RemindToRead: Email Users a Reminder to Finish Reading Your Articles

remind-to-read-front-page-2

Provide your users a world-class post-visit experience

I liked the idea of using RemindToRead.com on this site when I saw it on Hacker News the other day. I got in touch with Leonard Bogdonoff and expressed interest. He, in turn, offered to let me test it out here at longren.io.

Leonard setup some JS for my site for a quick test and gave me all the necessary code in a shared Google Doc. Took all of 5 minutes to get setup.

You can see it in action at the end of every post here at longren.io. It appears at the very end of every post, but only when viewing an individual post. The button looks like this:
remind-to-read-button

Is RemindToRead Ready For Production?

Getting closer, just from the changes I saw on the dashboard today and the very straight-forward registration process. Signup requires minimal effort. Just enter your email, choose a password, receive an email containing a confirmation link, click the confirmation link, update password, and continue on with setup. A temporary email sent after user signup can be seen below.
remind-to-read-welcome-email-temporary

The current iteration of the dashboard is not quite finished, but is very functional as it stands, even it’s early stages. It provides easy to follow instructions for adding RemindToRead code to your website. Just include some JavaScript and add this little snippet where you want the RemindToRead button to show:

Here’s what the dashboard currently looks like:
remindtoread-dash

I simply added the code above to my relevant template file so that it’s displayed at the end of every post, but is only shown when viewing a single post. So you won’t see the button on archive pages, tags pages, category pages, search results, etc.

A WordPress Plugin Coming

A GitHub repo already exists for a WordPress plugin, I’ve not tried it out yet, but plan to later today and will report back. I know there’s been a lot of core changes to RemindToRead recently, the WordPress plugin may have some catching up to do.

The plugin looks pretty solid code-wise, after a real quick glance. Sounds like Leonard may want me to maintain the WordPress plugin, should be a piece of cake once the core of everything starts to take its final shape.

Use Docker for Fast WordPress Development Environments

docker

A Dockerfile That Provides Quick WordPress Development Environments

Back in May of this year I started playing around with Docker quite a bit. Took me a bit to wrap my brain around everything Docker can do, wish I had read this article from Adam Ierymenko before starting.

Anyway, Docker describes itself as such:

Docker is an open platform for building, shipping and running distributed applications. It gives programmers, development teams and operations engineers the common toolbox they need to take advantage of the distributed and networked nature of modern applications.

I’m not using Docker to it’s fullest extent, not even close. I mostly use it for setting up quick WordPress development environments for building client sites or just to do some testing.

I came across an outdated Dockerfile that had exactly what I needed but lacked the ability to SSH to the Docker container. I forked it on GitHub and added some modifications (like SSH).

It’s on the Docker Hub Registry, making it super easy to use. There’s a few items on the to-do list, but the one I want to take care of first is adding support for Docker Compose, which will make installation even easier.

To get started with this Docker image, you just need to have Docker installed and then run the following command:

Once you’ve got the Docker image pulled, fire up a new container like with the command below. It will create a new Docker container named project-name.

Give it a bit to get everything setup then navigate to http://127.0.0.1:80 in your browser to access your new WordPress install.

For more information I suggest checking out the readme. Every time that I push commits to GitHub, a new build of the Docker image will automatically be built as I’ve got it setup as an automated build repository at the Docker Hub Registry. Pretty nifty.

So, I’m relatively new to Docker, if you’re a pro and see something I should be doing differently, please let me know. Any advice on setting up Docker Compose for this project would be great, too (if I’m not mistaken, it just involved linking multiple containers together).

Do you use Docker?

View Results

Loading ... Loading ...

Giving Cloudbric A Try, But I Still Love Cloudflare

cloudbric

Going to try Cloudbric here for a while to see how exactly it compares to Cloudflare

Longren.io will be unavailable for possibly up to 48 hours. As soon as I’ve published this post, I’ll be updating my nameservers to point to Cloudbric, almost feels like cheating on Cloudflare, they’ve been very good to me.

I’ve been using Cloudflare for quite a while, nearly since it became available to the public. I love them and all the services they provide, especially with a Pro (or Enterprise) account. Cloudflare costs money though (if you want certain added protections), and many smaller websites don’t use a lot of bandwidth and aren’t provided the protections they should receive with Cloudflare.

Cloudbric aims to solve that by providing all the features Cloudflare provides (from what I’ve been told at least) for free as long as your site doesn’t use more than 4GB of bandwidth per month. I only have a few Pro sites with Cloudflare (longren.io being one of them), but am trying to cut back on the number of online services I pay for monthly, so this makes sense on a financial level if nothing else.

I’d never heard of Cloudbric until they got in touch with me via direct message on Twitter and introduced me to their services. They appear to provide everything that Cloudflare’s Enterprise service provides, glad they saw one of my tweets praising Cloudflare and decided to get in touch.

Cloudbric has been around for a while (15 years or so I believe) and I talked to one of their reps quite a bit about how what they provide is better than Cloudflare (other than the usage based cost, of course).

Here’s what he said:

1. Unlike other website protection services including Cloudflare, Cloudbric provides full-coverage website protection. Even though Web Application Firewall (WAF) and DDoS Protection features are crucial for website protection, these options cost at least $200/month from Cloudflare. Cloudflare’s free plan does not protect web application layer 3, 4, and 7, which makes it pointless.

2. Our usage-based plan, rather than options plan, allows even free users to enjoy the most comprehensive security service. There are no charges for extra add-ons or features for more security. Users can enjoy all the features for FREE up to 4GB of traffic monthly.

Here’s a handy table from the Cloudbric website showing a feature comparison with similar providers like Cloudflare, Sitelock, and Incapsula.

FEATURES Cloudbric Incapsula SiteLock Cloudflare
Advanced DDoS Protection(Layer 3, 4, 7) FREE $299 /mo Enterprise $200 /mo
PCI-Certified Web Application Firewall(WAF) FREE $59 /mo $299 /mo $20 /mo
Global Content Delivery Network FREE $19 /mo $99 /mo $20 /mo
Web Opimization FREE $19 /mo $99 /mo $200 /mo
OWASP Core Rule Set FREE $59 /mo $99 /mo $20 /mo
Reputation-based Threat Protection FREE $59 /mo $299 /mo FREE
Board Spam Protection FREE $59 /mo X X
Block Visitors by IP or country FREE $59 /mo X FREE
Login Protection FREE $59 /mo X X
SSL Support FREE $19 /mo FREE FREE

Figured I’d try it out on this site as it gets the most traffic out of my personal sites, and if everything’s cool, I’ll eventually be moving all clients over to Cloudbric. Just wish they had a way to import existing DNS records, some of my domain names have at least 50 sub-domains.

Longren.io subscribers will get this post via email, but longren.io could be down for up to 48 hours while stuff updates. I’ll update this post or maybe write a new one after I’ve used Cloudbric for a few days. You should at least check them out, especially if you’re using Cloudflare for a site that doesn’t get enough traffic to make it worth paying for.

I really don’t want to leave Cloudflare, but if Cloudbric stacks up, I’m afraid I’ll have to.

Update: After updating nameservers for longren.io to Cloudbric, an SSL issue was found. I went back to Cloudflare immediately, and within about an hour Cloudbric’s engineering team had a solution worked out. It sounds like they’ll be rolling the fix out on Monday June 29. So until then, longren.io will be on Cloudflare. I’ll post info about the issue in detail after Cloudbric has officially announced it or made the fix active.

Keybase.io: PGP For Beginners, With Invites

keybase-logo

PGP for Beginners: A Simple Web Interface to PGP

Keybase.io is quite simple, basically a web interface and command line client that makes PGP more user-friendly. At the same time, it makes it easy to get someones public key, and know it’s the correct key.

Keybase.io allows you to encrypt, decrypt, sign, and verify messages to other keybase.io users. The Keybase.io homepage has an excellent description on the inner workings and how to make use of the command line client.

You can find me on Keybase.io at https://keybase.io/tlongren/.
keybase-tyler

I like how the purpose of the Keybase.io website, as opposed to the command line client, is described:

Keybase.io is also a Keybase client, however certain crypto actions (signing and decrypting) are limited to users who store client-encrypted copies of their private keys on the server, an optional feature we didn’t mention above.

On the website, all crypto is performed in JavaScript, in your browser. Some people have strong feelings about this, for good reason.

Keybase.io has it’s issues, though. Liz Denys makes very good points in her Refusing To Verify Myself post.

And back in March 2014, Evan Johnson discovered very serious vulnerability in Keybase.io. You can read more about it, along with examples and why it was so major, in his blog post.

There’s still serious debate that’s somewhat related to Evan’s discovery. An issue on GitHub is still open while the Keybase.io folks consider their options and best course of action.

Everything has it’s flaws, though. So for me, Keybase.io is an easy way for me to communicate securely with those I need to do so with. I’ll likely continue using it, but need more people I communicate with frequently to be members.

Invites

I do have invites for Keybase.io. I’ll only send them to people I know. If you’re a regular here, a client of mine, or old online friend, you qualify. Real world friends and family obviously qualify.

Just ask in the comments below.

SSH Private Key Authentication Tip

key

So easy to miss, but so important for SSH Private Key Authentication

I don’t allow password logins on any of my servers. Can only login via SSH key based authentication. No root login is allowed, and I specify every user that’s allowed to login via SSH, ie: me.

If you’re a regular here, you know I love DigitalOcean. They have a very nice tutorial on setting up SSH private key login, even walking you through creating SSH keys if you don’t already have one, and even adding that key to your DigitalOcean account.

None of that will be of interest to you if you already know how to generate SSH keys.

I’ll SSH into my new Droplet, only to be rejected. I immediately know why, because it’s happened so many times. It’s due to incorrect permissions on your Droplet, VPS, server, whatever.

For SSH private key authentication to work, the ~/.ssh/authorized_keys file and the ~/.ssh folder need specific permissions:

Run that, and then try logging in via SSH to your Droplet from your local machine. Should go this time.

If you still can’t login to your remote system, something else is likely wrong. If that’s the case, you’ll want to start at the top of the DigitalOcean post about setting up SSH private key authentication and just follow the steps.

After you’ve followed those steps, change permissions on the ~/.ssh/authorized_keys file again and on the ~/.ssh folder again. Like so from your terminal:

I’m curious…

Do you allow password logins over SSH?

View Results

Loading ... Loading ...

If you do allow password logins, I’d love to hear what scenario causes you to need to allow password logins. Let me know in the comments if you don’t mind.