A couple of days ago I published a new “about” page for introducing myself.

I’ve always struggled to find the best way to brand myself in a way that completely satisfied me. In the past, I only had a landing page linking to the various profiles and networks I wanted to highlight like WordPress.org, GitHub, Twitter, etc.

However, I also wanted a space where I could write. I sometimes feel the need to write about things, or express a point of view about a trending topic. For that, I need a blog where I can write whatever I want, whenever I want. The downsides are:

  1. I am not a regular writer,
  2. I am not a native English speaker, which means my writing is not too pleasant to read

For those reasons I’ve been tempted to just close the blog and go back to a simpler landing page on this domain. However, I know that there’s going to be a day where I want to write something and I’ll be wondering where to do that. Again, not being a native English speaker kind of stops me from writing on Medium or the likes. […]

Continue reading →

I am really happy to announce that I pushed version 1.1.0 of WP Google Authenticator today. This version is the biggest update since the first release of the plugin. It adds support for two things that have been asked in the past: apps passwords and role based activation.

Apps Passwords

You might be using the WordPress mobile app on your iPhone or Android phone. So far you could actually use the WordPress app without problem. The plugin was using the user agent to determine if the connection was made from the WordPress app, and if it was, the one time password was skipped. This, obviously, brings the additional security this plugin adds down.

I’m happy to say that this is no longer the case. It is still possible to use desktop editing applications (or web services) to connect to WordPress, but it will require a manual intervention from you. It is not that difficult, and the good part is that the plugin is no longer limited to the official WordPress mobile app.

From now on, if you want to use a service or application that requires your credentials to log into WordPress, […]

Continue reading →

This tutorial shows how to install Nginx with server blocks in order to be able to host multiple sites on the same droplet.

This first post of the series “Cloud Hosting with DigitalOcean” will show you how to setup a droplet with Ubuntu 12.04 and SFTP.

On the 24th was the second WordPress meetup I organized in Bangkok. We had the two founders of a successful WordPress company talk about the way they “productized” their WordPress development services.

Shinichi, a fellow WordPress developer helping with organizing the meetups, wrote an excellent summary of the meetup: Pronto Marketing at Bangkok WordPress Meetup

This tutorial is gold. You’ll learn the right way to create a translation file for your WordPress themes and plugins.

Poedit: Translation Secrets

Yesterday was the day. First time I organize a meetup. It’s been quite a rush in the end, but it was really worth it. I was very lucky to have Siobhan McKeown speak about getting involved in WordPress.

As it was my first ever meetup (as an organizer), I was really curious to see how full (or not) would the room be. And it was a good surprise! About 15 people came to the event. Out of the 26 who RSVPed, it’s about 61% attendance. Not bad I think.

The attendees were a good mix of Thais and foreigners. This is really important to me as I think it is the foundation of a good community. Both the Thais and foreigners were very interesting people and I’m hoping to see everyone again at future meetups.

If I had to summarize this meetup in one link, it would be http://make.wordpress.org/. I’m going to spend more time there as soon as I have a chance.

Now let’s continue with the pictures.

WP Google Authenticator has just been updated to version 1.0.4. This new version only brings one change few changes, but it’s a pretty big one.

Account Recovery

There was one feature missing to the plugin until now: a way for users to log in their site even if they can’t access the Google Authenticator app. If you just changed your phone for instance: you re-install the app, but you don’t have all your profiles anymore. You’re locked out of your site.

With the new recovery feature, when you activate 2FA for your account, a recovery code is automatically generated.

After you generated the recovery code, it will appear in your profile for 5 minutes. After that delay, you can always see your recovery code, but you will need to enter your WordPress account password before you can see it.

Now, if you have to use this code in a situation where you can’t use the Authenticator app, you will be logged in just as usual, but  2FA will be disabled for your account.

Next step is to go to your profile page and re-enable 2-factor authentication. […]

Continue reading →

I lost a considerable amount of time today.

I’m completely new to Linters. I’ve read about it lately, and I felt dumb I didn’t start using it earlier. It avoids loosing time on stupid mistakes (a forgotten coma, an extra closing parenthesis… you know!) and help keeping a cleaner code.

I use Sublime as my IDE, and I love it, mostly for its package control. It makes installing a new addons easy as a breeze, and that’s how I installed SublimeLinter.

Installing SublimeLinter

Once you opened Sublime, press Ctrl+Shift+P (you must have the Package Control installed), find “Package Control: Install Package”. Search for “SublimeLinter” and install.

So here I am, with SublimeLinter installed, and… well, nothing. I checked a few Youtube videos and what it does seems awesome, but it simply doesn’t do anything for me. Quick Google search, nothing relevant. Actually, I ended up spending a quite a long time browsing, desperately looking for a solution.

SublimeLinter Settings

I finally found out what was wrong, and again, I felt dumb: it took me 1 minute after that to setup the plugin correctly. […]

Continue reading →

2-factor authentication is a simple and efficient way to enforce security for your WordPress site. This will ensure you only can login to the WordPress dashboard with your credentials.

What is 2-factor authentication and why use it?

It is also referred to as 2-step verification. The standard way to log in your WordPress dashboard is to use a classic username / password couple. The problem with this is that security is low. A lot of people are debating about this system, arguing that it should not be used anymore.

There are two main possible ways for an attacker to get into your WordPress dashboard without too much difficulty:

  1. Your login / password were stolen,
  2. Your login / password are too weak and the attacker can brute force your login

2-factor authentication enforces security by requesting a one time password in addition to the username / password couple. This one time password is based on the current time, that’s what makes it unique. You will generally receive this password by e-mail, SMS or via a dedicated app.

In our case, we will use a dedicated app: Google Authenticator. […]

Continue reading →