Must use WordPress plugins for a technical blog

When I took a Droplet from Digital Ocean to host my server, I decided to give Ghost a shot. Using Ghost was a unique experience. It was minimalist and the editing experience was great. Unfortunately a lot of things like analytics, image compression, comments, advanced SEO, and code syntax highlighting were absent or took time to setup. The core team implement things fast and have a very aggressive release cycle, but theme developers are not able to keep pace with the changes and new features available. In addition, the default theme that comes with Ghost is not very apt for a technical blog.

I have hence decided to shift back to WordPress in order to utilize the large number of plugins and themes. This blog contains a list of plugins that I have installed and consider as must use WordPress plugins for a technical blog.

Here’s the list of WordPress plugins used,

  1. Wordfence Security
  2. WP Super Cache
  3. Yoast SEO
  4. Easy WP SMTP with Mailgun
  5. EWWW Image Optimizer
  6. Jetpack by WordPress.com
  7. Crayon Syntax Highlighter

Wordfence Security

This is pretty much a no-brainer. One of the easiest ways to hack a WordPresss blog is to simply brute force the password via wp-login.php . This plugin protects the blog by banning or throttling traffic from IP addresses that have continuously been entering an invalid username or password.

I like the weekly update emails that are sent out with information on any IP blockages, and plugin updates available. Emails are also sent out when an administrator logs into the website.

WordFence weekly email

It includes a spam filter for comments. This removes the need to rely on an additional plugin such as Akismet for comment moderation. I’ve not had a chance to see this in action, but I have a feeling that this will be top notch like the rest of the plugin.

When a security vulnerability is discovered the malware scanner informs the administrators about it via mail.

I’ve found the non-premium version of this plugin to be more than adequate for my needs.

WP Super Cache

I’ve used this plugin to improve the response time of my blog. The premise is simple. Content on a blog doesn’t change very often, so serve static HTML files instead of generating the HTML dynamically. This helps reduce database queries and the HTTP request response time.

GTMetrix – Speed analysis tool

To regularly monitor the performance of the website I use GTMetrix. I’ve configured GTMetrix to run a test weekly and email the results to me. Here’s what a report from GTMetrix looks like,

GTmetrix - Performance analysis

Yoast SEO

This is a standard when trying to improve the SEO of a blog. I’m currently using this to improve the readability and the SEO score for my blog.

In addition, I’ve used this plugin to connect my blog with Google’s webmaster tool.

Here’s a screenshot of the suggestions offered by Yoast while writing a blog,

Yoast post suggestions

Easy WP SMTP with Mailgun

I use Mailgun with my WordPress blog. Mailgun offers 10,000 free mails for a month which is more than adequate for my usage.

I’ve then used Easy WP SMTP to configure WordPress to use my Mailgun account to send all the mails.

Mailgun configuration with EasyWP SMTP

 

 

 

 

 

 

 

 

 

 

 

I’ve found this to be more reliable and faster when compared to the traditional WordPress mail sending process.

EWWW Image Optimizer

This plugin automatically optimizes plugin uploaded to the Media library. It also provides a bulk optimization tool that can be used to optimize multiple images on your blog.

This helps to reduce the unnecessary network data transfer, hence making the website faster to load and save bandwidth.

Jetpack by WordPress.com

I use JetPack to setup the discussion section, to generate the sitemap for the website, and to keep track of the daily visitor stats. JetPack also adds a Share button to my posts.

In the future, I’d like to enable JetPack to automatically share posts to my social media accounts.

Crayon Syntax Highlighter

In a blog where I’m planning to share code, a syntax highlighter makes a lot of sense.

Crayon Syntax Highlighter not only highlights my code, but also allows visitors to toggle and highlight line numbers.

Crayon is very configurable, allowing you to configure the minutest details about the way the code is displayed. I’ve configured Crayon to be simple and not get in the way while people interact with the code on the website.


That about sums it up. I’ve tried to keep the plugin usage to a minimum to avoid slowing down the website. These 7 plugins provide me with all the functionality that I need on my blog. I also believe that these, or a variation of these plugins are pretty much a must have on any technical blog.

Ownership and Borrowing in Rust

I’ve been having a lot of fun learning Rust. I’ve been going through the second version of the Rust book and have covered uptil chapter 6 – Enums and Pattern Matching.

One of the unique things about Rust is the Ownership system. I had some doubts understanding this. Searching on Google lead me to this little website – http://intorust.com/ that has some really cool videos explaining – ownership and borrowing.

The author, Nicholas D. Matsakis, has a lot of other interesting work that you can read at http://smallcultfollowing.com/babysteps/

On another note, I’ve been pushing my Rust code to the repository here. I’ll be happy to receive any feedback.

Updating ghost-cli process name

Imagine you’ve created your new Ghost install but have set it up with the incorrect process name. The official documentation does not tell us how to update it, it just tells us that it can be set using the --pname flag during initial installation. Let’s look at how we can update the process name after we’ve installed our site.

Run ghost ls

Ghost ls output

So in this case, I wanted to rename bitsnbytes-thecurlybraces-com to bitsnpieces-thecurlybraces-com

First stop the running server process using ghost stop bitsnbytes-thecurlybraces-com.

Open the .ghost-cli file in the folder where the site / server is deployed. You’ll see the following content,

Change the name key to the following – bitsnpieces-thecurlybraces-com.

Restart with ghost restart bitsnpieces-thecurlybraces-com and you should now see the updated name in the ghost ls.

After you do this, you might have to reconfigure systemd. To do that, run the following command –

Incase you forget to stop the server before renaming the ghost-cli file, and you had configured systemd, you’ll not be able to start the server. You might be shown the following error –

To fix this, you’ll have to go through some extra steps.

Disable systemd for the blog and restart

Delete this file from the ghost site installation folder first –

Also remove a symlink from under /etc/systemd/system/ that was created by ghost-cli.

Restart systemd.

Stop the old server process

Now that we’ve disabled systemd, killing the node process will not cause it to restart.

Use a software like htop to kill the running server process. If you don’t do this and try to start the new server, you’ll get an error stating that the port is already in use.

Once done, you should be able to start your server again.


Note that if you are doing this, you might also have to do the following,

  1. Update the virtual host in nginx from bitsnbytes.thecurlybraces.com to bitsnpieces.thecurlybraces.com. Click here to find out how to do that.
  2. Add or update the domains under your Let’s Encrypt certificate. Click here to find out how to do that.

Disinfecting a Windows machine

So last weekend my sister came to me with a slow performing Windows 8.1 Acer laptop. She wanted me to format it and install a new copy of Windows 8.1.

I’ve been using Debian for the last 3 years. Previously I was dual booting between Windows and Debian in-order to play DOTA 2 with my friends, but since Valve released DOTA 2 on Linux, I’ve had little reason to open my Windows installation. As you’d expect I didn’t have a Windows 8.1 setup disc or ISO lying around. I debated whether to shift her to a clean KDE based Debian machine and she agreed as long as her desktop looked nice but I soon changed my mind when I saw the software she was using –

  1. Cyberlink PowerDirector Pro
  2. Cyberlink PhotoDirector
  3. Bunch of free games

I’m sure I’d be able to find alternatives for the above, but it’d be too much of a learning curve for her, plus setting up a KDE machine from scratch would take some time.

I decided to investigate the reason for slowness, and possibly fix the problem itself. Upon further discussion with her, I found out that the laptop was not only slow, but was infected with some sort of a malware. She was getting permission errors while opening certain folders, and a lot of the folders were hidden.

I’ve been using Linux as my primary OS for the past 4 years, and haven’t had to worry about this sort of a problem. Even so, cleaning up the system was quite simple. This blog gives an outline of the steps I followed to do so.

  1. Stop unwanted and suspicious running processes
  2. Remove unwanted startup programs
  3. Remove other antivirus
  4. Remove unnecessary and suspicious software
  5. Cleaning up trouble some software
  6. Remove unnecessary Chrome extensions
  7. Update Windows
  8. Reactivate Windows security features
  9. Full scan via Windows defender
  10. Windows proxy

Stop unwanted and suspicious running processes

First step is to find out what programs / processes are running that shouldn’t be. The Windows task manager is a good place to start looking.

Kill dangerous processes

Kill dangerous services

Somethings will shout out – I don’t belong here. Other’s might not be so obvious. If something seems suspicious but you’re not sure if its needed, just Google the process name and you should have your answer.

You want to do this first because certain applications / processes will detect that you’re uninstalling them and then perform some malicious action.

Remove unwanted startup programs

I used services.msc to determine which services were running. Going through the description of the service will likely give you enough information on whether the service is needed.

You can start services.msc by,

  1. Press Windows Key + R on your Windows desktop.
  2. Type services.msc
  3. Press enter

While I was here, I removed the various services related to the anti-virus applications that my sister had tried to install. In addition, whatever suspicious processes I had stopped earlier, I tried to find any services related to those.

Remove other antivirus

The gut reaction of a person who knows that they have been infected by virus or a malware is to install an antivirus and try to get rid of the problem. And if the first one doesn’t work, we try it with another one.

When I got my sister’s laptop, she had a couple of anti-viruses installed – Kaspersky, and Avast. Avast was fairly simple to remove via Windows Add / Remove program, but I was having troubles removing Kaspersky. During uninstall Kaspersky would tell me that I did not have enough privileges to uninstall the application.

Eventually I got rid of it by using the Kaspersky removal tool.

Remove unnecessary and suspicious software

This was a little painful to do since Windows does not allow you to uninstall multiple applications at once.

I uninstalled all the applications that I’d disabled earlier, one by one. Almost all of them were fairly straight forward to uninstall. I’ll be discussing the one that was not so easy to uninstall below.

Cleaning up troublesome software

MPC Cleaner gave me a hard time. There was no uninstaller for it in the Windows Add / Remove program and the install directory did not have an uninstaller either.

It doesn’t turn out to be a harmful program, but it is clearly an unwanted software that doesn’t want to get uninstalled.

Googling around revealed that you’ve to boot your system into safe mode and then remove it. That’s just too much work. The other way to remove it was to install AdwCleaner.

This is the approach I followed. In addition to removing MPC Cleaner, I removed browser cookies, local cache and history using AdwCleaner

Adw Cleaner

Remove unnecessary Chrome extensions

Next I tackled the browser, and removed all unnecessary extensions installed. AdwCleaner also helped remove unnecessary toolbars and a homepage that had been added to Chrome. This step was quite easy and went without any hiccups.

This process will defer if you are using a different browser but AdwCleaner support other popular browsers like Internet Explorer and Firefox as well.

Update Windows

I then updated Windows. I selected all the important updates, and downloaded latest definitions for Windows Defender. This took quite some time but went without any issues.

Reactivated Windows security features

I personally feel that Windows built in firewall and Defender are together good enough to handle any average users security needs. Hence I went ahead and activated these. These had been disabled by the previous antivirus software that my sister had installed.

Full scan via Windows Defender

So now that we had an updated version of Windows Defender, I ran a full system scan. Please note that this will take quite some time so feel free to go do your thing while Windows Defender does its.

Windows proxy

After the scan had been done, everything was looking good. No more permission issues, no more slowness but we were still having issues connecting to the Internet intermittently. I checked the proxy settings for Windows and for some reason found this there – http://unstops.net/wpad.dat. Apparently this is a browser hijacker and shows users ads and redirects their browser session. Removing this resolved the Internet connectivity issues.


The points mentioned here although run on a Windows 8.1 machine, are applicable to other versions of Windows too. The entire process took less than 2 hours of my time, out of which removing the unwanted software one by one took the longest. Most of the stuff happened in the background, without much of my intervention. I’m glad I went down this route rather than formatting the entire system. It was less work, and everything was still setup exactly the way it was earlier.

I had a chat with my sister and asked her not to install any more performance improving software. I also asked her to read carefully before pressing the next button while installing new software. Staying clean on a Windows machine is quite easy if you keep it up to date with security updates, have Windows firewall on and Defender running.

Renewing Let’s Encrypt certificate

Have the following command setup in my crontab to renew the certificate for this blog, and for the main website – thecurlybraces.com

This causes the command to run,

At 03:30 on day-of-month 1 in every 2nd month.

Output

Incase you want to add more domains to an existing certificate, you can use the following command –

This assumes that you have only a single certificate. If you’ve more, you’ll have to use --cert-name. Read more here.

Just putting this here for reference, and with the hope that it might be useful for someone else.