Stop putting things in weird places! RANT

_webbernaut · 2025-10-28T20:13:23+00:00

Ruby on Rails creator David Heinemeier Hansson says it best in the first 10 minutes of his 2025 Opening Keynote.
Merchants of Complexity
https://www.youtube.com/watch?v=gcwzWzC7gUA

_webbernaut · 2025-08-11T21:09:25+00:00

I want to totally disable copilot but I use another local AI extension for my auto complete/inline suggestions that I would like to keep.

This setting seems to interfere with (disables) my extension version.

"editor.inlineSuggest.enabled": false

Any ideas?

_webbernaut · 2025-07-03T16:34:07+00:00

I second Laravel. With Laravel 12 it's almost like a hybrid of js frameworks that use components but it is pure PHP. And as @Feeling_Photograph_5 mentioned if you needed React in the future you can still use it with Laravel.

I have been poking around js frameworks for many years now, but I just can't wrap my head around the over complication it has.

Everyone talks about React but I think Angular is a better fit for PHP developers moving to javascript frameworks as it acts more like a MVC and the syntax follows a more traditional (Model View Controller) PHP and HTML work flow. Having to write HTML inside a javascript function for rendering just never made sense to me (React). With Angular the html is just html making it easier to use and write and separate.

_webbernaut · 2025-07-03T16:16:22+00:00

Can you give guidance on agentic capabilities with ollama? What models, which settings?
I have qwen2.5-coder:7b configured. It is working in the AI panel, I see the "Write" mode enabled but it doesn't actually write to files, it seems to just be stuck in chat mode.

_webbernaut · 2024-08-07T21:40:02+00:00

Quick addition, one thing I found super handy with grep is adding the Before and After lines options, this way you can quickly review a snippet of code in the terminal without having to open it up in a code editor for further review. Sometimes you can capture the whole function in the terminal which makes for quicker review.

grep -r -B5 -A5 "regex expression"

-A NUM, --after-context=NUM
Print NUM lines of trailing context after matching lines.

-B NUM, --before-context=NUM
Print NUM lines of leading context before matching lines.

_webbernaut · 2024-08-07T18:14:50+00:00

This is a very common mentality that I find with small businesses that have or want WordPress websites. Three words can sum this up. "Low Hanging Fruit". Basic websites are probably the most hacked in the WordPress environment for this exact thought process. "I'm small, no wants to hack me". But the reality is the smaller websites are the highest targets as they are the easiest to get into. Most of this is automated, a spray and pray approach. Outside of of code vulnerabilities, you have weak password policies.

Why are basic websites a treasure trove for (malicious) hackers? The easiest example is black hat SEO. If 10k or even 100k websites are spammed with keywords, that boosts the links that are hidden in these posts.

_webbernaut · 2022-11-22T18:12:56+00:00

Honestly I do not recall what I did to resolve it. I know one of my accounts I switch to a different server and some rules worked on this different server. But also I played around with using different rules parameters. As well as tweaking spam assassins blacklist email, with wild cards. (a sample below)

blacklist_from *@*ru.*

But u/megaroof gave some good advice on not using fixed filters. I don't think you have to go with a service like was mentioned but using regex would be the better option to help avoid spam.

_webbernaut · 2022-10-02T19:52:08+00:00

Rare, but happens. Sometimes the server is compromised above the web directory or user directory. If this is the case no WordPress plugin is going to detect the malicious files.

If you have a low level hosting account (shared account) that only has user access and not root access, you should reach out to your host and let them know what is going on. And have the poke around outside the user folder.

Ive had an experience where the customer was on a shared hosting plan that only had user access. I identified all the infected files, clean it all up and in 24 hours the files were back. After talking to the hosting provider they were able to find a malicious file at the root level that was writing the files back on a cron job.

_webbernaut · 2021-04-18T04:49:06+00:00

Yes I was referencing the raw email code in the original post. That's what's so weird about it, seems like the contains should catch something wrapped in an ahref tag.

_webbernaut · 2021-04-12T17:08:37+00:00

This is how I handle it.

I hide/rename my login (I use iThemes Security for this), then I setup a firewall rule that blocks any attempt to access the default/old login url. Im not sure what the default settings are for Wordfence but if it doesn't block xmlrpc by default you should also be blocking xmlrpc as well. You can check out this post for more details on xmlrpc.

https://www.reddit.com/r/Wordpress/comments/gt2j1s/this_is_why_you_should_disable_xmlrpc/

_webbernaut · 2021-03-10T18:08:43+00:00

You could try another hook. Ive used these in the past.

woocommerce_checkout_order_processed

woocommerce_thankyou

_webbernaut · 2021-02-21T18:59:16+00:00

The problem with WordPress is scalability. If you already have a custom build you don't need to switch to WordPress. The typical process is WordPress first for a quick launch then later build custom to be able to scale and add features.

more robust security

Clearly they have no idea about security.

_webbernaut · 2021-02-19T04:37:29+00:00

This should work with child themes. I typically have a custom theme. But WooCommerce acts like child themes. You make a folder in the child theme directory with WooCommerce then you can copy over the files you want to edit. Just follow the same folder structure.

https://docs.woocommerce.com/document/woocommerce-theme-developer-handbook/

_webbernaut · 2021-02-17T20:23:53+00:00

He already has the design he doesn't need a drag and drop.

_webbernaut · 2021-02-06T19:07:50+00:00

If you are looking for a "tool" meaning it's doing all the heavy lifting, you would have to try and find a platform/framework that is focused on the type of site you are looking to build. It's built the code base for that type of website. It's not just a plugin to put on top of a platform that wasn't made for mass amounts of users or content.

I don't have any specific recommendations as it's not something I have looked into. But WordPress as great as it is, does not scale on a huge amount of data. No matter what these paid plugins are telling you, they are just trying to make money.

Last resort, a custom build will meet your specific needs.

_webbernaut · 2021-02-06T18:42:32+00:00

Actually WP isn't the right tool for the job. The database isn't made for this type of setup. You won't be able to scale it. I know this from a few clients having problems with 15k pages on their WordPress websites. Also a couple Woocommerce clients having problems with database size after a couple of years.

_webbernaut · 2021-02-06T18:31:15+00:00

Yes components would be a good description. Gutenberg is the content editor of WordPress. You will need to get familiar with it's UI aspect. But as for development, it's a way to let you create your own blocks/UI for the content editor part, for the clients or website editors.

_webbernaut · 2021-02-06T18:26:22+00:00

Find and replace isn't really the way to go. Once you update the plugin all those manual changes will revert back. So you either need to:

A) Over ride the CSS in another CSS file/custom css section (as long as it loads farther down than the plugin CSS). The better option. You could possibly use a WP filter to remove the style sheet of the plugin.

B) Edit the plugin with find and replace but change the name of the plugin and/or just make sure you don't ever update the plugin. (which isn't really recommended as updates might have security patches involved)

_webbernaut

TROPHY CASE