WordCamp Europe 2016

February 7th, 2016 by Alexander Kirk | Comments Comments Off on WordCamp Europe 2016

This year, 2016, the Vienna WordCamp team (which includes me) was able to get WordCamp Europe to come to Vienna. So may I present to you:

WordCamp Europe 2016 in Vienna from June 24-26

Unfortunately it is constantly sold out, but there is a waiting list, should you still decide to come.

circle-volunteer

Looking forward to the event in June!

Presentation: My WordPress is up, what now?

October 8th, 2015 by Alexander Kirk | Comments Comments Off on Presentation: My WordPress is up, what now?

This is the presentation I held at the WordPress Meetup on October 7, 2015.

Download the PDF

WordPress.com Community Translator

May 27th, 2015 by Alexander Kirk | Comments Comments Off on WordPress.com Community Translator

Amongst other things, this is something that I have been working on in the last months: Web Publishing for All! Introducing Community Translator Tools

Bookmarklet: Add URL to Links

March 2nd, 2015 by Alexander Kirk | Comments Comments Off on Bookmarklet: Add URL to Links

A quick one: If you need a website text for copying it as plaintext, you can prepare this by using this bookmarklet:

add URL to links
(drag to your bookmarks bar)

add URL to links with CSS: text cannot be copied
(drag to your bookmarks bar)

Buchhaltung für EPUs: Bookamat

February 4th, 2015 by Alexander Kirk | Comments Comments Off on Buchhaltung für EPUs: Bookamat

Eine Sache, die man als EPU nicht gerne macht (zumindest alle, die ich kenne), ist die Buchhaltung. Auch wenn man den ganzen "Rechnungskram" an einen Buchhalter auslagern könnte, so finde ich es für den alltäglichen Betrieb wichtig, die Finanzen im Blick zu haben und die Erfassung der Belege selbst zu übernehmen.

Eigentlich könnte man seine ganzen Einnahmen und Ausgaben auch in einer Excel-Tabelle erfassen. Aber das ist in vielerlei Hinsicht mühsam und unübersichtlich. Also soll eine Software her. Der Markt ist nicht klein, es gibt zahlreiche Software, die Kleinunternehmen damit unter die Arme greifen wollen, aber da gibt es gleich die ersten Fallstricke:

1. Die Software soll für Österreich geeignet sein
2. Das Ganze soll bitte auch am Mac laufen

Die einfache Lösung: eine Web Applikation. Auf dem österreichischen Markt gibt es hier 2 große Player: freefinance und bookamat

bookamat

Mit freefinance sind vielleicht Leute vom Fach zufrieden, für einen Halblaien ist das Interface eine (visuelle) Katastrophe, die ganze Applikation ist voll mit Fachbegriffen frisch aus dem Finanzamt.

freefinance interface

Dagegen ist Bookamat eine Offenbarung. Beim Interface sieht man, dass das jemand macht, der etwas von Webseiten versteht: Patrick Kranzlmüller und Axel Swoboda sind mit ihrer Agentur vonautomatisch vom Fach.

bookamat-neue-buchung

Ich verwende schon mehrere Jahre Bookamat und bei jedem Update sieht man, dass die beiden ihre Software selbst verwenden und immer dort schrauben, wo es noch etwas hakt. Kleines Beispiel aus dem Screenshot oben: Man legt mit der Auswahl des Steuerkontos fest, ob es sich um eine Eingabe oder Ausgabe handelt.

Bei freefinance z.B. muss man erst das richtige Formular aufrufen (also Einnahme oder Ausgabe), und bekommt dann das hier präsentiert:

freefinance-neue-buchung
Die Alarmglocken schrillen schon, wenn man die Hälfte des Bildschirms für Hilfetexte braucht. Bei den Zahlen im Dropdown vermute ich, dass es sich um die Kennzahlen des Finanzamts handelt. Das mag hilfreich sein, aber zeigt wie sehr man sich an der Finanz und nicht am Unternehmer orientiert.

Bookamat hingegen zeigt es auch an, aber dort, wo man sich aussucht, welche Konten man im Alltag überhaupt braucht.
bookamat-steuerkonten

Letztlich bleibt mir nur zu sagen: verwendet Bookamat! Es nimmt der Buchhaltung zwar nicht vollkommen den Schrecken, aber es macht sie verständlicher und erfreulicher. Und das ganze nur für 100 Euro im Jahr, inkl MwSt. (dh für alle die nicht unter die Kleinunternehmerregelung fallen nur 83,33 Euro an).

Little Snitch und Freewave

September 9th, 2014 by Alexander Kirk | Comments 1 Comment »

Inspiriert von der Anleitung von Freewave, die zeigt, wie man in einem unverschlüsselten WLAN (wie Freewave es an vielen Orten in ganz Österreich anbietet) dafür sorgen kann, dass nicht unabsichtlich Apps mit dem Internet sprechen, habe ich hier ein paar Anpassungen zusammengestellt, um das Gleiche mit SSH und SOCKS zu nutzen.

Wenn man Zugang zu einem Server im Internet per SSH hat (eigener Webserver, Uni-Account), kann man sich einfach eine sichere Verbindung (zumindest bis zu ebendiesem Server, aber es geht ja eigentlich nur darum die WLAN-Signale zu verschlüsseln) basteln.

Man startet ein Terminal-Fenster und gibt Folgendes ein:

ssh -D9999 username@mein.server

Mit dem Schalter -D<port> wird ein SOCKS-Proxy gestartet, der auf localhost:<port>, in diesem Fall auf localhost:9999, lauscht. Man lässt dann das Terminal-Fenster sowie die Verbindung so lange offen, solange man den Proxy verwenden will.

Dann konfiguriert man sein OSX so (in den Systemeinstellungen unter "Netzwerk"), dass es den SOCKS-Proxy verwendet:

socks-proxy

und letztlich passt man dann noch die Regeln an, wie sie in der Anleitung von Freewave gezeigt werden:

little-snitch-proxy

Der Unterschied besteht in der Regel für "Terminal", die pppd und racoon ersetzt. Am einfachsten erstellt man die, indem man die Regel erstmal einfach weg lässt und die "alle ausgehenden"-Regel auf "Nachfragen" stellt. Dann das ssh Kommando ausführen, Little Snitch fragt nach, was es tun soll. Daraufhin erlaubt man die Verbindung für immer und stellt danach die "alle ausgehenden"-Regel wieder auf "Verbieten" zurück. (bei mir gibt es hier 2 Regeln, weil ich je nach Anwendungsfall 2 verschiedene Server verwende)

Übrigens: Ich fand die Bezeichnungen "Ohne VPN" und "Mit VPN" verwirrend, deswegen hab ich die bei mir "Potenziell Unsicher" bzw. "Vertrauenswürdig" genannt.

Insgesamt ist leider schade, dass mit einer solchen Konstruktion die ganzen Regeln, die man mehr oder weniger mühsam unter "Vertrauenswürdig" erstellt hat, nicht gelten, während man "Potenziell Unsicher" aktiviert hat: es geht einfach alles durch SSH, auch was man unter "Vertrauenswürdig" verboten hat.

SSL Certificate Expiry Warning Script

August 14th, 2014 by Alexander Kirk | Comments Comments Off on SSL Certificate Expiry Warning Script

With the increasing trend of SSL on the web, where Google values SSL sites higher and you can have your site be added to the HSTS preload list (the browser will first try HTTPS before trying HTTP), it is a good idea to start using SSL yourself.

The downside: you need to get a certificate through a (pre-trusted by the browser) CA, or certificate authority. This usually costs money, though there are some services that give you a certificate for free. The free certificates only last for one year or less, this means you need to request and install a new certificate frequently, especially when you have multiple domains.

Now it can happen to anyone, even Microsoft (Windows Azure Service Disruption from Expired Certificate), that you forget to renew (and update) your certificate in time.

There is a nice service called certalert.me (interestingly enough not over HTTPS) that will send you an e-mail when a certificate is due to be updated. But as with any web service, unfortunately you can never be sure how long it's going to live.

So, I have created a script that I run through a cronjob every day that will send me a notification e-mail several times in advance (1 day and 2 7 14 30 60 days ahead), so that you are not dependent on a third party to get notified about expiries. As it is supposed to be with cronjobs, there is no output when there is nothing to report (thus no e-mail).

Here is the script (download warn_about_certificate_expiry.sh):


#!/bin/sh 

CertExpiries=$(mktemp)
for i in /etc/certificates/*.pem; do
	echo $(basename $i): $(openssl x509 -in $i -inform PEM -text -noout -enddate | grep "Not After" | tail -1 | awk '{print $4, $5, $7}') >> $CertExpiries
done

Date=$(date -ud "+1 day" | awk '{print $2, $3, $6}')
Expiries=$(grep "$Date" $CertExpiries)
if [ $? -eq 0 ]; then 
	echo These Certificates expire TOMORROW!
	echo $Expiries
	echo
fi
for i in 2 7 14 30 60; do
	Date=$(date -ud "+$i day" | awk '{print $2, $3, $6}')
	Expiries=$(grep "$Date" $CertExpiries)
	if [ $? -eq 0 ]; then 
		echo These Certificates expire in $i days:
		echo $Expiries
		echo
	fi
done
rm $CertExpiries;

Stack Overflow: Ways out of the negativity

April 26th, 2014 by Alexander Kirk | Comments Comments Off on Stack Overflow: Ways out of the negativity

This is in response to the Stack Overflow Meta question: Why is Stack Overflow so negative of late?

In my opinion the problem that Stack Overflow is currently facing is caused by a lot of new users that are characterized by user Mysticial as "help vampires". They care nothing for the site and just want their code fixed. They don't research (or very little) and provide less than the minimum information needed. Most of the times the questions are very basic and can be answered by an intermediate programmer in a few minutes.

In a normal forum, users would not yield any responses. Not so on Stack Overflow: you get reputation for answering questions and therefore even theses badly researched questions get answers within under a minute. Mystical calls these users "reputation whores".

The problem is that "help vampires" and "reputation whores" create a vicious circle: they both need each other and therefore the circle continues to spin.

The outcome of this situation: the site is flooded with a high number of low quality questions, experienced programmers who are interested in learning something don't see the forrest for the trees. Even though questions can be voted up, they don't stand out enough to gain momentum.

Proposed Solutions

a) Create a "beginners test"

This would create a higher burden for low reputation users before they can ask their question. They need to invest more time and rethink their action before they get to post something.

A few ideas what that could be:

  • The user needs to give 3 search queries that he used either on Google or on Stack Overflow that didn't yield results.
  • If they don't include any code, they must confirm that they are asking a non-code question. See this proposal on Stack Exchange Meta.
  • Specify the time that they took to research the problem (while this can be easily faked, it makes the user reconsider if they had taken enough time for the problem)

b) Have experienced users review a question, before it goes online

There would be a process where a new user asks his or her question, but it doesn't go online. Higher reputation users read the question but are unable to answer it, and give feedback if the question has enough information or has been researched enough. Finally, the question get's thrown into the shark tank.

It would be fine to give these reviewing higher reputation users even more reputation for reviewing this: they are helping to improve the site, this is actually what the reputation system has been designed for: to make the site interesting, not for feeding the "help vampires".

All in all it is remarkable that despite the current situation, Stack Overflow has reached the quality it has. The reputation and badge system has for sure been a very big factor in this but it is very appalling that in order to reach a certain reputation level, you really have to feed the "help vampires".

You can find me on Stack Overflow as akirk.

Fix qTranslate with WordPress 3.9

April 17th, 2014 by Alexander Kirk | Comments 12 Comments »

When updating a blog of mine to WordPress 3.9 the page wouldn't load anymore because of qTranslate not able to cope with the update. In the error log it says:

PHP Catchable fatal error: Object of class WP_Post could not be converted to string in ../wp-content/plugins/qtranslate/qtranslate_core.php on line 455

The error is caused by this change: get_the_date() to accept optional $post argument

There is a proposed quick fix by Saverio Proto, but it doesn't take the problem at its root:

qTranslate registers the function qtrans_dateFromPostForCurrentLanguage($old_date, $format ='', $before = '', $after = '') for the hook get_the_date but it actually only accepts one parameter. With the new update it accepts a second parameter $post, which now wrongly fills the variable $before that is in the process being converted to a string.

So the solution simply is to delete the two parameters that were assigned the wrong meaning and have defaults anyway.

Add a Rate Limit to Your Website

April 19th, 2013 by Alexander Kirk | Comments Comments Off on Add a Rate Limit to Your Website

Suppose you have a ressource on the web (for example an API) that either generates a lot of load, or that is prone to be abused by excessive use, you want to rate-limit it. That is, only a certain number of requests is allowed per time-period.

A possible way to do this is to use Memcache to record the number of requests received per a certain time period.

Task: Only allow 1000 requests per 5 minutes

First attempt:
The naive approach would be to have a key rate-limit-1.2.3.4 (where 1.2.3.4 would be the client's IP address) with a expiration time of 5 minutes (aka 300 seconds) and increment it with every request. But consider this:

10:00: 250 reqs -> value 250
10:02: 500 reqs -> value 750
10:04: 250 reqs -> value 1000
10:06: 100 reqs -> value 1250 -> fails! (though there were only 850 requests in the last 5 minutes)

Whats the problem?

Memcache renews the expiration time with every set.

Second attempt:
Have a new key every 5 minutes: rate-limit-1.2.3.4-${minutes modulo 5}. This circumvents the problem that the key expiration but creates another one:

10:00: 250 reqs -> value 250
10:02: 500 reqs -> value 750
10:04: 250 reqs -> value 1000
10:06: 300 reqs -> value 300 -> doesn't fail! (though there were 1050 requests in the last 5 minutes)

Solution:
Store the value for each minute separately: rate-limit-1.2.3.4-$hour$minute. When checking, query all the keys in the last 5 minutes to calculate the requests in the last 5 minutes.

Sample code:


foreach ($this->getKeys($minutes) as $key) {
    $requests += $this->memcache->get($key);
}

$this->memcache->increment($key, 1);

if ($requests > $allowedRequests) throw new RateExceededException;

For your convenience I have open sourced my code at github: php-ratelimiter.

Thinkery API launched

April 5th, 2013 by Alexander Kirk | Comments Comments Off on Thinkery API launched

Just a quick note, we made the Thinkery API public.

If you don't know thinkery.me, it is a simple yet powerful tool for storing both notes and bookmarks. The contents of the saved page is stored in your Thinkery which you can keep even if the webpage goes down. With #hashtags you can easily categorize everything.

Check it out!

munin smart plugin: ignore error in the past

February 7th, 2013 by Alexander Kirk | Comments Comments Off on munin smart plugin: ignore error in the past

As a hard drive in my server failed, my hosting provider exchanged the drive with another one which obviously had some sort of error in its past, but now seems to be fully ok again. I would have wished to receive a drive without any problems but as my server is RAID 1, I can live with that.

I do my monitoring with Munin and for monitoring my hard drives I use the smart plugin. Now this plugin also monitors the exit code of smartctl, where smartctl sets bit no 6 if there was an error in the past, so now while everything is alright, the exit code is always numeric 64.

Now the smart plugin reports this as an error, if the exit code is > 0, i.e. now it always reports a problem.

I could set the threshold to 65, but then I wouldn't be notified of other errors which essentially makes the plugin useless.

I asked at Serverfault but no one seems to have a solution for that.

So I attacked the problem on my own and patched the plugin. In the source code the important line is here:


if exit_status!=None :
# smartctl exit code is a bitmask, check man page.
num_exit_status=int(exit_status/256)

which I have modified to look like this:

if exit_status!=None :
# smartctl exit code is a bitmask, check man page.
num_exit_status=int(exit_status/256)
# filter out bit 6
num_exit_status &= 191
if num_exit_status<=2 : exit_status=None if exit_status!=None :

Now it doesn't bug me anymore when bit 6 is set, but if any other bit goes on again, I will still be notified. The most interesting part is the line where there is a bitwise operation with 191: this is 0x11011111 in binary, so doing an AND operation with the current value it will just set bit no 6 to 0 while letting the other values untouched.

Therefore a value of 64 (as mine does) will be reported as 0 while a value of 8 would remain at 8. But also, very importantly, a value of 72 (bit 6 set as always and bit 3 set because the disk is failing) it would also report 8.

And there we have another reason, why it is good to be firm with knowledge about how bits and bytes behave in a computer. Saved me from a warning message every 5 minutes :-)