has its own tables outside of the posts table, it will then need to have its own export/import features.

Import Problems – If you’re having problems running the importer because it won’t finish because of errors, try turning on the debug output.  In the WordPress Importer plugin directory (WPHOME/wp-content/plugins/wordpress-importer) find the wordpress-importer.php file.  Edit this line:

/** Display verbose errors */
define( 'IMPORT_DEBUG', false);

To be true:

/** Display verbose errors */
define( 'IMPORT_DEBUG', true);

In my case the plugin complained that images imported didn’t match the size of the original:

Remote file is incorrect size

Imports failed :( When I ran strings on the imported image I saw this at the very end:

<!-- WP Super Cache is installed but broken. The constant WPCACHEHOME must be set in the file wp-config.php and point at the WP Super Cache plugin directory. -->

Going to the original, old site and disabling the Super Cache plugin fixed my import problems.  Yippee!

Shady Notices

0 minutes, 24 seconds

I got this slipped in my door the other day:

001

It’s lame. It uses fancy pants legal lingo to attempt to convince you that you’re in deep poop if you don’t send them money right away. I get postcards for car insurance too, but I forgot to save them. Next one I get I’ll update this post.

Doing a spot of research shows the problem is rampant. Doubly lame.

Source: markturner.net

Source: markturner.net

Clouds (photos)

0 minutes, 0 seconds

Trick to easily reload that Chrome App you’re developing

0 minutes, 30 seconds

I’m working on a chrome app. Maybe you are too! Maybe you want to do the old view-the-app-command-tab-back-to-editor-make-quick-tweak-save-command-tab-back-to-the-app-and-want-to-quickly-reload thang? Maybe you can’t reload your app quickly, like a good ol’ web page with “command + R” (or “ctrl + R” on windows)? Maybe you even saw that there’s a bug on file to fix this?

May I introduce the triple escape hack! If you add this snippet at the top of your app, all you need to do is hit the “esc” key 3 times and your app will reload:

var escCounter = 0;
$(document).keyup(function(e) {
    if (e.keyCode == 27) { 
	  escCounter++
	  if (escCounter > 2){
		  chrome.runtime.reload()
	  }
    }   // esc
});

Feel free to salt to taste with other key combos!

HOPE X

3 minutes, 45 seconds

I’m on the plane back home having just attended Hope X in NYC. What fun! I’ve attended other hacker conferences, and I found Hope to be comparable.

As prep for attending, I wondered if it would be OK to carry on my lock pick set (side note: I think there’s an overlap of hackers and gun fans). Since I’m not on social media, my friend posted to her network about carrying on picks. She’s friends with a lot of hacker-lock-pick types and we got back some great responses. Here’s a bunch of anecdotal, if not contradicting, advice if you’re considering doing the same:

other countries are much saner than TSA.

Spouse’s are going in the checked bag, but mostly because there are other more pointy things in the same kit this trip. Other times they have gone carry-on. Domestically, it’s “probably” ok if you aren’t already one of TSA’s special customers. I’m sure PreCheck doesn’t hurt, either.

TSA has their own special set of bullshit to deal with. Avoid when possible.

all I can say is that wearing them as jewelry works out fine. I don’t know that I’d want to carry them.

Lockpicks can be carried on if your not a jerk. I have flown with mine and up to 50 sets(pics did happen).

I carried mine through LAS last year. TSA found them-Nevada police told then to shut up

I have been carrying an extended serepick set in my wallet for years with zero issues.

I’ve never had any issues packing mine in carry-on bags. I think I’ve traveled to/from 3-4 DefCons, + trips to SFO/PDX/LAX YMMV

added a 8″ shovit tool to carryon and had no problem through 6 or so countries so far.

As to my own experience? I had zero problems flying from LAS -> JFK and from JFK -> LAS. Though, I will say I was *SUPER* bummed I didn’t have my backpack with picks on me when I saw world lock pick champion Jos Weyers at the lockpick village. I coulda bugged him about how to pick tubulars. Next time!

The conference itself was awesome. It had the mix of talks that were spectacular and ones that were so so. The complete list is below, but here’s some highlights:

  • With out a doubt the ultimate highlight of the show was being in the room with Daniel Ellsberg to hear his keynote which was followed by a Q&A with Edward Snowden via a video chat to Russia. I was that emotional, geeky guy in the audience who kinda freaked out at how amazing it was to be in the audience listening to this event. Snowden’s parents were there in person too!
  • Nadim Kobeissi’s talk Usable Crypto: New Progress in Web Cryptography covered a neat idea about doing client side encryption in JS. Coupled with an easy way to share your public key in less than 64 bits (think 64 letters like A-Z and 0-9) and helpfully simplified (but obfuscated!) private key storage, his miniLock project looks promising.
  • Deviant Ollam and Howard Payne’s talk Elevator Hacking: From the Pit to the Penthouse was hugely entertaining and edifying. They REALLY know their stuff and are great story tellers. Note: Elevators may be your weakest point when it comes to physical security!
  • Brian Knappenberger spoke and then there was a showing of his film, “The Internet’s Own Boy: The Story of Aaron Swartz”. Aaron’s brother and Brian had a round of Q&A afterwards. It was a horribly depressing film but wonderful to watch it with the geekiest of audiences.
  • Christopher Soghoian’s talk Blinding The Surveillance State was awesome. I’ve been following him for years since way back and always make a point of seeing him when ever he speaks. He gave an update on how better policy can be changed by embracing Washington’s use of the term and concept of “Cyber” and not saying, “NSA is Evil! We need encryption”. Instead we should be coming up with solutions to security scenarios that further protect our citizens from criminals and terrorists (and SHHHHH! also from the NSA!).
  • Phillip Hallam-Baker is a smart, smart man as witness by his talk PRISM-Proof Email: Why Email Is Insecure and How We Are Fixing It. He helped Tim Berners-Lee with a little project back when, and he’s looking to do something similarly impressive with encrypted email.

Talks Attended

Solve the Hard Problem

Steepest Dissent: Small Scale Digital Fabrication

Lockpicking, a Primer

Per Speculum In Ænigmate

SecureDrop: A WikiLeaks in Every Newsroom

Keynote Address – Daniel Ellsberg

A Conversation with Edward Snowden

Usable Crypto: New Progress in Web Cryptography

Social Engineering

Movie: “The Internet’s Own Boy: The Story of Aaron Swartz”

Ethical Questions and Best Practices for Service Providers in the Post-Snowden Era

PRISM-Proof Email: Why Email Is Insecure and How We Are Fixing It

Elevator Hacking: From the Pit to the Penthouse

North Korea – Using Social Engineering and Concealed Electronic Devices to Gather Information in the World’s Most Restrictive Nation

Blinding The Surveillance State

Addendum to “Ashley’s Law”, problematic iMac VESA mounts and new desks

2 minutes, 29 seconds

I’ve been thinking recently about items you use a lot in life. For example, the internet thinks we sleep for 20+ years in our lifetimes[1][2]. As well, the internet suggest a person with a desk job will spend 80k hours sitting [3]. What does this mean? It means that you shouldn’t skimp on your mattress and your chair! In fact, you should buy the best mattress you can afford. Well…no, you should by the best mattress on which you sleep well and should try to not be price conscious. Same for your chair and your desk. So if you recall Ashley’s Law said:

If you don’t have it, you can’t use it.
– Ashley Jones, 2011

So the addendum would be:

If you’re going to use an item for more than a 1/4 of your life, it should be a quality item you didn’t skimp on.
– Ashley Jones, 2013

The list of applicable items should be quantifiable! Despite having recently purchased not one, but two cars, I would say for most folks they don’t spend 1/4 of their lives in their cars. So, unless you’re a trucker, my advise is to not spend a lot of money on your car.

Speaking of this new addendum, I wanted to set up my iMac to be mounted on an articulated arm on my desk so it could be be the perfect ergonomic height when I work on it for hours a day (8+). This would also giv my desk those really clean lines with the monitors floating over the surface. Here’s my advise to those who want to also endeavour to have this setup:

  • The $115 Ergotron MX will indeed support a 2012 30lb, 27″ imac[4]
  • Be sure to get the iMac VESA mount[5] and not the Cinema Display mount which is cheaper[6]
  • Read the instructions for your iMac VESA mount carefully.
  • Especially the warning after step 4:imac.VESA.warning
  • If you don’t follow this step and after you take off your iMac stand you see the VESA mount suck back into the dark depths of Mordor[7] otherwise known as the inside of your iMac, chill out. Go down stairs and grab a cold beer. Crack off that top, take a nice long sip.
  • Back with your beer? Great. Skip the the top search result[7] which you find where they say you’ll have to disassemble your entire iMac and void your warranty to get your VESA mount back out:

    Hopefully you can fish the inner bracket back up and out the slot, because if not the iMac may have to be completely disassembled to recover it.

  • Take another sip of beer.
  • Check out the post waaaay down yonder in the search results. That’s right, the one with pipe cleaners[8]. See? You’ve got those supplies in your house to fetch that nasty guy back out. Here’s another variation that I came up with:vesa.retreval.2vesa.retreval.1

    Yes, that’s right, using some needle nose pliers, some picture hanging wire or what ever else you have around the house, you retrieve your precious and get back to setting up your desk.

After heeding my own addendum, following the wire cutter’s advice on standing desks[8] and recreating the “you can’t stump me, I’m the internet” solution to get my VESA mount back, I have a great desk set up that’s really quite nice. I highly recommend treating yourself right with the items you use the most:

newdesk

Thanks to the artists in my life

0 minutes, 26 seconds

I walked into our bedroom the other day and saw this:

991

Upon closer inspection you might notice the wonderful colors and fabrics in that quilt:

994

And then your eye might wander up and pause on that subtle, wonderful piece above the quilt on the wall:

1008

The quilt and print were both gifts to us. I feel blessed that I have the likes of Steven Holloway and my sister Lindsey Jones who made the print and quilt respectively. Thanks to you both!

Top this all off with my lovely and talented wife and I can’t help but see beauty everywhere I look!

Swappa.com is an awesome site to sell or buy Android phones

1 minute, 24 seconds

I recently discovered Swappa. This is great site to sell or buy an Android phone. Why? First off they only sell good condition phones with clear ESNs. You won’t find any “only good for parts” deals here. As well, every phone posted for sale is verified by an actual employee at Swappa, so there’s no scammers. Further, they have lower fees than ebay.

However, I take the the blawg-o-sphere today because of their amazing customer service. The other day my one year old and I were hanging out by our pool. When he thought I wasn’t looking, he jumped in (ok, fell in) the pool, face down. Only thinking of ensuring my son didn’t drown, I jumped in and pulled him out. Only afterwords did I remember my Galaxy SIII in my pocket. After a week of letting it bake in the sun and still no speaker or mic working, I deemed it dead.

I went to Swappa, found my replacement phone, and purchased it. It was easy to find the exact phone I wanted, which even came rooted and with CyanogenMod 10.1. The seller told me it would ship out the next morning.

On a whim I powered up my old, left for dead phone. Oh my gosh! It totally worked! I even stuck my SIM card in there and I could make calls with the speaker and mic working no problem.

I embarrassingly asked the seller and Swappa if I could back out of the sale. Both agreed to help me out. The seller refunded my money, keeping $20 at my request. Swappa even refunded my buyers fee, which I had said they could keep. This all took hours and was tended to by the same Swappa employee who had verified the phone for the initial sale. What service!

I could not give them a higher recommendation and plan on purchasing all my phones from them. You should too!

Sunset and Rainbows

0 minutes, 3 seconds

That rainbow guy may be a Sun Dog, but jury is still out.