WordPress WPS Hide Login Plugin

WPS Hide Login is a WordPress plugin that obfuscates the login page for a WordPress install.

It doesn’t literally rename or change files in core, nor does it add rewrite rules. It simply intercepts page requests and works on any WordPress website. The wp-admin directory and wp-login.php page become inaccessible, so you should bookmark or remember the url. Deactivating this plugin brings your site back exactly to the state it was before.

Honestly, I did this more to stop an annoyance than anything. There are tons of bots out there that try to do credential stuffing and dictionary attacks against even tiny sites like mine.

They’re unlikely to get past my strong password and 2FA, but it was getting annoying to see the constant stream of “user X has been locked out for 4 hours.”

I used the WPS Hide Login to set my login page to a random 16 character alphanumeric string that would be essentially impossible to guess.

Inserting Multiple Images Into A WordPress Post Using Gutenberg

One of the frustrating things with WordPress’ Gutenberg block editor is that in some cases it removed a lot of functionality that I had come to take for granted in the old editor.

For example, it is a pain in the ass to add multiple images into a post. With the old editor, you could simply hit the insert image button, select all of the images you wanted from the Media Library, and then you were done.

Gutenberg, however, insists that you add images one at a time–which is absolute hell when I need to insert 70 images into a post.

Anyway, I’m not the only one with this frustration and Nico Morgan found a workaround which I have been using for awhile now to solve this problem.

  1. When you want to insert multiple images, first insert a gallery and select all the images you want included from the Media Library.
  2. Once the gallery is created, switch the block back to an image block.

This will force WordPress Gutenberg to create a separate block for each image, instead of having to go through the mind numbing busy work of adding each image one-by-one.

But FFS, why can’t I just insert multiple image blocks to begin with? (Correct answer: because it wouldn’t be WordPress if it didn’t ignore obvious user interface improvements. If you don’t like it, just install Yet Another Plugin that does the same thing).

Simple Post Notes Plugin for WordPress

Simple Post Notes is a WordPress plugin that adds a Notes section on the post edit screen, where WordPress users can leave comments about a post that are not displayed with the post. The notes also are displayed in a column on the All Posts screen within WordPress as well.

It doesn’t happen very often, but once in awhile I want to leave myself a note about a post, and this is a nice way to do it.


Decline in WordPress Wow Factor? I’d Be Happy for a Duh Factor

WP Tavern has an article–now with dozens of comments–arguing that the wow factor in major WordPress release is getting few and far between.

Because of WordPress’ maturity and the short development cycle, major features are getting few and far between. By looking at the Beta tab on the WordPress plugin directory, visitors can view projects that may end up in future versions of WordPress. The only project on the page that excites me is the Front-end Editor but based on how long it’s been in development, I’m not holding my breath.

Please excuse me while I throw up in my mouth. The self-hosted version of WordPress is one of the most widely deployed pieces of software on the web, and yet in 2016 users still have to track down a plugin if they want to do something as basic as rate limit logins to prevent brute force password attacks.

At this point, the lack of such a basic feature has to be put down to extremely poor leadership and vision. WordPress is deployed by a lot of novices, and not only should there be a rate-limit feature, but it should be enabled by default.

But hey, what’s minimal security features in a world where the admin UI needs to be redesigned repeatedly or basic features in the editor need to be removed for no good reason?

AMP Plugin for WordPress

Accelerated Mobile Pages (AMP) is an open source initiative that Google is pushing to provide faster-loading content on mobile devices.

For WordPress, Automattic has created an AMP plugin that will render a WordPress blog posts in AMP (the plugin does not currently support pages and archives).

The plugin essentially dynamically generates an AMP version of a given blog post as long the requestor adds /amp/ to the end of the url. So, for example, https://brian.carnell.com/articles/2016/orcus/ will give the full HTML version of one of my blog posts, while https://brian.carnell.com/articles/2016/orcus/amp/ will return the AMP version.

At some point, Google seems likely to penalize pages that are not AMP-enabled as the search engine company increasingly sees mobile as key to its future. Plus, AMP is a much better alternative IMO to competing initiative such as Facebook’s Instant Articles.

Amber Plugin for WordPress

Amber is a plugin available for WordPress and Drupal that attempts to address the problem of linkrot.

Amber is an open source tool for websites to provide their visitors persistent routes to information. It automatically preserves a snapshot of every page linked to on a website, giving visitors a fallback option if links become inaccessible.

If one of the pages linked to on this website were to ever go down, Amber can provide visitors with access to an alternate version. This safeguards the promise of the URL: that information placed online can remain there, even amidst network or endpoint disruptions.

So, I installed it on a couple of blogs I run and gave it a whirl.

For this blog, it worked like a charm. It scanned all ~10,000 entries/pages and found roughly the same amount of links that needed to be preserved.

I appreciated the ability to store the links on my own server rather than relying on some other server, even something as robust as the Internet Archive.  Be warned, though, if you have a lot of links to preserve, this can take up a lot of server space. In my case, each copied link took an average of 1mb, so I had to set aside 100gb+ of server space. The main drive on my server is 2TB, so that’s not a big deal for me, but it could be a problem for people with less storage.

Of course, the plugin also does give users the ability to store their preserved links on the Internet Archive and a few other cloud-based options if your local storage isn’t adequate or desirable for one reason or another.

I tried it on another blog, however, which has tens of thousands of entries, and could never get the plugin to successfully scan all entries. In future versions, Amber should really support some sort of staggered scanning to deal with sites that have significant numbers of posts and pages.

Other than that, the Amber plugin is awesome. I’m glad to see something like this so easy to deploy and use.