Written by: Robert R. Russell on Monday, September 14, 2020.
After doing some research on alternative analytics options, I have removed Jetpack. Matomo can do everything Google Analytics and Jetpack can without any third party data sharing.
©2020 Robert R. Russell — All rights reserved
Written by: Robert R. Russell on Friday, September 11, 2020.
I use SSH keys to protect all of my SSH logins. The following shell code starts
only one ssh-agent and adds all ssh-keys to that agent. I recommend adding it
to your ~/.bashrc file, so the proper environment variables are set up.
if [ `ps -C ssh-agent | wc -l` -ne 2 ]; then
ssh-agent -a $HOME/.ssh/agent.sock > $HOME/.ssh/agent.env
source $HOME/.ssh/agent.env
for key in $HOME/.ssh/*.pub; do
pkey=`basename -s .pub $key`
ssh-add $HOME/.ssh/$pkey
done
fi©2020 Robert R. Russell — All rights reserved
Written by: Robert R. Russell on Thursday, September 10, 2020.
For these last two weeks, I have posted eight days out of ten applicable days. I am running out of ideas that don’t involve politics, and training for my new job has impacted my free time. Most of the problem is finding nonpolitical topics.
©2020 Robert R. Russell — All rights reserved
Written by: Robert R. Russell on Tuesday, September 8, 2020.
AMD PSB Vendor Locks EPYC CPUs for Enhanced Security at a Cost.
Shame on both DELL and AMD for this. It doesn’t improve security and makes ewaste an even bigger problems.
©2020 Robert R. Russell — All rights reserved
Written by: Robert R. Russell on Friday, September 4, 2020.
A day or two after I posted my complaint about businesses not training employees, I accepted an offer at a company that does train their employees. Yay. I am not sure how it is going to affect my post rate here though.
©2020 Robert R. Russell — All rights reserved
Written by: Robert R. Russell on Thursday, September 3, 2020.
WordPress and several other pieces of web software written in PHP are notorious for using old and broken algorithms for securing passwords. If you are using a PHP version of 5.5 or newer, you should get okay security by default. However, even phpass’ developers recommend not using their software if you can use PHP 5.5 or newer. I strongly suggest installing and enabling the PHP Native password hash plugin, especially if your WordPress install was ever run on any of the PHP 5 family. The plugin’s two most significant advantages are it actually gets updated to include new, more robust algorithms, and it automatically migrates passwords to the newer algorithms on login.
©2020 Robert R. Russell — All rights reserved
Written by: Robert R. Russell on Wednesday, September 2, 2020.
©2020 Robert R. Russell — All rights reserved
Written by: Robert R. Russell on Tuesday, September 1, 2020.
I have been dealing with the issue of many people wanting one year of experience with tool A, but they won’t train you on the differences between tool A and tool B, which I do have experience on. But they need someone with experience? A person with one year of experience in a tool isn’t an expert on the tool. They are a moderately experienced beginner. Also, since Tool A and Tool B do the same job, the differences in how those tools work is maybe a week or two of adjustment, not a whole year of adjustment.
©2020 Robert R. Russell — All rights reserved
Written by: Robert R. Russell on Monday, August 31, 2020.
I moved this site to TLS 1.3 a few weeks ago. So far, it has been working great if I use a web browser. Unfortunately, no one has updated Curl to work with TLS 1.3. The is a major issue because Curl is the HTTP client library du jour for C or languages that use C’s Foreign Function Interface. Unfortunately, TLS 1.3 only breaks nearly all applications that use a web callback or WordPress’ APIs.
To add TLS 1.2 back as an option
#Add below the SSLCipherSuite for TLSv1.3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
#Add +TLSv1.2 to the end of the SSLProtocol line
SSLProtocol -all +TLSv1.3 +TLSv1.2©2020 Robert R. Russell — All rights reserved
Written by: Robert R. Russell on Sunday, August 30, 2020.
I am going to move the post schedule from daily to Monday through Friday.
©2020 Robert R. Russell — All rights reserved