news aggregator

One of the things that has bugged me about the WP Super Cache settings page was how it was laid out. Well, the next version of the plugin will display a simplified settings page to new users. If you’re upgrading, you’ll get the same old page as ever, don’t worry.

This version also adds a new method of serving cache files. It uses PHP, but serves supercache files. So, it’s a halfway house between using mod_rewrite (difficult to install for some users), and the legacy caching of WP Cache. That caching will be what is activated for users who use the simplified settings page.

There are lots of other bug fixes. The cache tester works if WordPress is installed in a sub directory, the admin page is separated out into tabs now to make it easier to find things. Error messages show up as “update messages” at the top of the browser now, making it easier for new users to figure out when mod_rewrite rules need updating and when other house keeping tasks need doing.

The code is red hot, liable to bend and break and may cause problems but it works fine here and on a test multi site install but I need testers to hammer on it and do things I don’t expect. If you’re brave, grab the development version off the download page. Thanks!

Related Posts

• WP Super Cache 0.8.4, the garbage collector
• WP Super Cache 0.8.7
• WP Super Cache 0.9.9

WordPress for BlackBerry version 1.4.3 has been released to BlackBerry App World.

Depending on your region or country, you might not see the latest version in the BlackBerry App World, but on your device the latest version 1.4.3 should be available starting now.

• Improvements to the post GeoTagging feature.  The app allows you to choose a location from a list of predefined options:  GPS,  contact entry in the address book,  manually inserting an address,  recently selected, clicking on a point in a map.
• Preview Improvements.
• Bug fixing.

Do you have questions or feedback that would enhance the app ? Please visit the WordPress for BlackBerry forums.

The Mill is a simple, yet elegant, two-column WordPress theme.

Misty Morn is a grey-based WordPress 3.0 child theme for Purple Pastels with custom image and attachment templates, thickbox enabled image attachment pages, and additional page templates for pages without comments and pages without the sidebar.

My Valentine is a pink-based WordPress 3.0 child theme for Purple Pastels with custom image and attachment templates, thickbox enabled image attachment pages, and additional page templates for pages without comments and pages without the sidebar.

Steampunk is a steam punk inspired theme built under the Themeatic Theme Framework environment with clean and SEO friendly HTML/CSS code.

Sun City is a darker WordPress 3.0 theme that makes use of orange, green, blue and other primary colours to provide a visually rich display.

ZenLite Black Mandarin is a darker child theme for the single column ZenLite theme.

• Windows MSI / Windows Classic
  
• Mac (Universal) / Mac (Intel-only)
  
• Linux/FreeBSD

I had a pretty interesting experience going through security at Ben Gurion airport — I almost didn’t make it through. I had heard the airport security in Israel was different but I had no idea. They spent about an hour asking questions, turning on (and taking apart) every piece of the 20+ electronic items I travel with, with particular attention and questions around my iPad. They took it out of the Apple case, turned it on, scanned it, took it away for 10 minutes to scan somewhere else, asked if anyone else in Israel had used it, when I last used it, asked when I got it, and ultimately said that their “technology team” had not cleared it for carry-on and they would need to pack it in a special box, wrap it, tape it, and check it directly with Continental (I couldn’t touch it or the box except to put some WP stickers on so I could identify it later). Wowza! My Sony PC, though, is safe to fly with. No wonder I saw so few Apple products at WordCamp.

I’ve been studying the source of iostat again and trying to understand whether all of its calculations I explained here are valid and correct. Two of the columns did not seem consistent to me. The await and svctm columns are supposed to measure the average time from beginning to end of requests including device queueing, and actual time to service the request on the device, respectively. But there’s really no instrumentation to support that distinction. The device statistics you can get from the kernel do not provide timing information about device queueing, only a) begin-to-end timing of completed requests and b) the time accumulated by requests that haven’t yet completed. I concluded that the await is correct, but the svctm cannot be.

I just looked at the sysstat website, and it has been updated recently to warn about this, too:

svctm

The average service time (in milliseconds) for I/O requests that were issued to the device. Warning! Do not trust this field any more. This field will be removed in a future sysstat version.

Related posts:

1. How Linux iostat computes its results
2. How to find per-process I/O statistics on Linux
3. Southeast Linux Fest is around the corner
4. Recap of Southeast Linux Fest 2009
5. How to auto-mount removable devices in GNU/Linux

If you run a social network or any kind of online publishing service, you will be hit by spam, if you haven’t been hit already, and Akismet wants to help.

When most people hear about Akismet, they often think about WordPress, but Akismet is actually available for over twenty additional systems and platforms, including Movable Type, Drupal, phpBB, PunBB, and libraries for PHP, Python, and .NET.

If you’re running, or planning to run, a social network or online publishing service, the Akismet team wants you to know that they can not only protect you from direct spam, but from parasite spam as well, as long as you can give them a way to contact you.

Akismet’s pattern and volume monitoring abilities make direct spam easy to filter, but ever since the dawn of forums, spammers have opened accounts for the sole purpose hosting their spam on your site. Thanks to Akismet’s pattern monitoring, the Akismet team can easily track the source of these parasite spammers and notify the site’s owner, but there’s little they can do if they can’t get in touch with you. Since contact forms can break without warning, the Akismet team recommends that you provide a traditional abuse@yourdomain email address. If you don’t want to make this email address public, at least contact Akismet and have it placed on file.

Are you using Akismet on your social network or online publishing service? With so many options available, why not try it today? Parasite spam can hit almost any site driven by user content, so don’t forget to offer your contact information to the Akismet team.

If you know of someone, or are yourself a blogger on Vox, you should know already that Six Apart has announced plans for closing the service. Users have until the 30th of September to get their data our of Vox and into other blogging and/or CMS platforms if they so choose.

Mark Jaquith has a great suggestion on how to Import a Vox blog into WordPress or almost anything else. In short, he suggests that you import your Vox blog into a vanilla WordPress.com blog and then export it out as a WordPress export file. Then you actually have a bunch of choices of what to do with your blog. PS: Be sure to mark your WordPress.com blog as private before importing if you do not intend to make that your final destination.

This is so funny I laughed until I cried! Definitely NSFW. OMG it's hilarious, but it's also not a bad overview of the issues. Especially loved: You read the latest post on HighScalability.com and think you are a f*cking Google and architect and parrot slogans like Web Scale and Sharding but you have no idea what the f*ck you are talking about. There are so many more gems like that.

Thanks to Alex Popescu for posting this on MongoDB is Web Scale. Whoever made this deserves a Webby.

List Yo’ Files adds the ability to list files by file name for a given folder with hyperlinks to each file making it downloadable.

Readable Names forces commenters to write their names in the language that your blog uses.

WP-comment-master enhances your comments with AJAX posting and pagination.

WP-WikiBox allows you to get a Wikipedia article summary for a keyword in any language, inline with your posts and pages, with a simple shortcode.

IE6 Upgrade Option displays a warning message, simply and politely informing the IE6 user that their browser is out of date, and provides links to download newer browsers.

Vimeo Quicktag enables the user to embed a customized Vimeo video into the blog content.

WP-Stats-Dashboard displays your blog’s stats graph plus your blog traffic, social engagement and social influence directly in your dashboard.

You have a backup, and you have the binary logs between that backup and now. You need to do point-in-time recovery (PITR) for some reason. What do you do? The traditional answer is “restore the backup and then use mysqlbinlog to apply the binary logs.” But there’s a much better way to do it.

The better way is to set up a server instance with no data, and load the binary logs into it. I call this a “binlog server.” Then restore your backup and start the server as a replication slave of the binlog server. Let the roll-forward of the binlogs happen through replication, not through the mysqlbinlog tool.

Why is this better? Because replication is a more tested way of applying binary logs to a server. The results are much more likely to be correct, in my opinion. Plus, replication is easier and more convenient to use. You can do nice things like START SLAVE UNTIL, skip statements, stop and restart without having to figure out where you left off, and so on.

Replication also has the ability to correctly reproduce more types of changes than mysqlbinlog does. Try this with statement-based replication:

That’ll work just fine through replication, because the SQL thread on the slave will change its connection ID to match the original. It won’t work through mysqlbinlog.

Related posts:

1. MySQL disaster recovery by promoting a slave
2. Progress on High Performance MySQL Backup and Recovery chapter
3. How MySQL replication got out of sync
4. High Performance MySQL, Second Edition: Backup and Recovery
5. How to make MySQL replication reliable

The WordPress development team had a very successful meeting last Thursday, where they solidified their plans for WordPress 3.1.

The finalized goals for WordPress 3.1 are “to have a very short dev cycle, a decent amount of testing time, and a release in mid-December. Low on new features, heavy on ui and code cleanup, and avoidance of schema changes. Save the big ideas for 3.2 where we’ll have the liberty to implement those ideas in PHP5. No schema changes and no big new APIs.”

Besides bug fixes and code cleanup, users can look forward to a new wordpress.com inspired admin bar and theme browser, as well as post templates and styles, and a separate network dashboard.

The team plans to halt new feature submissions on October 15th, followed by a primary code freeze on November 1st, and a string freeze on December 1st. The beta period will begin November 15th until the estimated final release date of December 15th.

Keep in mind that this will be the last major release to support PHP and MySQL 4. If your hosting provider has not yet switched to PHP 5.2 or higher and MySQL 5.0.15 or higher, it’s time to start bugging them.

Personally, I’m really looking forward to seeing what will come of the development team’s focus on bug fixes and code cleanup with this release. What are you looking forward to in WordPress 3.1?

If you’re planning to launch a social network or online publishing service, it’s important that you have a plan in place for dealing with spam. At some point the bad guys will find a way to take advantage of your hospitality, and you need to be ready to deal with them before they take over.

I’ve written about this before, but it bears repeating. If you’re launching a web site that allows users to publish content, you will very quickly be invaded by spammers. There are two basic types of spam that you need to be aware of:

1. Direct spam. Spammers will try to use your service to communicate directly with your users. They’ll send large volumes of comments, forum replies, direct messages, friend requests, contact forms, and generally abuse whatever messaging services are available.

This kind of spam is relatively easy to detect, because it involves making large volumes of form posts or api calls. You can catch it by monitoring for unusual patterns or volumes of submissions (and indeed Akismet can do this for you – ask us how). Contrast this with the second type, which is:

2. Parasite hosting. Spammers will use your service as an unwitting web host for their advertisements. They’ll create a handful of blog posts, forum threads, user profiles or wiki pages with images or links to their network of spam web sites. Spammers call these “buffer pages” or buffer sites. Importantly, they won’t spam your users with links to those buffer pages. They’ll be very careful not to do anything to draw your attention to them – often they’ll do their best to disguise them as harmless content. Instead, they’ll go elsewhere and send direct spam to the users of other services with links to the buffer pages on your site.

In other words, users on (say) Facebook and Twitter will be bombarded with spam messages containing links to pages on your web site. (Conversely, users on your site will be bombarded with spam containing links to buffer pages hosted elsewhere).

At Akismet we’re all too aware that few social sites are prepared for handling both types of spam. In fact some almost seem to go out of their way to make it difficult to report spam. Since Akismet monitors spam on millions of web sites, we’re able to detect both direct spam and parasite hosting. Sadly, even when we go out of our way to try to alert webmasters to spammers abusing their services as parasite hosts for porn and malware, many fail to respond.

Which brings me to the single best piece of advice I can give anyone who is planning on launching (or already runs) a social network or interactive web site:

Make sure you publish a working email address for abuse reports!

Don’t rely on a web contact form (when they break, failures often go un-noticed). Don’t rely on a flagging system that’s available only to your users (reports about parasite spam won’t come from your users). Don’t use a special form or button that only supports reporting a certain type of content or a single page at a time (spammers will hide in places you don’t expect them, and an important spam report might include hundreds or thousands of URLs). Use a good old-fashioned email address – abuse@yourdomain is best – and above all, make sure it’s monitored by people who are in a position to act quickly.

If you do run a social network, and you do have an email address for abuse reports (kudos!) then feel free to contact Akismet and tell us your address. If we do discover spammers hiding on your network we may be able to alert you, and of course we’re happy to provide advice for fighting the bad guys.

On this blog we’ve repeatedly discussed enabling the "Same Markup" for Internet Explorer 9. Part of making "Same Markup" a reality involves supporting the right features in IE9 to make the same HTML, JavaScript, and CSS "just work" the same way they do in other browsers. Part of how IE9 contributes to enabling the "Same Markup" is through support for the <canvas>, <audio>, and <video> elements from HTML5. These were introduced in the third platform preview and continue to be improved with each update.

In my first post on "Same Markup", I described the effort as an "n-way street". Each browser has a part to play by supporting the right features with the right behavior. Web developers also have a part to play in how they code for cross-browser differences where they unfortunately still exist. The most important part of working across browsers for web developers is to detect features, not browsers. So in this post I'll outline how to use feature detection for <canvas>, <audio>, and <video>.

Unlike other features, support for <canvas>, <audio>, and <video> can be detected directly from HTML markup. This involves simply using the desired element, then placing fallback content inside of it intended for browsers that don't have support for these elements. Browsers with support will hide this content from the user and display only the <canvas>, <audio>, or <video> element itself.

One caveat to keep in mind is that fallback content is only hidden visually. <script> blocks and other items in fallback content will always execute, even in browsers that support these elements.

Of course, fallback content should also be useful. Exactly what qualifies as useful can vary depending on what you are trying to do. One approach is to point the user at a download for an upgrade, but in most cases it is a better experience for consumers to fall back to alternative approaches for delivering the content. For example, if you're drawing something that doesn't change much to a canvas, you may be able to fall back to an image that gets generated server-side. A better alternative could involve including a framework which implements canvas on top of existing web technologies or using a widely deployed plug-in.

The <audio> and <video> elements tend to have more options for fallback via plug-ins, whether through a media player or an app built on top of a widely deployed technology such as Flash or Silverlight. At the very least you can provide the user with a link to download the file so they can play it locally. The examples below provide a rough view of this type of fallback, though the <object> tag generally requires a number of varying parameters specific to the chosen plug-in.

In addition to HTML markup, support for <canvas>, <audio>, and <video> can also be detected from script. This detection can be performed many ways, but one of the simplest is to check for the existence of the appropriate interface object off of window.

An alternative approach for detecting <audio> and <video> involves checking for the existence of the canPlayType method on a dynamically created <audio> or <video> element. This is used by a number of frameworks and is generally preferred if you also intend to use the canPlayType method to test for supported codecs (which will be covered in a future post). If you simply need to test whether <audio> or <video> is supported, then I find the approach outlined above in examples 8 and 9 to be more obvious and equally as effective.

A similar alternative approach can be used for detecting <canvas> support. In this case, most frameworks have settled on checking for the existence of the getContext method. This makes sense for <canvas> given that this method is required in order to retrieve a context for rendering.

If you have previously used browser detection to decide whether to use <canvas>, <audio>, or <video>, now is the time to update to use feature detection instead. Also, make sure you have a DOCTYPE at the top of your page (e.g. <!DOCTYPE html>) so your content doesn't render in Quirks Mode. In IE9, Quirks Mode is used for compatibility and consequently the <canvas>, <audio>, and <video> elements will not work there.

Stay tuned for future posts covering how to detect supported codecs and specify multiple sources using the <audio> and <video> elements.

Tony Ross
Program Manager

Edit 9/3 - added link to earlier blog post in second paragraph