I’ve had to mitigate the effects of the recently discovered Heartbleed bug on two Ubuntu servers. It’s actually very easy to fix. Unfortunately most articles out there have a lot of technical fluff and drone on about version numbers and such. So here’s the short version of how to fix Heartbleed on Ubuntu (this should work for most other server OSes too).
Updated on 4/10/2014
The SSL industry is a big scam. All certificates are equally secure and what you’re really paying for is the name backing them. That’s why I always buy the cheapest certs I can get through Namecheap whenever I buy a domain (I keep forgetting that StartSSL offers them for free). So I end up with a Comodo Positive SSL certificate. Okay cool. They send you a bunch of files and I always forget how to install them on Apache. So for my and everyone’s future reference, here’s how.
I’m in the middle of building out two APIs right now. Responding to requests with proper headers is always important but it becomes a critical piece of functionality when your application is responding in a text-only or serialized format like XML or JSON. Maybe you can get away with sending a 200 Ok or 403 Forbidden status instead of a 401 Unauthorized when your response body is an HTML page explaining the error but when you’re dealing with API clients that’ll get them pissed off at you pretty quick. Response codes aren’t just for errors either. It’s important to use the best code for the type of reponse you want to send. I personally like to break down responses into three categories: success codes, redirects, and errors. I’m always having to look up HTTP response/status codes so I’m just going to store a list of them here. Some of the more common and useful ones will have nice full explanations. Enjoy.
I recently moved. Moving is expensive. In an effort to save money I’ve been going through my different web hosting accounts, seeing if I can’t pare them down and get rid of any domain names I’m just not using anymore. Web hosting is cheap these days but if you’re hosting through more than one provider it can add up quickly. As I go through these accounts I’m thinking more and more of why I need each of them. At first I chose web hosts based on price and to see which would serve my needs best but as time went on I realized that the three main hosts I’ve settled on all serve a different purpose and may be necessary to a balanced web hosting life.
Today I’m sharing my three favorite hosts and what I’ve found each is best suited for.
Last year I wrote a review comparing Linode and Digital Ocean. At the time Digital Ocean was a very new player on the scene and because their pricing was so cheap I had decided to use them to host some of my side projects. At the time I had very strong opinions about Linode and Digital Ocean that I didn’t forsee changing. One year later a lot of what I originally wrote still stands but some of my stronger opinions have changed. So today I’m going to re-review and compare Linode and Digital Ocean and hopefully help others make an informed decision on which host is best for them.
Wordpress is so cool. Easy to set up, easy to use, easy to teach. Everybody uses it so there’s a solution for everything. Or, if there’s no solution, there’s always a hack for that. We work with quite a few Wordpress installations at my job and one of my duties is to maintain them all. One of the things about Wordpress is that as your Wordpress powered site evolves it somehow manages to grow limbs, get a little chubby, and behave in unexpected ways. Last Friday I got an email about fixing the layout of a list on one of our pages that had been behaving just as we wanted it to for almost two years now. The frustration that ensued is why Wordpress is as much of a pain as it is a painkiller. This is the story of how developing for Wordpress requires a Wordpress mindset, not a PHP mindset.
If you work in the terminal a lot like most developers then you’ll be familiar with the concept of symlinks. Unfortunately, for some reason, it’s really easy to forget exactly how they work and what the order of arguments should be. Today I created a Git repository for a new Wordpress theme I’m coding in a folder that holds all of the design and code assets for an organization I’m doing some work for. The theme folder itself is outside the Wordpress themes directory itself because I don’t want to be committing the entire Wordpress codebase to my repo when all I want to keep under version control is my theme. Yes, I know I could have just created the repo in the theme folder within Wordpress but there’s a good reason I didn’t which I won’t get into. Anyway, in the process of doing this I needed to create a symlink between the actual codebase for the theme and Wordpress’ themes folder. I totally blanked on how to properly symlink two folders and every article on Google was way too wordy and confusing. So here for my reference and yours, is a simple, straightforward guide to creating symlinks on a Mac (it’s the same for Linux, I’m just using a Mac today).
Flat design is all the rage these days. Gone are the days of candy buttons, gaudy gradients, and elements that give the illusion that they’re jumping off the page at you. Designers and developers love to argue over whether this style is just a passing fad or here to stay. My take is that it’s both. Flat design has always been around and it’s worked well for countless sites. At the same time, there are a lot of newbies on the scene who are taking the most superficial elements of this design style and ruining it for the rest of us. Those are the designers that are making it a passing fad. Web design has its trends but in the end flat design will become less pronounced and find its place among the different styles a designer can utilize. In the meantime however, there’s a frighteningly large number of new, mostly self-taught, designers out there abusing flat design. Good design is not the coat of paint we use to polish off a site. With that said, let’s talk about flat design – the good, the bad, and some things in between.
I guess this is the time of year when people start thinking about New Year’s Resolutions. What a load of crap those are, right? Even so, a lot of people, including myself, who hate the idea of a New Year’s Resolution end of thinking about what they’ve accomplished in the past year and what they’d like to accomplish going forward because of how many people are talking about it. Setting goals isn’t a bad thing at all. The problem is when perfectly good goals turn into “New Year’s Resolutions”. The problem with these resolutions is that they’re easy to let slip, feel bad about, and then, finally, you find yourself next December 31st remembering how you failed last year and saying “but this year is different”. I solved this problem for myself last year and have a plan for keeping my streak going.
I’m going to take another break from writing technical articles and focus on something else I know very well. I was being interviewed last Friday about my work with The Heroin Epidemic Relief Organization (HERO) and the last question I was asked was “what do you want people to take away from this story”. That’s such a tough question to answer. Besides being far too vague and open-ended I really didn’t know what the reporter’s purpose in writing the story was either. I get that question a lot though and it always stumps me. Sure, the easy way to handle it would be with some trite, feel-good message like “don’t give up” or “anyone can do it” but I have to admit I really don’t believe either of those things, sadly. What I could speak to was the subject of identity. I’ve seen far too many addicts and their families during the course of my work that, besides the issue of the addict in their lives, all had the same problem – addicts and their families struggle with their identities when the addict decides they want something better for themselves. Families have a hard time knowing how to behave and the addict is sometimes set up for failure even when, technically, they’re doing everything right.