Nur Ahmad Furlong

Blog

Time to secure my wordpress sites more seriously
My WordPress site has been hacked by the Pharma Hack.
It’s sad yes, I know, I should have properly secured my site years ago. I assume one of the reasons my site was hacked was due to a large portion of my print design portfolio containing Pharmaceutical Ad Campaigns. The hack was spotted by a good friend @mozami who noticed my google listing had loads of Pharma keywords which had nothing to do with my site.
This hack has cost me dearly with regard to my site’s SEO health which dropped dramatically as soon as it hit. I haven’t been taking care of this site much for some time though so I only noticed it way later which is even worse for the SEO ranking points I’ve lost over an extended period of time.
I reported the incident to Google via their webmaster tools but it took quite some time after they acknowledged my report until the Pharma keyword listings were finally removed. The Pharma hack is one of those which are particularly nasty in many cases is hidden files many times undetectable at a glance are added which means your entire WordPress installation needs to be cleaned out and restored with a fresh copy. This includes your theme’s files, plugins, the works.
Security Plugins are Dime a Dozen
I’ve since tested and implemented quite a range of plugins, some extremely simple but hardly effective at all and other’s extremely complicated and sensitive to the extent that I even managed to block myself from access my dashboard.
Secure WordPress with Website Defender
One of the plugins which seems to work really well currently is Secure WordPress, which applies a few initial fixes and then linked to a Website Defender account tracks additional vulnerabilities and hack attempts and reports them via a highly intuitive dashboard. The system even tracks when your site goes down and reports it to you as soon as it detects downtime.
In the dashboard you’ll see possible vulnerabilities listed according to their urgency level, and clicking on each one gives much mroe detail of what the problem could be, how it may affect your site and how to resolve this issue. Of course not all the files and problems detected are “real” threats, so you have the option of setting the issue as resolved or to ignore. This allows you to keep a realistic view of what remains to be fixed and what the threat level of your site currently is.
The plugin also provides the solution, with additional links to external sites which discuss the particular security threat posed by the issue being viewed.
After applying some of the fixes and marking them as completed the Website defender Dashboard reflects the current updated threat level so I always have a good idea of the security health of my site. When new issues are detected I get emails notifying me of these new possible threats and my security level changes accordingly.
These fixes are by no means exhaustive and there are many ways of hardening the security level of your WordPress site.
A few simple security tips include:
- Use a non-standard database table prefix when setting up your site in the beginning. wp_ is the standard one
- Don’t use “admin” as your default admin username, choose something unique
- Keep your WordPress updated to the latest version. This should include plugins as well. Hackers can exploit vulnerabilities in older versions of WordPress to get into your site.
John Hoff at securemyblog.com has some excellent advice, video tutorials as well as an E-Book covering the topic of website security.
May 25, 2011
nurahmadfurlong.com domain registered for my online resume
Sending out my resume is one of the things I do consistently no matter what’s happening in my career.
Whether I’m happy in my current situation, looking for a job or just casually scouting around to see what’s happening out there. It’s benefited me in a number of ways, one being making connections and becoming known to various companies and individuals within the communications industry.
There have been times where a resume sent out comes back to visit me just when I need it most, someone calls and says, “Hey are you still doing such and such” or, “Are you still interested in a position?”.
Being a web enabled worker means I need to keep a constantly updated profile online, and with tools like WordPress and freely available themes of all kinds it makes setting up a website for just about any purpose a real synch. So I acted on a thought which has been bugging me for a while and registered www.nurahmadfurlong.com to use as an easily up-datable online resume or profile. Currently I’ve slapped up a simple digital business card wordpress theme to post a few vital contact and social link details but I plan to build a more comprehensive resume website which I can keep updating and can also feed RSS and other activity streams into so I can consolidate my activities into 1 personal space. I use dreamhost for my personal hosting and they make it super easy to register new domains and install software like wordpress within a few clicks, no FTP necessary.
It also makes it easy to just pop the link into a message instead of scratching around for my most updated CV or intro letter at times when I need to introduce myself for whatever reason.
I highly recommend any professional builds themselves an online resume or personal profile of some sort which gives new prospects or potential employers a good idea of who you are and what you’re doing or have done in the past. It also shows you take your career seriously. It’s not extremely hard to set one of these up. You could either register a low cost domain & hosting package or use a free website service like wordpress.com or any other for that matter.
Then there’s also resume services zerply.com where I recently registered for a free online resume. The cool thing about Zerply is you can quickly pull your career history details from Linkedin or Facebook and have a resume up in a minute or 2. Have a look at mine – http://www.zerply.com/profile/nomadone
Of course I do keep my CV on this site as well so anyone visiting can download and get a quick idea of my experience and focus. I have 2 CVs, a 1 page PDF document and a much longer more detailed one when I need to provide more details into my career history, skillset etc.
December 17, 2010
HTML 5 and digital generative art ALA Joshua Davis
Heard the name Joshua Davis? If you’ve been into any kind of digital creative for some time you might have encountered the legendary digital artist who’s inspired some of the biggest brands out there to make use of his computer generated abstract art in their marketing efforts. Some of these Brands include – BMW, Motorola, Nike, Volkswagen, Sony, HBO, Canon & Nokia to name a few.
Hillman Curtis has done an excellent video piece on the BMW project to give you an insight into the world which Joshua Davis inhabits
The HTML 5 <canvas> element
Onto the scene steps HTML 5 and more specifically it’s Canvas element, turning the blank screen into a virtual blank canvas of 2D vector expression which allows artists like Joshua to unleash their special Brand of digital creativity. Add the brilliance of the Mix Online development team and you end up with a blend of creativity and modern web technology which allows the rest of us to enter the realm of the digital art space.
The Mix Digital team has developed a Javascript framework which plugs into the HTML Canvas element
Okapi is an open-source framework for building digital, generative art in HTML5 brought to you by Joshua Davis Studios and MIX Online. Mix Online Labs – http://visitmix.com/Lab
Okapi.js was commissioned by Microsoft to celebrate the launch of their latest and most HTML 5 compliant browser IE9. Finally a step in the right direction for Microsoft in the browser battles.
endlessmural.com
Using the Okapi.js framework, Joshua Davis created the Endless Mural project, where the drawing platform can be used by anyone with an HTML5 compliant browser to generate their own unique artworks to contribute to and enter the drawing competition.
The Interface allows for manipulation of vector symbols and pictograms, and controlling the patterns and textures they create by setting their speed, angle and rotation in various ways. The results are very random and abstract right down the alleyway of Joshua Davis’ unique style.
Here’s what I muddled together
You can watch my creation process online by visiting – http://endlessmural.com/#8833 to see how the elements spiral and grow, sprout and burst into the final chaotic vector garden which I created.
The Digital Space is surely getting really interesting with these new technologies opening up untapped avenues and making it more accessible to the rest of us. This is just one example of how HTML 5 is being leveraged. I’d like to hear what other interesting examples you’ve come across recently.
December 13, 2010
nomadone in the mountains, escaping city madness
I’m a true nature lover, which is strange considering the majority of my time is spent huddled in front of a screen and bashing away at a keyboard day and night. I suppose it’s what’s kept me appreciating what nature has to offer. The last few months have been really taxing on my mind and body to the point that I’ve hardly had any time or mindspace to focus on things like blogging and social networking or even some of the product development ideas I have floating around in the back of my mind.
I needed a serious break from this daily grind to refresh myself and reconnect with the elements. Ok I must admit I did have some technology with me, but only so I could remember this memorable trip and show others some of the sights we enjoyed.
I highly recommend getting away now and then to refocus and put things into perspective
October 24, 2010
Our relationship with water needs a Refresh
It’s that time of year again when bloggers get together in force to spread the word about Blog Action Day and the topic of the moment. This year’s focus is on Water, such an essential element of survival that many of us take completely for granted. In less developed parts of the world, and, in fact possibly just around the corner from where we are staying people struggle on a daily basis to have access to this precious element of Life. It is mainly because those of us who enjoy easy access to this resource do no respect it and end up abusing it, that others have to suffer and struggle without it.
As a Muslim, it is part of my belief system to take water issues really seriously, as we as Muslims have been advised by the Prophet Muhammad(pbuh) that “even if we have a flowing river of water, we should still not waste it”. I am taught by the Scripture which I follow(The Quran) to believe that Our Creator has created every living thing by making use of Water as a major component of it’s creation. It’s very simple, water is essential for life, though we as a Human race are abusing this very essential element in just about every single manner possible. There is enough water flowing around our planet at any given time to provide for each and every living being, but we have chosen to make it a right only some of us can enjoy.
Things we’re doing to make our water situation worse:
- Waste in general
- Using unenecessary amounts of water for enternatinment or commercial use
- Hoarding up water resources and depriving others
- Polluting our rivers, lakes and even the oceans
- Polluting the atmosphere out of which the Rains fall
- Unnecessarily using valuable resources on bottled water in many cases where it’s not necessary
In the modern home the amount of water each person uses on a daily basis for various activities could at times equal what others may use in an entire month. If only we could see the thousands of litres we’ve consumed, polluted, wasted unnecessarily we may be more conscientious. I speak for myself first as being very guilt of all of these things.
Here’s a list of things we can all do to be part of the solution right now.
- Shower Instead of bathing
- Shorten shower duration to what is necessary
- Wash your face with cold water, don’t wait for water to warm up
- Rinse dishes, fruit etc in a bowl of water instead of leaving the tap running
- Don’t throw chemicals or other pollutants down the drains
- Water your garden early morning or late evening to avoid vapouration
- Reuse water used to rinse fruit & veg for house plants
- Don’t drink bottled water unless absolutely necessary
- Fix leaking taps asap
- Only run dishwashers and clothing washers when they’re full
I found a great list of 100 tips to conserve water – Use Water Wisely
One more tip to inspire you towards appreciating water in a more meaningful way it, go out into nature where fresh water is still flowing naturally, like a river, waterfall or mountain stream. When you see clean water in nature and you appreciate it’s beauty & benefit it helps increase respect for this divine blessing.

That’s me on a 2 Day Hike in the Cedarberg Mountains in the Western Cape South Africa. It helped me gain a much better appreciation for clean flowing water and the blessings it holds.
October 6, 2010
WordPress “Custom” Post Types, Taxonomies and Write Panels
The WordPress developer community is a buzz with a new “Custom” set of lingo which seems to be dominating the airwaves of late. With the release of WordPress version 3.0 a whole host of new custom features have been added to our favourite Content Management System(CMS) platform taking it way further along the line towards official CMS status.
Custom Post Types
Though Custom Post Type’s existed pre-3.0, it’s only really been fully embraced now that people have started writing tutorials and guides on how to make use of these sometimes difficult to explain new content types. A Custom Post Type(CPT) is basically a unique type of content which can be given it’s own definition, it’s own Taxonomy(ie. basically a labelling system) and it’s own set of templates to govern how these content types are used and displayed.
Custom Post type: Unique Data type like Subject, Product, Book, Movie, Software etc
Taxonomy: Subject Label, Product Label, Book Tag, Movie Genre, Software Type etc
Write Panel/Meta Boxes: Interface to insert the various custom data via custom form fields other than the standard post or page editor
I’m not about to rehash another tutorial on how these new beauties work as many have already done the job way better than I could, though I just wanted to mention a few ideas and thoughts and how I think this new feature changes the way we use WordPress.
Below are a few excellent tutorials covering what Custom Post Types are:
And some plugins which make creation and management of these super easy:
Recently I’ve been fiddling around with various ways of using CPTs in order to streamline the way different types of content snippets are displayed as well as to simplify how the site administrator manages these content snippets. Alongside CPTs is another widely used feature allowing the ability to add Custom Write Panels. You starting to wonder what’s with the use of the word “Custom” now I can imagine.
Custom Write Panels
Custom Write Panels allow for setting up of special(customised/customisable) editor forms, to make adding and managing content which may be made up of connected bits of data much easier. Plugins like Flutter & PodsCMS have been around for a while allowing WordPress users to build their own write panels. Recently I had a situation where a client website which was making use of the Flutter plugin was upgraded to WordPress 3.0, rendering the flutter write panels inactive as the Flutter plugin is no longer under active development. This forced me to start taking a look at building write panels into the Theme’s Template files itself.
Here are a few tutorials covering how to setup built in write panels into your theme using functions.php
Taking it Further
The next step in my exploration of these newer features is to allow site users, meaning those visiting the (front end)website, to interact with these custom content types by submitting their own content and updating the site via front end forms. There are a few plugins which cover user submitted content but the main contender here is Gravity Forms. It’s a paid for plugin but notwithout reason. This plugin has a wide range of advanced features. Unlike other forms plugins it allows complete control over the markup of the HTML form elements, backend functions and styling of the forms.
Forms can be built for mere feedback submission or more advanced functionality. I’m looking at using this to build in user submitted content for a Business Listing website as well as a questions and answers website. The plugin also has add-on integration with 3rd party services including Mailchimp( email newsletter management), Campaign Monitor (email campaign management) & Freshbooks(Online invoicing service).
The plugin also supports inclusion of additional HTML content into forms, conditional form fields which can be activated depending on which other form fields are selected, Advanced email notifications, Dynamic form field population and a whole range of other customized features not found in most other form building plugins.
Want a $80 Off Gravity Forms Developer License?
If you’re interested in purchasing the Gravity Forms Developer License which I highly recommend, you can get a discount of up to $80 by using these 2 discount codes when purchasing:
- Gfdev50 – $50 off
- Seodenver – 20% further off
So after that shameless promotion, lets continue. A quick search through the wordpress plugin directory will reveal just how many Custom Post Type related plugins are currently in circulation, making this one of the favourite current features for customizing wordpress display and functional characteristics.
GD Taxonomies Tool
GD Custom Posts And Taxonomies Tools is a plugin that can be used to expand custom taxonomies and custom post types support. Plugin adds many tools including custom post types and taxonomies management and widget for taxonomies terms cloud.
Post Type Switcher
A simple way to change a post type in WordPress.
I’ve used this plugin successfully when wanting to switch old posts or pages over custom post types after making some modifications to existing sites’ content structure.
Easy Post Types
This plugin lets you take advantage of the WordPress 3.0 custom post type feature, and create your own post type. The plugin allows you to add a set of fields attached to your new post type, so that in the edit and add new windows a new box will show with the fields defined. Each field added will be saved in the WordPress Database as a custom field, so that you can take advantage of the standard WordPress query rules to list your content on the page template.
Custom Post Type UI
Last but most certainly not least in Custom Post Type Management is the “go to” plugin for easy creation and management of Custom Post Types and their associated Taxonomies.
This plugin provides an easy to use interface to create and administer custom post types and taxonomies in WordPress.
It’s compatible with wordpress 3.0.1 and includes settings for controlling the finer details associated with each post type.
Verve Meta Boxes (custom write panel builder plugin)
Once you’ve got your post types created you’ll need a tool to manage custom data fields. As mentioned previously Custom Write Panels can be built into your theme but they’re notoriously hard for the newbie and can be really time consuming to setup. I prefer the quick fix in most cases and Verve Meta Boxes provides a clean and simple solution for building Meta Write Panels and associating them with Custom Post Types.
Now go change the Web the easy way
So what are you waiting for, go on and dive into Custom Post Types and change the way WordPress can be used. We’ve seen people make some really crazy things with WordPress in the past and the potential for experimentation has increased so much more now.
September 27, 2010