Jeff Atwood makes a compelling argument that the ideology and values behind private social networks (e.g., Facebook) conflict with the core values of the Internet, and that they’re doomed to fail.
Preventing Clickjacking on WordPress Sites
WordPress already sends the X-FRAME-OPTIONS header for wp-login.php and the Admin Panels in order to prevent clickjacking, but it doesn’t send it on the front end because that could interfere with remote services that legitimately frame parts of a site. That’s only relevant for a small number of pages, though, so I’ve added a snippet to my functionality plugin skeleton […]
WordPress.tv Developer Presentation Roundup
I’m one of the mentors for WordPress’ SupportPress project in this year’s Google Summer of Code, and I wanted to put together a list of WordPress.tv videos to help introduce Varun to the WordPress community and some development best practices. I figured it’d be good to save it for future reference, so I’m also posting […]
PayPal Security Sucks; or, Why Two Factor Authentication is Worthless Without Strong Account Recovery Policies
Even though two-factor authentication isn’t the silver bullet many make it out to be, I’m still a big fan of it and think that it should be offered by any web service that wants to be taken seriously. It’s completely pointless, though, if the service doesn’t also have strong account recovery policies, or if their customer support […]
Challenges for the WordPress Community as it Matures
Mike Jordan’s post on the WordPress community has some great insight and challenging thoughts. The truth is, however, that our community does not have these rare traits simply because its members are just that awesome. The primary reason that our community is so approachable, is that for the first several years of its life we had to […]
Automatically Refresh Browser When CSS Changes
LiveReload is an app that will watch files on your local development environment and automatically update the browser when CSS changes are made. I can’t believe I didn’t hear about this years ago.
Hide PHP Warnings and Notices from Poorly Written Plugins
Update: Zack Tollman wrote a plugin called Ostrichize that does an even better job of this, so I’ve reverted my version out of my functionality plugin skeleton and will use his in the future. Pro tip: search for existing code before writing new code ;) * * * There are a lot of WordPress plugin and theme […]