We write a lot of plugins at work. On average I seem to build one or two a month myself and I’m one of a team of developers working on our site. With that much code getting built keeping all that code maintainable can be quite a chore. To make that chore a bit easier I’ve introduced the team to WordPress coding standards and other tools but it can still be a challenge to keep all the plugins organized. Continue Reading
One of the best aspects of my job at UF Health is we get to experiment and push boundaries if it means advancing the interests of our customers (in our case “customers” are the departments, labs and other units that build sites on one of our WordPress platforms.
One of the tasks I’ve been asked to look into involves two parts:
- Allow for personal data to be accepted via Gravity Forms while meeting full HIPAA/FERPA compliance
- Allow for individual groups on our BuddyPress intranet to handle personal and other sensitive data to meet HIPAA/FERPA compliance.
While the latter is, I must admit, still a work in progress I have been able to make a working proof of concept that would allow for secure storage of Gravity Forms entries that will, hopefully, be able to meet our regulatory requirements. Continue Reading
This is the first post in a series I’m working on involving tailoring security and privacy to you. While there are best practices that apply to everyone a good part of our online security and privacy is a personal thing and can vary greatly depending on factors such as who we are, what we do for a living and others. Continue Reading
Logins can often be a weak point for many WordPress sites. From weak passwords to lack of good 2-factor authentication, many people just don’t seem to take it seriously. On top of that, even for site owners who do their best to lock down their user accounts it can often be trivial to exploit various weaknesses to get into the system through the login page such as dictionary attacks and others.
Given the weaknesses of the login page for small sites why bother using it at all? Why not simply rely on a trusted service such as WordPress.com to authenticate your users for you? We do this all the time with other services we rely on logging in with our Facebook or Google accounts rather than providing our own user name and password. Why not do it for your site to? Continue Reading
Keeping active, much less in shape, has been a challenge of mine for years but really ramped up four years ago when I started working at home. One of the best ways I’ve found to keep myself active when sitting at home all day is my FitBit. From it’s gamification to it’s step goal I’ve spend the better part of the last three years making it work for me and I can definitely say that it has helped me improve my health more than any other device or technique. Continue Reading