MichaelOldroyd.co.uk

Responsive Layout for WordPress

WordPress LogoI’ve been working on a few tweaks to improve accessibility on mobile devices. Since obtaining a shiny new Samsung Galaxy Note 2, I’m finding myself using my mobile device more than ever. The redesign earlier last year allowed me to introduce some initial steps toward a responsive layout, but it was and still is an unfinished product.

I have finally got round to implementing sidebar folding at low resolution. I’m the using adjacent sibling selector (+), the :checked pseudo-selector, and HTML <input> hacks (<label>, radio and check-box <input> elements). This technique also works great for folding the main navigation at low resolution using a check-box.

API Callback URLs and HTTP Authentication

When developing web applications that use APIs, it is usually necessary to have the development site accessible for API callback URLs. A good example would be when working with payment gateway systems, which typically post back success or failure of transactions. In this event it is convenient to use HTTP authorisation to prevent outside access (users, crawlers, etc.). The issue with this is that API systems don’t always work with the http://[user]@[password]:[url] method of manually passing through this authentication method.

Disabling Apache Server Signature

I have been trying to disable the server signature for a while, but I found that turning off the ServerSignature directive didn’t work for all servers. The signature might read something like:

Apache/2.2.X (Ubuntu) mod_ssl/2.X.X OpenSSL/0.X.X

If your server exposes this information, it’s easier for an attacker to compromise a system based on flaws in a particular server software version (especially if your server software is allowed to become outdated, or your distribution is slow to release security updates). By default, it will display this on error pages in plain text, and also present it as a Server header on every request.

To disable completely, you should set the following directives in your Apache configuration:

ServerSignature Off
ServerTokens Prod

via Nixtechnica

Filter a category from your WordPress Blog

I’m pretty new to working with the internals of WordPress. It seems very easy to settle for installing hundreds of plug-ins to achieve the simplest of tasks. Plug-ins are awkward for me, as they have the tendancy to not quite do what I want them to. I end up messing with them in some way which breaks updates.

Friday Update #1

My ten visitors may have noticed it was quiet over here for the last week and a half. For the last fortnight, I have been moving home. We began sorting and packing our belongings 3 weeks prior to that, yet we were still moving things out at 10:30 the night before the deadline. Probably because there was so much to clean and fix at the old place. It’s quite amazing how much shit you can stuff into one house. In total it’s taken a full week just to move our stuff and fix the place up. This includes 3 1/2 hours to get a sofa through a door, which was ridiculous. I did feel guilty that Bob – our sole surviving goldfish – was one of the last to move.