Category: WordPress

Categories
WordPress

WordPress Theme “Sugar and Spice”.

同一記事の日本語版
Update information      Edit    Edit2(Mar.9)    Edit3(Mar.9)

   I changed the theme of my sites to “Sugar and Spice“. I made three child themes for my site except my netradi.

   There are a lot of things which need work, but I already get bored. So, the rest I do at a later date. (^^;)

Edit:
   This was too shoddy article. I make some addition for my reminder.

   The reason for changing my Themes is I want to use the new features of Themes, about which I wrote on “Upgrading to WordPress 3.6.“. There is also the maintenance and the security of my sites. Besides, I want to support HTML5. Oh yes, about AdSense (He-he).

   The theme “Sugar and Spice” has ‘custom-menu’, ‘responsive-layout’, ‘theme-options’ as its major features. Nowadays, my sites has more accesses via smartphones, so the ‘responsive-layout’ is what I want to use.

   Though I considered revising my old themes before deciding to select a new theme, it seemed to take enormous time because each site had each theme and the themes made by myself. And, a lack of my knowledge about WordPress Theme (^^;). Besides, I’ve learned about “Child Theme” of WordPress Theme since I began WordPress blogs. So, at my new Theme I don’t make any changes on the parent Theme, I use the child Theme features for this purpose.

   WordPress has a huge number of Themes as you know. It is very difficult to choose a Theme from among them. So, I decided the range was only “Featured Themes“. I think the Theme among them maybe has new features and decent supports. I was tired and bored about this, finally, I settled for “Sugar and Spice“.

   I made a style.css for the child Theme. It includes the next customizations.
body {
color: #000;
}
/* Typography */
h1, h2, h3, h4, h5, h6 {
color: #000;
}
/* Calendar Widget */
table th,
table td{
color: #000;
border: none;
text-align: left;
}

   The most struggling thing is the change of the original color of the Color scheme in the Theme Options. This original script is not in the style.css but in sugar-and-spice/inc/extras.php. Various new techniques appear, but an amateur like me is not following them (Sigh!).

   With this revision, I stopped the use of “One Row Calendar” and “My Link Order”. I’ve use them for a long time. I thanked the authors of both plugins m(_”_)m.

Edit2(Mar.9):

  • **About style.css customization
    • ****For displaying table’s background image
      /* Calendar Widget */
      table th,
      table td{
      color: #000;
      background: transparent;         <--- I added this line. border: none;
      text-align: left;
      }
    • ****For darker comment form font color
      /* #Forms */
      input[type="text"],
      input[type="search"],
      input[type="password"],
      input[type="email"],
      textarea,
      select {
      color: #000;
      }

      input[type="text"]:focus,
      input[type="search"]:focus,
      input[type="password"]:focus,
      input[type="email"]:focus,
      textarea:focus {
      color: #000;
      }

      label span,
      legend span {
      color: #000;
      }

Edit3(Mar.9):
   I created my own WOFF file for “Sugar and Spice” child Theme.
     To create a WOFF file from my own handwriting-#1.
     To create a WOFF file from my own handwriting-#2.
     To create a WOFF file from my own handwriting-#3.

Categories
WordPress

WordPress3.8.1 Background Updates.

同一記事の日本語版

   This morning I had a update message about WordPress3.8.1 on my Dashboard. I checked the ChangeLog out and found this was a minor maintenance release. So, I tried to wait the feature Background Updates which were introduced in WordPress 3.7.

   I tested my multisite by Background Update Tester created by WordPress.org. Then I had the result below.
————————————————————————————————————————————-
Automatic background updates require a number of conditions to be met.

  PASS: Your WordPress install can communicate with WordPress.org securely.
  PASS: No version control systems were detected.
  PASS: Your installation of WordPress doesn’t require FTP credentials to perform updates.
  PASS: All of your WordPress files are writable.

This site is able to apply these updates automatically. Cool!
————————————————————————————————————————————-
   I was waiting for Automatic Background Updates to finish. Finally, I had the email below.
————————————————————————————————————————————-
Subject : Your site has updated to WordPress 3.8.1 (2014.1.24 20:13)
Message :
  Howdy! Your site at http://MySite has been updated automatically to WordPress 3.8.1.

  No further action is needed on your part. For more on version 3.8.1, see the About WordPress screen:
  https://MySite/wp-admin/about.php

  If you experience any issues or need support, the volunteers in the WordPress.org support forums may be able to help.
  http://wordpress.org/support/

  The WordPress Team
————————————————————————————————————————————-
   Mission complete! Clap Clap.

   However, this feature remind me that we always need to watch out our PC environments. If the features like this are used by malevolent things, we might be given a lot of malwares.

Categories
WordPress

Enabled Opcache.

同一記事の日本語版

   On Dec. 24th, I enabled Opcache on my server (Windows7HP + SP1 (x86)).

   Since installing “BulletProof Security“, it gave me a few trouble. On the other hand, it also brought me some useful information about PHP. For example, I saw its System Information page and changed values in my php.ini like the below. It’s for the security reason.

Default Custom
output_buffering = 4096 output_buffering = Off
expose_php = On expose_php = Off
mysql.allow_persistent = On mysql.allow_persistent = Off

   The other day, I found the words “Opcode Cache” on the page. It reminded me of OPcache bundled with PHP5.5. Then I tried to enable it on my server.

   I changed some settings in my php.ini.

   First, I added the line “zend_extension=php_opcache.dll” to the end of Windows Extensions and changed the next six lines by following this page instructions. I can find better values for my server someday, but now, to follow the page instructions is better for me who is a very newbie of Opcache.

Default Custom
;opcache.enable=0 opcache.enable=1
;opcache.memory_consumption=64 opcache.memory_consumption=128
;opcache.interned_strings_buffer=4 opcache.interned_strings_buffer=8
;opcache.max_accelerated_files=2000 opcache.max_accelerated_files=4000
;opcache.revalidate_freq=2 opcache.revalidate_freq=60
;opcache.fast_shutdown=0 opcache.fast_shutdown=1
Details
Details
Files
Files

   I don’t use the CLI version of PHP, so I left “;opcache.enable_cli=0”.

   On Apache benchmarks of before and after. ApacheBench
   This benches show some improvements. But, with my feelings I realized more than the benches on the home network. I think Opcache brought major effects to my sites because most of them depend on PHP scripts, i.e. WordPress.

   I had heard about APC Control Panel, so I looked for a Control Panel of Opcache and found. You can control Opcache from a Web browser by Opcache Control Panel, ocp.php. It requires the php function ‘phpinfo’, so you had better make an access control for this file.

Categories
WordPress

About Jetpack trouble.

同一記事の日本語版

   After moving to MariaDB, Jetpack suddenly gave me an error. I was not to able to connect my stats on WordPress.com from my parent site dashboard. As I could not solve this by myself, I went to Jetpack Support Forum and started the topic “Jetpack: site_inaccessible“. Three days later, I went to WordPress.com Japanese Forum and started “ルートサイトと昔のテストサイトのコンフリクト。” because I realized these two forums were complete different groups. But I was wrong. They belong to the same party. However, I did a multi-post because my writing was not enough (^_^;). Anyway, I had some suggestions from both of them.

  1. Jeremy Herve told me to use define( 'JETPACK_CLIENT__HTTPS', 'NEVER' );. But it did not work.
  2. Richard Archambault suggested me the issue might be related with SSL and told me to check my SITE_URL up. But, my SITE_URL was http://o6asan.com that meant no problem.
  3. naokomc told me at Stats Page it looked the owner had no dibs on the site when he could not connect to WordPress.com. So, I thought again it might be related with SSL that Richard told me.
  4. Then, I tried connecting after commenting define( 'FORCE_SSL_ADMIN', true ); out. That worked, wow!!

   I got that the authorization might fail with define( 'FORCE_SSL_ADMIN', true ); on some conditions.

   After the connection to WordPress.com, I rolled define( 'FORCE_SSL_ADMIN', true ); back. It is O.K. after the Authorization even if define( 'FORCE_SSL_ADMIN', true ); is uncommented.

   I have never resolved in my mind why this suddenly happened. But, the issue solved.

Categories
WordPress

Upgrading to WordPress 3.8.

同一記事の日本語版
Update information      Edit(2014.Jan.30)    Edit2(May.6)    Edit3(Jun.22)

   On December 12, 2013, WordPress Version 3.8, named for Charlie Parker, was released to us, and today, Japanese WordPress develop members announced they brought the new Japanese version WordPress. If you want to know about its new features, see the Codex for Version 3.8.

   My WordPress is a multisite type and the parent site language is English. Probably for this reason, the WordPress Updates page does not show me the Japanese version update message.

   So, I downloaded wordpress-3.8-ja.zip manually and upgraded.

   This time, I had the warning below derived from the ca-bundle.crt again.

  Warning! Problem updating https://MySiteName. Your server may not be able to connect
  to sites running on it. Error message: SSL certificate problem: self signed certificate in
  certificate chain

   So, I did do Oiram’s workaround. Then the warning has gone.

Edit(2014.Jan.30):
   Since January 3rd, I cannot access to the Oiram’s site. For a few people googling by the word “ca-bundle.crt” and reaching here, I uploaded the PDF version of Oiram’s workaround. 「Error upgrading WordPress (SSL)

Edit2(May.6):
   Today, I can access to the the Oiram’s site after a very long interval.

Edit3(Jun.22):
   I wrote an article The solution of “SSL3_READ_BYTES:sslv3 alert handshake failure” on WordPress.

Categories
WordPress

Snow falling on my blog, again.

同一記事の日本語版

   On 28th, we had our first snow in my town, and my blog has snow falling from today (^o^). Last year, it began from 28th of December though, I let it from 1st of December this year. I think the date or the time depend on the server timezone, so you might see the snow even if you are still on the last day of November your local time. Please accept it (^_^;).

   This is one of Jetpack plugin features, and I think the original script is Snowstorm by Scott Schiller.

Categories
WordPress

A WordPress Plugin “BulletProof Security”.

同一記事の日本語版
Update information      Edit(Dec.2)~~Edit4(2014.Jul.14)    Edit5(Jul.16)

   I installed the Plugin “BulletProof Security” for my WordPress security. It’s easy to install. But there is something you should consider in activating if you also use it.

  1. Though it is Network / Multisite Compatible, you should NOT make it Network Activated. Network Deactivate BulletProof Security and then activate BulletProof Security on your Primary site ONLY.
  2. BulletProof Security uses .htaccess files, so you should back up the otiginal files in your WordPress Root and wp-admin folders before its activating.
  3. BulletProof Security uses .htaccess files, so it depends on your server configuration if you can use it or not. In my case, I had an error, so I added Options=Indexes to my AllowOverride Directive in the <Directory> section of the httpd.conf.

   By the way, I found BulletProof Security introduced Sucuri SiteCheck Scanner on one of its pages. So I tried to scan my WordPress sites. On the sites, no threats were found, though they say “Sucuri SiteCheck is a free & remote scanner. Although we do our best to provide the best results, 100% accuracy is not realistic, and not guaranteed”.

Edit(Dec.2):
   The plugin ‘Broken Link Checker’ gave me the message below:

   Broken Link Checker has detected 1 new broken link on your site.
   Here’s a list of the new broken links:
   Link text : Asus ,HCL X51C (T12C) Motherboard schematic
   Link URL : https://ja.o6asan.com/wp-content/uploads/sites/3/Asus_HCL_X51C_(T12C).pdf
   Source : ノートをWin8 Proにアップグレード。
   You can see all broken links here: http://My WP dashboard tool URL

   Why suddenly? This PDF file I uploaded on Oct.16 and have not made any changes to it. I got another message when I accessed the PDF by a browser. Like this:

   o6asan.com 403 Forbidden Error Page
   If you arrived here due to a search or clicking on a link click your Browser’s back button
   to return to the previous page. Thank you.

   I found out this message by the ‘BulletProof Security’ and also found ‘BulletProof Security’ not to allow accessing the file which has ( or ) in its filename. So, I changed from Asus_HCL_X51C_(T12C).pdf to Asus_HCL_X51C-T12C.pdf. Now I don’t have the errors. that’s.it.

Edit2(Dec.3):
   I got an update to version .49.7 today, and we can use “Network Activate” on Network / Multisite now, I just wrote that we were unable to use it though. Of course you can also use it by your old configuration.
   By the way, I’ll write an addition to Edit(Dec.2). BPS does not allow accessing the file which has a space in its file name, either.

Edit3(Dec.4):
   Lately, I edit this page everyday (^_^;). This time, Mr.’BulletProof Security’ blocked my flash movies. When I accessed 高住神社-video1, I got the you-know-message “Movie not loaded”. I directed a doubtful look at the Adobe Flash Player because this phenomenon is usually occurred by the player. But, it is not guilty this time-HaHa.
   I found out this as a solution. Flash swf 403 error – Flash slideshow blocked
   I added the next bold italic letters to the root .htaccess file. That’s it.
   RewriteRule .* index.php [F,L]
   RewriteCond %{REQUEST_URI} (flvplayer.swf|timthumb.php|~~|thumbs.php) [NC]

Edit4(2014.Jul.14):
   Recently, I had a lot of 500 Internal Server Error errors on my server log. First, it looked like related to the font-face decoration. But, I finally found that the .htaccesses of BPS gave them when a URI has a ? at its end. I went to the WordPress Japanese forum and the BulletProof Security Free forum. I got the solution from them. Now, the errors have gone. Happy!!

   If you need more information, please see the following topics.
   IE11(Win8.1),IE10(Win7)で,アクセスしたとき,font.eotについてエラーがでる。
   font-face 500 Internal Server Errors

Edit5(Jul.16):
   I had a lot of 403 Forbidden Errors related to my own site on my http_error_log.txt because of the plugin Broken Link Checker uses Head Method. I’ve known the Broken Link Checker uses Head Method since 2012.Dec.29. But I want to use these two plugins, so, I’ve accepted the situation because I don’t know how I can fix it.

   However, when I checked the .htaccess up for this 500 Internal Server Error, I found the following sentences. Wow!!
# REQUEST METHODS FILTERED
# This filter is for blocking junk bots and spam bots from making a HEAD request, but may also
# block some HEAD request from bots that you want to allow in certain cases. This is not a
# security filter and is just a nuisance filter. This filter will not block any important bots
# like the google bot. If you want to allow all bots to make a HEAD request then remove HEAD
# from the Request Method filter.
# The TRACE, DELETE, TRACK and DEBUG request methods should never be allowed against
# your website.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteRule ^(.*)$ - [F,L]
   This means I can remove HEAD from it? Immediately I removed HEAD from the .htaccess in my root folder. The .htaccess in my wp-admin folder I leave the default, because the Broken Link Checker doesn’t access to the wp-admin folder.

   It works very well as I expected (*´▽`*).

Categories
WordPress

Akismet API outage.

同一記事の日本語版

   When I got home and checked my WordPress comments, the Akismet gave me an error message which surprised me very much. I had a fit and looked for solutions on the Internet, but shortly after the Akismet worked normally again before I did something. According to Akismet blog, it was API outage – November 28th. So, today’s error was not my fault but Akismet’s. What a relief! Hey, Akismet! Don’t scare me!!

   By the way, this late morning, we had our first snow in my town, though it let up soon. Wow.

Categories
WordPress

About the ca-bundle.crt of WordPress3.7.x.

同一記事の日本語版
Update information      Edit(2014.Jan.30)    Edit2(May.6)    Edit3(Jun.22)

   I wrote something about the ca-bundle.crt of WordPress3.7.x on the post.

   About it, Oiram gave me A useful information. If you get the same issue “Warning! Problem updating https://SITENAME. Your server may not be able to connect to sites running on it. Error message: SSL certificate problem: self signed certificate in certificate chain.“, read the article “Error upgrading WordPress (SSL)”, and do his workaround.

   Thinking back now, in my case, there were some differences from his case. Even now, I do not use his workaround. My SSL certificate system works well after updating to WordPress3.7.1. This time updating did not give me any warnings.

   My server environment is very unique, so, I might have got the issue was slightly different from his.

   Still now, I have two questions.

  1. Why did WordPress ver.3.7 give me the warning about one site only in spite of there were a parent and three child sites on the same WordPress multisite?
    About the setting of the ca-bundle.crt, I found out in the class-http.php. This should have the same effect on all of my sites. Why did one site only have the warning?
  2. Do I need to use Oiram’s workaround though my SSL system works well?

Edit(2014.Jan.30):
   Since January 3rd, I cannot access to the Oiram’s site. For a few people googling by the word “ca-bundle.crt” and reaching here, I uploaded the PDF version of Oiram’s workaround. 「Error upgrading WordPress (SSL)

Edit2(May.6):
   Today, I can access to the the Oiram’s site after a very long interval.

Edit3(Jun.22):
   I wrote an article The solution of “SSL3_READ_BYTES:sslv3 alert handshake failure” on WordPress.

Categories
WordPress

Upgrading to WordPress 3.7.

同一記事の日本語版
Update information      Edit    Edit2(Nov.5)    Edit3(2014.Jun.22)

   Today, Japanese WordPress develop members announced they brought the new Japanese version WordPress for us, according to the Codex for Version 3.7, there are tons of changes.

   My WordPress is a multisite type and the parent site language is English. Probably for this reason, the WordPress Updates page does not show me the Japanese version update message.

   So, I downloaded wordpress-3.7-ja.zip manually and upgraded.

   In the wp-includes folder, I found a certificates folder which contained a ca-bundle.crt. The ca-bundle.crt is for the below.
————————————————————————————————————————–
  ##
  ## ca-bundle.crt — Bundle of CA Root Certificates
  ##
  ## Certificate data from Mozilla as of: Sat Dec 29 20:03:40 2012
  ##
  ## This is a bundle of X.509 certificates of public Certificate Authorities
  ## (CA). These were automatically extracted from Mozilla’s root certificates
  ## file (certdata.txt). This file can be found in the mozilla source tree:
  ## http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1
  ##
  ## It contains the certificates in PEM format and therefore
  ## can be directly used with curl / libcurl / php_curl, or with
  ## an Apache+mod_ssl webserver for SSL client authentication.
  ## Just configure this file as the SSLCACertificateFile.
  ##
————————————————————————————————————————–

   I have no error about this upgrade, but I have a warning about the site “o6asan’s netradi” like the below.

  Warning! Problem updating https://MySiteName. Your server may not be able to connect
  to sites running on it. Error message: SSL certificate problem: self signed certificate in
  certificate chain

   But I can log in the site. About using “SSL certificate: self signed certificate in certificate chain”, my sites are all in the same condition. But, on the site, I use a streaming server. I think the warning happens due to this situation. As pointed out above, the new version of WordPress gives us “Bundle of CA Root Certificates”, so, should I make a new certificate by it? I don’t get it exactly. If someone knows about the warning, please tell me in detail.

   Anyway, I completed the upgrade.

Edit:
   I slightly concern about one of the new features of version 3.7 that is automatic updates for maintenance and security updates. But I think it’s probably O.K. because the automatic updates are only for maintenance and security updates. There are no differences between JP version and global version about such minor update. Am I right?

Edit2(Nov.5):
   I wrote a new article about the ca-bundle.crt.

   By the way, if you have the “Warning! Problem updating https://SITENAME. Your server may not be able to connect to sites running on it. Error message: SSL certificate problem: self signed certificate in certificate chain.“, please try Oiram’s workaround (PDF version).

Edit3(2014.Jun.22):
   I wrote an article The solution of “SSL3_READ_BYTES:sslv3 alert handshake failure” on WordPress.