A really useful tool Google launched last summer – it’ll give you spam rates, delivery errors, IP and (crucially) domain reputation by IP address for all messages passing through Gmail.
Update Wed 30 March 2016: Windows XP browsers ARE NOW SUPPORTED – you don’t need to do anything for this to take effect other than renew your certificate and restart Apache or Nginx.
At present, Let’s Encrypt certificates don’t work on Windows XP (except for Firefox.) This is because IdenTrust, their cross-signatory, require
s a certificate extension known as “NameConstraints” to prevent certificates being signed for .mil (or US military) domains. It looks a bit like this:
Permitted=None Excluded Subtrees (0..Max): DNS Name=.mil
Unfortunately XP doesn’t understand this so the certificate breaks.
Anyway, they’ve resolved this now –
but as the certificates will still be from IdenTrust I’m unclear how exactly,
This is excellent: it’ll mean there are no real arguments against moving all your existing (paid) certificates over when – or even before – they expire, or adding https:// support to sites without it.
You will need to renew all your certificates to get WinXP support, however one of the advantages of Let’s Encrypt is that the certificates have a short lifetime (3 months), so everyone gets upgraded quickly. They may make the lifetime shorter in future, if anything.
Note also, the service is still in beta and I would hesitate to criticise them for a problem caused by a deprecated OS, compounded by a political issue. The rest of the product is already close to perfect.
I have published some Let’s Encrypt tips.
If you do sudo apt-get upgrade on a Ubuntu box (e.g. a local VVV development environment) and suddenly find your WordPress Dashboard and admin screens are blank (entirely empty grey background except for the admin bar and left hand navigation – because nothing is being printed below the header), you might well need to do:
sudo apt-get install php7.0-xml
This can be triggered by certain plugins, such as JetPack, needing the xml_parser_create() function, which doesn’t exist without that package.
But the error:
PHP Fatal error: Uncaught Error: Call to undefined function xml_parser_create() in /srv/www/example-project/htdocs/wp-includes/class-IXR.php:264
…won’t be visible, and you might start removing plugins unnecessarily (because wiping the plugins will seem to cure the problem…) So I hope that helps.
P.S. when you have something like this, running wp plugin status at the command line (install WP-CLI) is a good idea, as you’ll see all the errors.
MailChimp have just announced that Mandrill, their transaction email service, is being discontinued as a standalone product over the next couple of months. In future all accounts will need to be tied to a MailChimp paid plan.
There are various options should you decide to take the opportunity to migrate elsewhere (MailChimp themselves mention Amazon SES) but I’d like to put in a good word for Postmarkapp; they’ve been around for ages (the company is Wildbit who also make Beanstalk), the site is nicely presented but simple and easy to use, they’re very open about how they work and they’ve launched an excellent Templates featured which I tried a few months ago.
Update 27 Feb:
Here’s a StackOverflow answer by me for anyone who sees this error:
SSL certificate problem: unable to get local issuer certificate
…when using the MailChimp API.
The problem is due to MC using a root certificate that’s been removed from the Mozilla certificate bundle (you’re most likely to see it on Debian systems.)
This is a safer way to work around the problem that rolling all your certificates back to 2014 or disabling SSL certificate verification entirely. You also won’t need to set cURL options or edit your php.ini.
Also covered: how to ‘ping’ the MailChimp API to check it’s working.
I wrote this StackOverflow answer, explaining how you can safely backup your work, destroy the old PHP 5.6 Vagrant box and download a brand new one that comes with PHP 7 as standard.
In my opinion this will be easier and cleaner for most people than trying to perform an in-place upgrade (the exception is where you’ve extensively customised PHP, MySQL or Nginx, in which case you need to backup the appropriate config files too.)
There are also some notes on the format of Homestead.yaml when you have more than one site, as the documentation on shared folders isn’t terribly clear.
IdeaVim is a popular plugin that adds vim shortcuts (e.g. hjkl navigation) to PhpStorm and similar products.
A rare bug Mac users may replicate one day: it’s possible to accidentally disable IdeaVim by pressing cmd-alt-V – the same shortcut as moving files in Finder. PhpStorm does need to have focus; in my case I was typing the standard copy/paste/move shortcuts to transfer some files in the Project window.
You can see/toggle the Vim status with Tools > Vim Emulator (which won’t show up as a search result if you use shift-cmd-A and type ‘ideavim’). It’s a handy shortcut to be aware of – temporarily turning Vim off may make it easier to complete certain refactoring tasks where you’re entering a new variable name.
IdeaVim’s settings are in vim_settings.xml in the WebIde100 folder (where the 100 at the end indicates version 10.0.*), in the event of a problem you can inspect or trash that file.
This is a significant (though we’re not sure yet realistically how dangerous) buffer overflow bug in the Linux C library, glibc. The library handles system calls, for example, reading/writing to files.
The bug is with gethostbyname (used to find the DNS entry for a domain name). Full explanation (Google)
Security updates have been available since 16 Feb 2016.
It’s easy to update but… remember to reboot afterwards! That’s the main reason I wrote this up – there’s a note to this effect in the security advisories, but utilities like aptitude won’t remind you. All sorts of services could be using glibc and remain vulnerable until they’ve restarted. Dan Kaminsky, at length, on how bad it could be
Much as it’s nice to accumulate a large uptime value, a forced reboot is also a useful opportunity to check the relevant services on your machine will come up after a power outage and, for example, your firewall settings are being loaded correctly.
Recommendation: check your existing version before you update, so you can verify it’s changed afterwards:
sudo aptitude show libc6 (Debian)
or execute the library itself, e.g.
(look for the line: Compiled on a Linux 2.6.32 system on [date])
Use your usual update procedure (e.g. apt-get update/upgrade on Debian/Ubuntu, yum update on CentOS/RedHat) then reboot the server.
Remember to do your VMs (e.g. Vagrant boxes) too.
Note packages are backported, so for Debian you pay attention to the uxx after the version number, not the version itself.
Does it affect Mac OS X?
No. (OS X doesn’t have glibc.)
- PhpStorm (IDE for PHP, JS, HTML, CSS and more.)
- Sequel Pro (MySQL GUI)
- SourceTree (Git GUI)
- Dash (documentation browser)
- Reggy (regular expression tester)
- 1Password (password manager – works with all web browsers and iOS)
- coconutBattery (detailed iPhone / Mac battery stats)
- NVAlt (notetaking. Works with SimpleNote web service/iOS app)
Last updated Feb 2016.