The Home page of my Blog Site has changed, but it may not be immediately obvious where!

Total views 181 

The Home page of my Blog Site has changed, but it may not be immediately obvious where!

Until today I have used the WordPress Classic Editor to create and maintain my blog site posts and pages, but for the new Home Page and this post I have started using the new Gutenberg Block Editor. The question on your lips is then “Why?”. Much of the new functionality introduced recently into WordPress has been dependent on Gutenberg Blocks, which allows the web pages to be created from simple building blocks, like Lego. In particular, I was looking for a way to include an action button at the top of the Home page which would only appear if the user had not yet logged into the blog, because much of this site depends on knowing about the profile and membership level of the user. Gutenberg Blocks has just such a block, and I have used it at the top of the Home page, but if you have already logged in, then it is hidden.

So what are the changes to the Home page?

  • At the top of the page users that have not yet logged-in will see a big button saying “–> YOU ARE NOT LOGGED IN! <–“. Clicking that button will take you to the login page.
  • Near the bottom of the page there was a table explaining the different membership levels, which had merged cells in the Membership Level column to show you what was relevant to that level. Unfortunately, Gutenberg Blocks does not yet allow merged cells, so, in the new table, I have had to add a blank row between each level, which is why it looks a little different. Merged cells will be implemented as soon as they become available.
  • The rest of the page looks remarkably unchanged, but it now uses Paragraph and List blocks.
  • Finally, you may notice that the Total views counter at the top-right of the page now has a much smaller number. That is because the new Home page is a brand new page. The original Home page had 26,970 views! It is now up to you to get that view count back above 20,000!

Apologies for the 16 hour server outage today. Note to self: if an installation manual doesn’t mention something important, then don’t try it out in production!

Total views 588 

Apologies for the 16 hour server outage on my SAS-related blog site today. I was trying to install Jitsi Meet, an open-source alternative to Zoom, on my server:

  • While it is possible to organise moderated meeting using the hosted meet.jit.si servers, installing a self-hosted copy of the open-source Jitsi Meet software alongside WordPress seemed to me to be a good idea, so that SAS training could easily be held locally.
  • By default standard self-hosted Jitsi Meet uses Nginx, not Apache, web servers, and assumes a fully qualified hostname, e.g. meet.hollandnumerics.org.uk.
  • What I wanted to create was an installation of Jitsi Meet in a sub-folder on my existing Apache web site, e.g. hollandnumerics.org.uk/meet, which is also part of a Bitnami stack, where software is installed specifically for use by the web server. This use case was not mentioned anywhere in the installation manual, although I did find a number of web forums that described similar environments.
  • That is where the problems started:
    1. To move Jitsi Meet into a sub-folder I had to edit the existing web configuration, the web pages to display the meetings, and the scripts to start the software.
    2. I also had to generate a self-signed SSL certificate for localhost.
    3. I had to reboot the server and restart the web service several times.
    4. Finally I discovered that some of my changes were lost whenever the Jitsi Meet software was updated.
  • At no point did I ever get Jitsi Meet to a point where I could run a test meeting, so I uninstalled it all.
  • Having uninstalled Jitsi Meet, I then couldn’t restart the web server to access WordPress, because something was holding onto port 443 (the secure HTTP port). At this point it was fast approaching midnight, so I decided to sleep on it.
  • Finally, this morning, I found that, when Jitsi Meet had been installed, it had added “Listen 443” commands to the default Apache installation, which conflicted with my Bitnami stack Apache server. Once these were removed my WordPress site suddenly reappeared!

Lessons learned:

  • When installing software you don’t fully understand, if the installation instructions have no information explaining what you should do, don’t just do it anyway!

Thank you for your patience!

Preventing Spam and SAS Blog Server Downtime – and how you can help!

Total views 2,605 

On 13 March 2017 my blog site started getting user registrations from spam bots all with first name equal to last name. I was leaving to travel to the SAS Global Forum in Orlando the following day, so I quickly set the default membership level to “Pending” to prevent too much damage, as “Pending” members only have the same blog site access as unregistered visitors. Recently new members may have noticed a delay in getting full access to the site, and this is because your membership is initially “Pending” until I manually change it to “Active”. The following day more spam registrations occurred, but then on the day after that my blog server decided to go into stand-by mode, shutting down the web site, for reasons I still don’t understand. Under normal circumstances I would have been upset by this, but, given the likely influx of many more spam registrations, it was actually a relief, as I would have limited access to WiFi while travelling, and so I was able to relax a little.On 1 April 2017, when I’d arrived at the conference, I asked my daughter to restart the blog server, so it would be available for new registrations again, and I was then able to track the unwelcome new members more easily using the hotel and conference WiFi.

Where were the IP addresses for spam registrations located?

  • Former Soviet Union – 53.5%
  • EU and UK – 22.0%
  • North America – 11.5%
  • Rest of the World – 8.5%
  • Unknown – 4.5%

The IP addresses of the spam registrations suggest they are mostly from countries in the former Soviet Union, although otherwise spread around the world.

Email domains in spam registrations:

  • mail.ru – 31.5%
  • yandex.com – 6.0%
  • yandex.ru – 5.0%
  • other *.ru, *.ua, *.ee – 3.0%
  • other *.top – 16.5%
  • other email domains – 39.0%

At first sight you would assume that the former Soviet email addresses matched the former Soviet locations, but that was definitely not the case, as *.ru and yandex.com email addresses were associated with locations in countries spread right across the rest of the globe. It appears that these IP addresses are being used remotely for spam registration, possibly without even the knowledge of their owners. Wordfence, a security company for WordPress sites, has published an article about how some home routers could be compromised, how to check for this vulnerability, and how to protect yourself. I strongly recommend that you read this article and protect yourself along with WordPress users like myself! This is how you can help.

So what have I done to resolve all of these problems? First of all I have ordered a new server and uninterruptible power supply, so that going into stand-by mode and power cuts should not interrupt your connection to the server in the future, other than in exceptional circumstances. The site should be moved over to the new server in the next few weeks. Secondly I installed a new WordPress plug-in called “WP Spam-Shield” on 14 April 2017, which has miraculously stopped all of the spam registrations! As a consequence I have now reset the default setting for new membership from “Pending” to “Active”, so new members won’t have to wait for me to activate their accounts.

LinkedIn is dead! Long live Google+ and WordPress!

Total views 1,016 

I have managed and owned LinkedIn groups since 2010, and have struggled to cope with LinkedIn removing group management tools over the last 6 months. This WordPress site was created as a direct result of a LinkedIn Groups “upgrade” in October 2015.

I have now set a deadline for LinkedIn to restore most of the useful stuff they removed by 24 December 2015, otherwise I will close my own “SAS Author: Philip R Holland” group (650+ members) and resign from being a manager of the “SAS Professional Forum” group (30,000+ members).

In the meanwhile I’m encouraging the members of both these groups to register on this site, and to join my parallel Google+ community called, with outstanding originality, “SAS Professional Forum”. I would encourage everyone who reads this post to guide their friends and colleagues to these sites too, as I don’t believe LinkedIn will be capable of fixing sufficient bugs and restoring previously working LinkedIn Groups functionality to make it worthwhile using that platform again!