How to Work Around WPEngine’s “Too many failed login attempts”

A friend of mine recently ran into trouble while logging in to their WordPress-driven news website, hosted on WPEngine. When that friend opened the standard WordPress login page, they would see a message:

Error: Too many failed login attempts. Please try again in [time duration]

It turns out that WPEngine has a “must use” plugin installed for all of their users called “Limit Login Attempts.” While it’s typically a good security measure to leave that untouched, it was particularly inconvenient since it couldn’t be disabled or removed temporarily so WordPress access was possible. And since this was in the very early morning, WPEngine support hours didn’t start for another 2 hours (and may not respond for most of the day). We really needed to get access sooner since it happens to be a very active news site, and content needed to go out.

And you would think modifying a couple rows in the wp_options table would have done the trick, right? Nope. For the life of me, I couldn’t figure out where this plugin was storing its lockout information, because it wasn’t in the database options table where the plugin code suggested it would be.

Anyway, enough details. I finally worked around it by removing the initialization hook that the plugin registers in WordPress. I did this by:

  1. Opening up SFTP to wp-content/plugins
  2. Picking a plugin folder which I know is active on the site
  3. Opening that folder and opening the core file for editing (it should have the same name as the parent folder)
  4. Placing this line at the very top, after the opening <?php:
    remove_action(‘plugins_loaded’, ‘limit_login_setup’, 99999);
  5. Save

That should unregister the limit login attempts plugin hook so you can get access to WordPress for the time being. You’ll definitely want to remove that little hack at the end of the next 24 hours, since that plugin is there for a good reason.

Hope this helps somebody —

Posted in Wordpress Development | 7 Comments

7 Reasons Every Developer Should Freelance Full Time

… at some point in their career.

There is no better business training than actually running a real business. Sure, you could go get an MBA, run your parent’s company, take Peter Thiel’s course at Stanford, or freelance part time while making your real money at some 9-5. But none of that is going to introduce you to the hard-knock life that is running a business like while depending on that business for your income.

Let’s talk about what is involved:

1. You Learn About Sales

If you’re selling a product or consulting, a good part of your time is spent reaching out to prospective customers or clients. If you’ve never done this, you might be thinking: “All of my freelance work comes in by work of mouth, why should I have to take initiative?”

You might be surprised to learn that there is a world of freelance opportunities that don’t just fall into your lap. The more opportunity you expose yourself to, the more likely you will be successful. And when you finally freelance full-time, you are forced to sink or swim, because your livelihood depends on it. Pick up that phone! There’s nothing like a spouse, kids, or bloodthirsty landlord to motivate you to take shots.

2. You Learn to Deal with Business-Related Stress

Freelancing in general helps you figure out what your work capacity is. Do you mentally shut down after 8 hours? Can you cannonball 14 hours days, 6 days a week? At what point does it become too much to handle?

What I love about freelancing is how unpredictable it is. Clients can (and will) call you whenever they want. You’ll be forced to realize that you underestimated a project and you are personally eating the cost. One day you’ll have 1 project to work on, the next day you’ll have 5. Sometimes a client “forgets” to pay on time. When you need to crush it and work 8am to 10pm for days on end to keep your clients happy, you do what you gotta do.

3. You’ll See the Benefit of Having Multiple Revenue Streams

You know what sucks about a 9-5? For most people in the world, that’s their single source of household revenue. They sell their labor during the day and complain about it at night. And what happens when that source of revenue is cut off for some reason? All hell breaks loose. The house is in jeopardy or the rent can’t be paid after a while, they hop on unemployment, and start looking for another 9-5, a single source of income.

I think it’s fair to say everyone in the world wants to be financially independent. Nobody wants to be dependent on something, right? It’s actually sort of scary to say: “I wholly depend on my employer’s willingness to buy my labor to sustain my house, car, dog, wife and kids.” You’re life is dangling by a single string! The path to financial independence is through multiple revenue streams!

If you’re a freelancer, you have less of this problem. If you lose a big client, life goes on, and you can fill those hours with someone else (although you should seriously ask yourself why you lost that client, bozo). It plays into your stress management, an added bonus.

4. You’ll Get Familiar with Contracts and Agreements (& Collecting)

You only have to get burned once to fully appreciate the beauty of agreements. Smart freelancers always have a well-written, thoughtful agreement signed before they begin work with anybody. When you get that one client who doesn’t pay, it’s great to know you’ve got Judge Judy in your back pocket should the client keep his antics up. It only happened once, but sending along a copy of our signed agreement got a deadbeat client to pay up after 90 days of being late.

Where else would you get this type of experience?

5. Freelancing Forces You to Keep Up to Date

At a big corporate gig where things don’t change much, you can probably get away with learning 0 to 1 new things every 5 years. When you’re a freelancer, you should be constantly on the lookout for new tools and libraries that can make your job easier or the end product even better. When I’m using a particularly impressive app (more recently Asana and Close.io), I like checking the source code and figure out how exactly they did what they did.

By contrast, I know some design shops in my area that are still using Photoshop and Dreamweaver to build HTML-based websites on GoDaddy. Know when they opened their shop? When Photoshop, Dreamweaver, and GoDaddy were still cool. That’s not acceptable, and young whippersnappers in the area are on the creeping in with their fancy new WordPress installations, scripting skills, and jQuery, and grabbing new business. The moral? Learn or die.

And some of those whippersnappers are going to be rolling on the same technology stack 10 years from now.

6. You Will Be Dependent on Your Own Success

When you freelance, the amount of money you make and the size of your company are entirely dependent on your own ability to hustle. You aren’t kicking around some cubicle for 2 years waiting for that promotion to Software Engineer VIII so you can buy your momma a benz and your boo boo a jag. You don’t have to deal with the unfortunate reality of many non-cool workplaces, like office politics and favoritism. And if you fail at freelancing, it’s your own damn fault.

7. Conclusion: When You Freelance, You Are Training Yourself to Run a Product Business

Freelancing and consulting is easy money, but you won’t have a whole lot of leverage unless you manage to grab huge contracts which enable you to hire lots of employees. As the talented developer you are, you’ll inevitably have an idea for a valuable product that a lot of folks would be interested in buying. And all the wins, losses and lessons learned from freelancing will provide a sturdy foundation for growing that idea from a passing thought to a Google acquisition.

Note: As usual, I’m posting this a long time after I wrote the original draft (almost 1.5 years!).

Posted in Business, Jobs, Life, Soap Box | 10 Comments

Satisfaction No Longer Guaranteed

Satisfaction Garaunteed

Almost 10 years ago at Acme in Lincroft (NJ), I was asked to take down this sign and throw it in the dumpster. The policy was no longer in effect. Corporate guns had apparently decided that customer satisfaction wasn’t guaranteed anymore.

The symbolism of it wasn’t lost on me, and I kept it in the trunk of my car for all these years, reminding myself never to be such a douche if I ever started my own business.

Posted in Business, Jobs, Life | Tagged , , , , , | Leave a comment

Remember That Thing I Said About Web Interfaces?

I’m not so sure anymore. One thing I am sure of: Angular.js is the only framework (that I know of) really reconciling for the fact the HTML and Javascript are pretty awful for what we use them for.

1. You basically (re)define HTML’s behavior with something called directives
2. It’s architected in a way that your app will likely not become a horrible bloated mass of untestable javascript which you are ashamed to speak of (I confidently presume this is relevant to every single JS frontend in the world pre-2010)
3. I still think WebGL will play an interesting part in it all

/part

Posted in Future, Open Source, Soap Box, Tools | Leave a comment

5 Hints That Buying Bitcoins Is A Crazy Idea

Bitcoin

The price of Bitcoin is especially volatile today, but it’s like any old day on Mt Gox.

If you’re taking solace in the fact that the Bitcoin “bubble” has ostensibly burst (because you didn’t buy them), you probably won’t find much value in this post. If you’re a bitcoin enthusiast, you won’t find much value in this post either!

But to capture the absurdity of today’s Bitcoin fluctuations, I wanted to throw out 5 observations that hint at how ridiculous of a financial decision buying Bitcoins “as an investment” is:

1. You can’t tell whether a 60% price drop is a crash or a normal fluctuation

According to some bro’s technical analysis, today’s 60% price drop is to be expected.

2. Any of the reasons here could be at the root of a 60% price drop

The fact that any of these are asserted as a possibility is alarming.

3. Blog posts and articles on Bitcoin are only relevant for about 30 minutes

By the time an article on is copy-edited and posted, it’s irrelevant. The fluctuations in BTC outpace the speed of Twitter reactions.

4. On that note, Twitter search results like this are possible:

Screen shot 2013-04-10 at 6.13.43 PM

5. Bitcoin enthusiasts will try to explain away items 1-4

They certainly will.

The only reason I’m so vocal is that I’ve been watching Bitcoin very closely since I first read about them in 2010. Just 2 days ago, a friend asked me if I ever ended up buying any. I wrote back:

In the vein of cognitive dissonance, Bitcoins are bound to collapse. A fool’s gold if I’ve ever seen it!

In other words, no, I didn’t. I thought about it plenty of times. In fact, I have USD on Mt Gox waiting to be spent on bitcoins right now, but never pulled the trigger. I can’t justify it if I can’t figure out how to properly valuate it. It seems both volatile and without any sort of reasonable basis for valuation.

I believe digital currency has a future, but I don’t believe it will replace government-regulated currencies, like some expect it to. There are some things that an elected body of people can do better offline than a crowd of smart hackers can do online.

The rise of a world government and global currency is probably more likely than the dominance of digital currency. I’m not saying that’s a good thing.

If you’re familiar with Benjamin Graham’s concept of “Mr Market”, the current Bitcoin crisis is fascinating to watch. Never before have we really gotten to see a “panic” in real-time, with Bitcoin “investors” posting comments on Reddit, Twitter, and their blogs explaining their reasoning for staying strong or bailing.

Anyway, the Bitcoin crash is an amazing case study into how human emotion affects a market, and who the different players involved are. Sit this one out and try to learn as much as you can from it.

Posted in Future, Soap Box | Leave a comment

Building a Successful Business is Not ‘Winning the Lottery’

If you’ve ever done something risky like leaving your job to start a company, there was probably someone who tried to talk you out of it. You especially get this if you come from a blue-collar background with unions, steady paychecks, and lots of savings bonds on your birthday.

Disclosure: I’m definitely overreacting to a comment I read on VentureBeat. But it reads:

… Entrepreneurship is a political smokescreen for elevating the rights of equity owners over workers by romantizing the risks and sacrifices of people who are essentially trying to win the lottery for themselves, using other people’s money. Other cultures (Germany, Korea, Japan, the Nordics) do not romanticize entrepreneurship, have highly successful economies, and do a far better job of rewarding ordinary productive employees and other contributors to society.

I don’t know why, but I think of Tom Branson in Downton Abbey (a real Debbie Downer early in the show) when I read that. Who the hell could be that cynical?

Well, a lot of people. Ever hear someone cite the statistic, “1 in 10 business fail in their first year”? I have — and they’re usually implying that starting a business is risky and 90% likely to fail — as if the odds blindly apply to your business no matter how hard you work.

The worst part of that comment was saying that entrepreneurial success equates to winning the lottery. That comment is basically implying that the odds of any success are almost non-existent, and you should go make yourself totally dependent on someone else for a paycheck.

This was my reply:

That’s pretty cynical. Starting a 1 billion dollar company is winning the lottery. You don’t need to be incredibly lucky or use someone else’s money to start a sustainable lifestyle business.

Starting your own company is about taking control of your own destiny and making an impact. It’s about independence — not sitting in some cubicle all day and waiting for your ration of cheese every 2 weeks.

It’s also about learning. You’ll learn more about running a business by starting one than you will working for someone else or going back to school.

Special thanks to Notorious BIG’s teacher for getting me all riled up this morning — the one that apparently said, “you’ll never amount to nothin’”. And Rudy’s steel mill dad — why don’t you just work in the mill and live a quiet life Rudy?

It’s probably not very strong to end on questionable pop-culture references, but you get the drift. If starting a business is like playing the lottery — it’s a lottery where you can push the odds in your favor with hard work and smart decision making.

Bonus Round!

Are there any psychology majors in the house? Here’s something to ponder:

The 9 out of 10 businesses that ‘fail’ include many things that you wouldn’t ordinarily pool yourself with:

  • LLCs that people half-heartedly started on LegalZoom and don’t devote time to
  • Brick and mortar business that sell something odd (Ned Flanders’ left-handed store)
  • Businesses that were sold or close for other reasons (retirement, etc)

So if you start a company, and you truly believed that you have a 90% chance of failure, will that psychological impact influence your outcome? If you find you aren’t succeeding, do you resign yourself to the odds without any sort of fight?

Hm.

Posted in Business, Life, Soap Box, Startups | 1 Comment

The Purple Curtain: Or, Why You Need to Stop Hanging Out With Heroku and Friends

A little while back I wrote a post that didn’t have very nice things to say about Heroku. I was pretty miffed at the fact that Heroku took such a big hit when there was an AWS outage in the summer of 2012.

Heroku is supposed to be an ops platform as a service. Things like availability are supposed to be handled for you. Developers are only supposed to worry about what tools they need on the Heroku platform, and how many “dynos” they need to stand up to traffic.

I don’t typically get upset at outages — they happen. I run an adserver with a partner for a lot of people, and when there’s an outage, I get a lot of “WTFs”. I’m usually very sympathetic to those dealing with the same thing.

When a fundamental selling point of your business turns out to be, well, untrue, it bothers me. For that reason, our team migrated off of Heroku and onto AWS, and set up our own deployment infrastructure, load balancers, etc. If AWS has an outage and we go down, it’s our fault for lack of availability.

The team at RapGenius just posted a, may I say, outrageous exposé detailing how Heroku has backed away from the “intelligent routing” feature it used to trumpet, and moved toward “random routing.” The effect of this move means a fantastic increase in cost of running a highly-trafficked webapp on Heroku.

I understand the team at Heroku had reasons for the original switch. Let’s even say they were very, very good reasons.

The problem is that you have no idea what is really going on behind the Purple Curtain of Heroku, or the rest of the world’s PaaS companies. You don’t know how efficient Heroku is, and you have no idea why you are paying what you are paying.

My advice to the RapGenius team is to move to AWS. If you’re dropping 20k per month on them, you can surely afford a 120-150k ops engineer to get you off. You’ll save much more than the differential between Heroku and the Ops person, and you’ll have more control over the efficiencies of your infrastructure.

That’s all from me. And remember, “be your own bitch.”

Posted in Business, Ops, Soap Box, Tools | Leave a comment

The Future of Web Interface Building

I’ve talked an awful lot about the future on my blog lately. The future internet, the future of social networking, online advertising, etc. But one thing I’m really interested in is how the construction of web interfaces looks.

Originally, building a website pretty required notepad, or something to that effect. I’m talking about those old-school table-based layouts with <font> tags littering everything. You know, when javascript was used for image rollovers and nothing else.

Later on, things like Frontpage and Dreamweaver became the preferred way to design pages. Building the layout of a page and tables and forms was really a practice of click, drag, and drop. But as web standards progressed and the use of server-side languages proliferated, using Frontpage and Dreamweaver became impractical.

Today, we’re back to notepad. Our text-editing tools have gotten better though, and now we’ve got Sublime Text, Textmate, emacs and vim plugins to help us out. But the overall practice of building UIs from the ground up is even more tedious than it originally was.

Enter Twitter Bootstrap. Enter pretty much every other CSS framework too. They’ve helped us drastically cut down on boilerplate code by giving web developers a set of base layouts and UI elements to work with. Building a UI and getting down to code is actually easy again!

Recently, I read about Jetstrap, a drag and drop online-only UI builder for Bootstrap. Yes. This is the direction we should be headed in —

Almost.

Here’s the problem: The internet isn’t just for documents. HTTP was built by Tim Berners-Lee with the idea of transferring academic papers in mind — you know, in hypertext. But 20 years of web development hackery has bolted new standards, features, and other things on top of it. Why? Because the web is being used to build applications in addition to documents.

I do think the future of building web interfaces is through using drag and drop interfaces like Jetstrap. I don’t think the core of it will involve the manipulation and styling of DOM elements, like Jetstrap does. I think the future of rich, multi-channel web interfaces is with WebGL.

WebGL is a javascript API for hardware-accelerated graphics. That means using WebGL and a javascript library like three.js gives you the power to render graphics using the actual hardware, instead of relying on the browser. Right now it’s primarily used for (mostly experimental) in-browser games. I think Google Maps uses it too, or provides an option.

On the desktop, we’ve had this forever. And as the gap between the desktop and web continues to close, it’s time we’ve started to explore how exactly a classic graphics library plays into web UI development. I still think HTML/XHTML will be the basis of describing and interface. I just don’t think CSS is going to be as significant as it is today for webapps. Component styling will be left up to the WebGL-based UI frameworks of the future.

I know this is radical, and probably not to the taste of the web developer population. But does defining our web application UIs really in the current mode of a styled <ul>, <header>, <footer>, and <div class=”clearfix”></div> make sense? I’m not saying those are great examples of why we’re doing something wrong. But I think they are definitely hints that a change is in order.

I see a day when UI frameworks for the web use WebGL for all UI generation. The DOM stays, of course, and javascript is workhorse that brings it all together. And because of that, we can build rich, cross-browser, cross-device interfaces that rely less on web standards and more on technology core to every device. We can build them with UI-generation tools, and leverage flexibility we don’t have now.

That’s enough for now. The more I write, the more I think it may be too outlandish. I guess another barrier exists: Will anyone ever create an awesome UI framework that uses WebGL?

What do you think?

Posted in Future, Soap Box, Tools | 2 Comments

Make Your WordPress 404 Help Find Missing Children

Note: You can skip the whole backstory and go get the plugin here (or install it from within WordPress).

So.

I was scrolling through Twitter yesterday, and saw there was a bit of buzz about a pretty clever idea going on at NotFound.org. They’re asking people who run websites (like me) to turn their standard 404 error page into a special 404 page that helps find missing children.

You know, the classic “milk carton” stuff. So instead of seeing the websites plain ol’ 404, you see a page that says “Page Not Found, Neither Is .. [name of missing child]” with some other info.

It’s such a great idea, and it really isn’t much to ask. According to Pingdom’s unofficial research, the HTTP 404 is the second most common error you’ll see on the internet. Think about all those eyes that would be helping in the search for a missing kid if everyone implemented it.

Well anyway, I was thinking “I should put this on GetSparks.org and my blog.” But the only way to implement it provided by the site was by dropping in an Apache .htaccess file, or embedding an iframe in their current 404 page. There was also an IIS option, but I don’t know anything about IIS.

There are an awful lot of people on WordPress. Non-technical people, probably. In fact, WordPress accounts for something like 57 million websitesnearly 17% of the internet’s 1 million most trafficked sites.

It only made sense that there was a NotFound.org plugin for WordPress. You know, install it, and it just turns all your 404s into the NotFound.org 404. I put one together quickly last night, and hopefully it’ll be approved by WordPress soon.

What if one of your “Not Found” pages helped someone recover their missing child? That’s crazy. What an impact!

Getting The Plugin

See it in action here, or check out the code here. And if you don’t feel like waiting for it to show up in the WordPress repository, you can download the zip file here, and upload to your WordPress instance.

Also

The focus of the NotFound.org page is on European children, something I’d hope they’d eventually expand (or provide an option for) to missing kids around the world.

Posted in Life, Offtopic, Tools, Wordpress Development | 1 Comment

Rule Your Network with OpenFlow on GENI

In my last GENI post I ended by talking about “programmable networks.”

Just think about it. As a web developer, you leverage APIs for all kinds of services and hardware — Facebook, Twitter, Square, Arduino boards — you name it. It’s the wood and glue of the web applications we build.

Think about the networks that our apps run on — unless you’re an Ops superstar with a big budget, you probably don’t think much about how the switches in your applications’ networks actually route traffic. If you could programmatically define how networks behaved, what kind of new, cool apps leveraging that could you build?

That’s the basis of Software Defined Networking — turning over the routing logic, or the control plane of network switches, over to network architects and engineers through an API.

How could you use that alongside gigabit network links, which we played with in the previous post? Did your head explode yet?

OpenFlow is an emerging API that some big switch manufacturers are beginning to implement, and it opens another door that has been long-guarded  by the barriers of cost or general scarcity.

Today I put together a screencast that demonstrates how you can play with OpenFlow on GENI with:

  • Open vSwitch, an OpenFlow-capable software-based switch
  • Floodlight,  a “controller” that controls Open vSwitch
  • Some of our favorite command line tools like curl, traceroute, and ping

In the video, I have a software switch and two nodes hooked up to it. I issue JSON requests over HTTP to control how the switch behaves. I could build ruby, python, or node apps to issue those requests if I wanted to! And some consider it to be the future of networking.

Just to clarify, you don’t need to have access to GENI to play with OpenFlow. Anyone can install Open vSwitch on a networked box and get it up and running. But GENI provides a great environment for researches and developers to play with it, especially if they want to experiment with 1 Gbps speed across a global testbed.

Using a software switch isn’t the only method for playing with OpenFlow on GENI either. You can request access to some real live hardware switches and rule your networked world.

Want to play on GENI too? Get involved in the Mozilla Ignite Challenge!

Check it out below. It’s in two parts.

Part 1

Part 2

Posted in Future, GENI, Ops, Tools | Tagged , , , , | Leave a comment