A quote of inspiration: Waves

I came up with this the other night, no idea whether it’s original or not, but, i’m sure as hell going to claim it so, until proven otherwise.

In an ocean there are many waves, of these waves only few make it ashore, even fewer leave a mark. Leave a mark.


In an ocean there are many waves, of these waves few but make it ashore, even fewer leave a mark. Leave a mark.

Moneys nice to have, but …

Moneys nice to have, but, if you have to sacrifice too much time to get it, when you do eventually stop, there will be no one around to share it with you.

Your job no matter the title

If you work with people, no matter what your title is, it’s your job to make the people around you feel better, empowered and encouraged.

Wordcamp 2013 Lancaster – my thoughts

Having just returned from Wordcamp Lancaster 2013, I thought what better time to write a quick round up of how I felt the weekend went than now. Having previously been to Wordcamp Portsmouth 2011 I was keen to make up for missing 2012’s Edinburgh event. I hope by providing some feedback and some relevant information to those who didn’t attend this years event in Lancaster it might help them make decisions about going in the future.

I’ve decided to break the review down into the following areas; Location, Venue, Hotel, Range/Quality of talks, Workshops and Social.


Lancaster was chosen for the location of the premier UK WordPress developer event of 2013 (although it is rumoured they are also having a London based event in the winter hush, hush), affectionately (as always) dubbed Wordcamp 2013. Lancaster itself is a pretty quaint northern city with a huge University presence but when uni’s out for the summer it’s pretty quiet. Lancaster was a difficult venue to travel to for a Londoner like me, though it does have reasonable travel links via Virgin trains from London Euston. On a friday night a direct train to Glasgow stops at Lancaster without needing a change (bonus!). This is a slightly different story on a Sunday evening however, a 4 hour train ride with a change at Manchester Picadilly is what your looking to get you back to London Euston.


Lancaster university was the event venue, I couldn’t fault this. Perfect location and a nice university campus with alot of new buildings. The lecture theatres were perfectly fit for purpose. Though it was a little difficult to find the relevant area of the campus that the event was taking part in. There was some hot and cold food provided at lunch time which was a nice touch, seems as you had very little choice for alternatives.


We stayed in the Lancaster House Hotel. This was awesome! Nicest hotel in Lancaster (apparently) certainly seemed pretty good. Great breakfast, good rooms, even better showers and a nice array of other facilities such as swimming pool, sauna and gym.

Range & Quality of talks

I like to measure the quality of an event by the amount of tangible things I walk away with, against what it costs me to be there. This years Wordcamp 2013 for me didn’t quite live up to my expectations. Despite it’s extraordinarily cheap event ticket prices (just £25 if you grab an early bird ticket) being in Lancaster I had to chuck another £300 just for travel, accommodation and food costs. I use WordPress professionally week in week out and I go to be involved in the community and learn a few things myself while i’m at it. This year I struggled to identify one tangible thing that I could look back on and say that i’ve added x to my armoury this year.

Range of talks

The good: There was a reasonable range of talks (at least in title), most of the talks were high level talks which applied to a wide range of event goers. Most of the content covered in the talks was easy going (with a few exceptions) and there was plenty of room for event goers to ask questions at the end of talks with little objection. I felt that all those giving talks did so with good delivery, well spoken and capable of answering questions to a good level at the close of the talks.

The bad: Most talks lacked relevancy to WordPress or relevancy to real life application when using WordPress, which in my mind makes it difficult for event goers to put talks into context or convert to something tangible. There was a big lack of advanced subject matter / Workshops for heavy WordPress developers to truly geek it up at the entire event. Some talks were even outright boring mainly due to their lack of relevancy or loop back to reality from theory.

Quality of talks

The quality of talks for me this year was lacking in content more so than it was speakers. I thought each of the speakers were more than capable of presenting. I just thought the talks lost focus on the audience being able to have an “aha” moment! To me alot of the talks lacked a little bit of finesse and very few added real value back to the advanced WordPress event goer. I guess I normally also expect the talkers to be those pushing WordPress to the limits or having particular expertise in certain areas of WordPress. Indeed that is at least where i’m personally likely to learn the most. This year felt like alot of speakers first talks and some of the talks came across asif the speaker hadn’t truly mastered his/her subject matter in real life situations, before giving it.

It may sound a bit harsh, and it probably is, besides, it’s always easier to sit in the audience goading the speaker, than it is to be the speaker, right!?


There wasn’t really any. Nothing hands on anyway. Bit disappointing personally for me, though I do understand they add an extra layer of complexity to proceedings.


Events and conferences alike are always good places to go and meet people working in similar fields to you. Usually you’ll find lots of friendly people and this year was no exception. There was even a social drink up in Lancaster town in the evening on Saturday night.

Will I be going again?

Probably. I guess I wouldn’t be writing this post if I didn’t want someone to read it and make it better next year.

Limit login attempts locks every day or so from

I use the WordPress Limit Login Attempts plugin a little bit across various WordPress sites that I run and support. Lately i’ve toyed with fine tuning some of these sites by using Limit login attempts in conjunction with Nginx and Varnish.

Varnish happens to be a reverse proxy (more on varnish here varnish) which means all traffic is routed through it first.

Every other day I would get a message telling me that limit login attempts has exceeded total amount of failed attempts from IP – after a little brain racking and a bit of confusion I had an aha moment! Varnish was causing all failed login attempts to be from the same IP I.E the local one!

Once I realised this was the cause of the problem it was pretty simple to fix. Limit login attempts has an under reverse proxy setting which is as simple as just flicking on to prevent this problem.

Simple as that, quite frustrating until you realise this though. So i’m hoping it helps someone else out sometime in the future.

If – a poem written in 1895 by British Nobel laureate Rudyard Kipling

If you can keep your head when all about you are losing theirs and blaming it on you, if you can trust yourself when all men doubt you, but make allowance for their doubting too; if you can wait and not be tired by waiting,or being lied about, don’t deal in lies, or being hated, don’t give way to hating, and yet don’t look too good, nor talk too wise: if you can dream – and not make dreams your master; if you can think – and not make thoughts your aim; if you can meet with Triumph and Disaster and treat those two impostors just the same.

If you can bear to hear the truth you’ve spoken twisted by knaves to make a trap for fools, or watch the things you gave your life to broken, and stoop and build ‘em up with wornout tools: if you can make one heap of all your winnings and risk it on one turn of pitch-and-toss, and lose, and start again at your beginnings and never breathe a word about your loss.

If you can force your heart and nerve and sinew to serve your turn long after they are gone, and so hold on when there is nothing in you except the will which says to them: ‘Hold on!’

If you can talk with crowds and keep your virtue, or walk with kings – nor lose the common touch.

If neither foes nor loving friends can hurt you, if all men count with you, but none too much; if you can fill the unforgiving minute with sixty seconds’ worth of distance run -yours is the Earth and everything that’s in it, and – which is more – you’ll be a man my son!

Laravel .htaccess localhost MAMP and Mac OS X

I was, like anyone, excited about the release of Laravel 4 and quickly set about following the initial installation instructions on a vanilla vhost locally to have a play around with. I quickly found that the default suggested .htaccess file was causing a server error in MAMP on OS X.

I got around it with a little trial and error and can confirm the below contents in your .htaccess file – works great for me.

Options +FollowSymLinks
RewriteEngine On

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)/$ http://%{HTTP_HOST}/$1 [R=301,L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule . /index.php [L]

The offending line from the suggested .htaccess contents was

RewriteRule ^ index.php [L]

Vim delete all lines in currently open file

It’s been a while since I blogged anything so I thought i’d stick this up which I found useful from time to time.

Deleting all lines in a currently open file when opening from vim in mac terminal.

Type gg to move the cursor to the first line of the file, if it is not already there.
Type dG to delete all the lines.

Then press “i” to insert new lines or copy from clipboard.

How to get the ID of Facebook Page loading application as a page tab

Sometimes you might be required to build a Facebook Application which might go live on several different Facebook page tabs. Often as a subset of being installed in several locations you may find you want to make subtle tweaks to the Application itself. Many Facebook app developers will hard code some of the URLS which they use for redirection in their code base, this is not good practise and tends to lead to these such problems. With the following example you will be able to install the same Application across many different Facebook Pages with the ability to record and adapt the Facebook page currently loading the application by the page ID.

I’ve had to consider this problem at length for work this weekend and found that there was really not much decent documentation on it (least not anything particularly coherent). Needless to say I did still manage to find some documentation and with a bit of googling pieced together how to do this.

Facebooks documentation states the following:

When a user navigates to the Facebook Page, they will see your Page Tab added in the next available tab position. Broadly, a Page Tab is loaded in exactly the same way as a Canvas Page. When a user selects your Page Tab, you will received the signed_request parameter with one additional parameter, page. This parameter contains a JSON object with an id (the page id of the current page), admin (if the user is a admin of the page), and liked (if the user has liked the page). As with a Canvas Page, you will not receive all the user information accessible to your app in the signed_request until the user authorizes your app.

One way to achieve this using the Facebook SDK would be to grab the signedRequest using the Official PHP SDK. Here’s an example:

require '../../src/facebook.php';

$facebook = new Facebook(array(
  'appId'  => 'APP_ID',
  'secret' => 'APP_SECRET',
  'cookie' => true,
$signed_request = $facebook->getSignedRequest();
if( $page = $signed_request['page'] ) {
    echo $page['id'];

I also learned that Facebook via the signed_request method would make user_id, other basic information (such as age) a locale and a country so that you can serve age related or locale related content. Right on the money for me who needs to serve content in different languages using it icon smile How to get the ID of Facebook Page loading application as a page tab

Or you could roll your own and grab it without the Facebook SDK like so:

if(!empty($_REQUEST["signed_request"])) {
    $app_secret = "APP_SECRET";
    $data = parse_signed_request($_REQUEST["signed_request"], $app_secret);

    if (isset($data["page"])) {
        echo $data["page"]["id"];
    } else {
        echo "Not in a page";

function parse_signed_request($signed_request, $secret) {
    list($encoded_sig, $payload) = explode('.', $signed_request, 2); 

    // decode the data
    $sig = base64_url_decode($encoded_sig);
    $data = json_decode(base64_url_decode($payload), true);

    if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
        error_log('Unknown algorithm. Expected HMAC-SHA256');
        return null;

    // check sig
    $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
    if ($sig !== $expected_sig) {
        error_log('Bad Signed JSON signature!');
        return null;

    return $data;

function base64_url_decode($input) {
    return base64_decode(strtr($input, '-_', '+/'));

Both of these methods will return the page ID of the Facebook Page loading your application. You could then save to session and store against the user when they authenticate or all manner of other quirky things and start tailoring your App for each page if needs be.

Serving static assets from AWS S3 & CloudFront

This is the first in a two part blog about configuring a WordPress install to successfully serve both static assets (your themes static assets such as css, javascript, images etc) via Amazons Web Services (AWS) S3 and CloudFront.

This blog will cover how to serve your static assets from an Amazon S3 bucket & configuring that bucket to be served by Amazons Cloudfront Content Delivery Network (CDN) service for optimised delivery of assets across the world. if you are unfamiliar with what a CDN can do for you then I recommend reading the following article Jack Whitey – CDN

Throughout this article I assume that you already have an Amazon AWS account. If you do not, then please visit Amazon AWS and register an account before continuing.

Login to your Amazon Account and then visit the ‘My Console’ tab. Once you have located this visit the S3 tab and create a bucket.

Give the bucket a relevant name and just choose Region ‘Us Standard’.

You’ve now created your amazon S3 bucket. Nice. But, it’s not much use, so let’s upload an image file to it. Click the upload button and upload a random image file on your machine to it. Hit start upload and then watch. Once it’s uploaded it should appear in the left hand side bucket. If it does, click it and change the tab on the top left to ‘Properties’ here you’ll find a link to the item. Click it and you should be faced with a permission denied XML output alot like the image below.

Screen Shot 2013 03 25 at 13.42.16 Serving static assets from AWS S3 & CloudFront

This is good as I want to expose you to an important part of S3, permissions. Permissions in terms of Amazon S3 mean whether or not something is public or privately viewable. Complicated rules can be created to determine the visibility of any item in any S3 bucket.

In our case we just want this file to be publicly viewable. So, we’ll just click properties on the image and then permissions and add a new rule for ‘Everyone’ to Open/Download and save. Now if you click the same link once the save has been successful you should see the image served.

Well done! This is your first image being served from the Amazon S3 bucket service. Although this is now being served by Amazon S3 you can go better. Serving that same image via Amazons own CloudFront service will perhaps give your site a bit more global oomph! CloudFront syncs your bucket across all Amazons data centres around the world and routes requests to the nearest (most local) data centre. This should ensure that all static assets are served from a geographically closer location than if you just hosted it from the US only region.

To enable CloudFront for your application you need to head back to your Amazon Console and open the CloudFront Service. Once you have it open follow the steps below:

  • Click ‘Create Distribution’
  • Choose the ‘Download’ option
  • Set Origin name to yourbucketname.s3.amazonaws.com
  • Leave all the other settings at their default settings
  • If you would like to map a CNAME to your distribution then you can add the CNAMES in the box ‘Alternate Domain Names(CNAMEs)’ perhaps something like cdn.yourdomain.com
  • You can then update your DNS records to reflect this CNAME record.
  • Click create distribution

The distribution will take about 10 minutes to spin up. Once it’s done the important thing to note is your domain name for example – d3pmoderwnmasf.cloudfront.net/. This is the base URL for your buckets contents when served over CDN (you can also use the CNAME you registered).

Depending on how quickly your CNAME resolves you will be able to access your file via d3pmoderwnmasf.cloudfront.net
or your CNAME.

In a small test against serving from an S3 bucket from the US region versus calling the bucket via the CDN I was serving an image asset at an average of 130 ms from the bucket and 30 ms from the CDN. The biggest part of which was probably that being in the UK my requests from the CDN we’re probably being routed to the EU Ireland data centre accounting for a dramatically quicker geographical serving.

You can now link to these assets very easily in your code by using your CDN URL.

So thats serving assets from an S3 bucket, but, where does WordPress come in I here you ask? Continue reading as this is where it all gets interesting.

WordPress, Scaling and asset serving/uploading to S3

If you are looking to scale a WordPress site and serve all assets via an S3 bucket fronted by the AWS CloudFront CDN then this is where things get interesting.

In part II – Serving WordPress assets from AWS S3 and AWS CloudFront »

I deal with how to configure WordPress to upload all uploaded content to the Amazon S3 bucket automatically and how to use a third party service such as beanstalkapp.com to automatically push static assets to S3 when a new deployment is ready at the source code level (it’s very neat).