One thing that's been continuously annoying me when doing WordPress development on the go is when something somewhere inside WordPress decides to send requests to external urls when I don't even have Internet connection or it's slow and flaky (tethering, slow Wi-Fi, etc). This results in random lag when loading pages, especially if I haven't opened my dev WordPress instance for a long time.
Turns out there's an easy and undocumented (other than in code) solution. To block external HTTP requests right in WordPress's core itself, open up wp-config.php and add WP_HTTP_BLOCK_EXTERNAL like so:
Whenever this variable is present, external requests will be ignored, unless you specify your own comma-separated whitelist …
Updated: September 8th, 2011
Today, I was looking for a quick way to see HTTP response codes of a bunch of urls. Naturally, I turned to the curl command, which I would usually use like this:
curl -IL "URL"
This command would send a HEAD request (-I), follow through all redirects (-L), and display some useful information in the end. Most of the time it's ideal:
curl -IL "http://www.google.com" HTTP/1.1 200 OK Date: Fri, 11 Jun 2010 03:58:55 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=ISO-8859-1 Server: gws X-XSS-Protection: 1; mode=block Transfer-Encoding: chunked
HTTP/1.1 200 OK
Date: Fri, 11 Jun 2010 03:58:55 GMT
How *Not* To Implement A Web Application That Handles External Authentication, Using BeTwittered.com As An Example
Today I'm going to look at how not to handle user authentication in a web application, taking BeTwittered.com authenticating with Twitter as an example (sorry, guys).
BeTwittered is a simple and comfortable gadget that you can add to your site, such as your iGoogle homepage.
Since BeTwittered is just a bridge between you and Twitter, it has to first log you into your account. Here is where things go horribly, horribly wrong.
1. BeTwittered does not use SSL to secure requests to its servers
All authentication information is transmitted to BeTwittered servers in plain text and is easily sniffable by an attacker, both on your own network and outside of it. You can read more about SSL encryption here….
Updated: September 16th, 2012
StackOverflow is an amazing site for coding questions. It was created by Joel Spolsky of joelonsoftware.com, Jeff Atwood of codinghorror.com, and some other incredibly smart guys who truly care about user experience. I have been a total fan of SO since it went mainstream and it's now a borderline addiction (you can see my StackOverflow badge on the right sidebar).
Update 6/21/09: This server is currently under very heavy load (10-200), even with caching plugins enabled. Please bear with me as I try to resolve the situation.
Feel free to bookmark this page and return to it later when the fires have been put out.
Update 06/21/09: I think I've got the situation …