Linux admins beware, there’s a web server exploit in the wild

No OS is 100% secure if there’s enough desire to get in. There’s a web server exploit targeting Apache, Nginx, and Lighttpd running on Linux–a first of its kind, in at least one regard. Ars Technica has the details, including where to get a script to check to see if your server is infected.

According to this page, if you execute this command:

strings /usr/bin/apache2 | egrep opentty

you’re clean if nothing comes up, and your infected if you see one or more matches. If your system stores its httpd elsewhere, change the first parameter to match.

Another easy Apache tweak

I ran my site through Google Page Speed on Tuesday, and scored a surprising 88 out of 100–higher than I expected. Getting above 90 is going to take some optimizations on files that WordPress updates may change, so I’m hesitant to do that, but one thing it told me to do was to cache more aggressively. That’s pretty easy, as it turns out, and I could definitely feel a difference afterward.

Here’s the trick. Read more

Making gradual improvements, starting with whatever bugs you the most

A long project can be paralyzing at times, making it hard to figure out where to start. A trick that I learned in model railroading is to just work on whatever small percentage of the project that bothers you the most. Then, when that’s done, cycle back, create another subproject that fixes whatever bugs you the most now, and keep making incremental improvements like that until you get where you want.

I’ve used the same trick on home improvement projects, and I applied it to this web site over the course of the last few weeks, doing a series of incremental improvements. It led places I didn’t expect it.
Read more

Tag your imported WordPress content with Simple Tags

Unlike many bloggers, I blogged for a decade before moving to WordPress. That meant I had a pile of old posts with no tags on them. One of the nice things about WordPress is that you can use the tags in conjunction with a plugin like Similar Posts to display links to related content at the end of each post. And trust me, when you blog for a decade, a lot of your stuff is related.

It’s also sad how much of that old content becomes obsolete, but the 2% that stands the test of time and continues to get readers year over year is satisfying, too.

Here’s how to tag your old content–wherever it came from–quickly and easily.

Read more

Four simple steps to optimize WordPress

A couple of years ago, I stood up a WordPress server. I made no effort to tune it, let alone turbocharge it, which is a decision I later came to regret. If your site gets more than a few hundred hits per day, you need to tune it. If you want to get more than a few hundred hits per day, you need to tune it because Apache and MySQL’s default settings are by no means one-size-fits-all. And you can never have too much speed. There are two reasons for that: Google favors fast sites over slow sites, and Amazon found that a one-second delay in page load drops traffic by 7 percent.

There’s a lot of advice out there on tuning WordPress, some of which seems to be good, and some of it not so good.

Here are four things that I know work. I run Apache and MySQL under Linux; these tools may run under Windows or OS X too.
Read more

WordPress Appliance - Powered by TurnKey Linux