How to Improve WordPress Security | Interconnect IT - WordPress Consultants, Web Development and Web Design.   Nothing earth-shattering but solid points and many are simple to implement.  Take a look if you’re needing to tighten up the Sec of your WP blog.

/etc/ssh/sshd_config Controls these actions and has a line: AuthorizedKeysFile %h/.ssh/authorized\_keys2 If not present in /var/lib/nxserver/home/.ssh/ (ie mine was authorized_keys not authorized_keys2) then link one with the right name to it ie ln -s ~.sshauthorized\_keys2 ~.sshauthorized\_key I found a reference stating that authorized_key and authorized_key2 were historically different files denoting where public keys were stored respectively for SSH Protocol 1 and SSH Protocol 2. With Protocol 1 having some vulnerabilities, this seems to be more of a legacy issue. As an aside, I tried it and then swapped it out for x2go… so far it’s been a good choice given my technical requirements and lean financial constraints. Community version of FreeNX limits to 2 TS connections at once :(. Reasonable on their side but I needed more.

Here’s an open-source T-Shirt design I created for the upcoming Ohio Linux Fest 2011 in Columbus, OH: [gallery link=“file”] If anyone wants a copy of the svg file for these drop me a comment. Looking forward to the LinFest

Setting up a friend’s WP blog on a VPS Debian box. Open Book Plugin wouldn’t work insisting that curl wasn’t present on the system (despite apt-get update && apt-get install php5-curl showing it’s the most recent). Loaded a php file to test if it was a recognized extension by creating a file named info.php in the web root for that site including the following code:<?php phpinfo(); ?>After pulling this document up in a browser, I deleted the file :). This pointed me in the right direction showing that the PHP.ini was deferring to /etc/php5/apache2/conf.d/curl.ini I checked there and it was extension=curl.so as expected, but obviously it wasn’t being correctly located. Did the following as root locate curl.so and found it @ /usr/lib/php5/20090626/curl.so Commented out the current curl.ini file for a byte trail of my actions and appended extension=/usr/lib/php5/20090626/curl.so Then a quick service apache2 restart and we were back in business. Thanks to this blog for pointing me in the right direction: http://www.ivankristianto.com/os/ubuntu/howto-install-curl-in-php-apache/379/

(printc "Hello World") #BASH echo "Hello World" #Ruby puts "Hello World" STDOUT> Hello world!

Theme for Linus Who’s the Swedish GPL hacker That’s a procedural coding machine to all the *nixes? Linus, ya, damn right! Who is the kernel master who would risk his Freax For all the n00bs? Linus, can you dig it? Who’s the dude that won’t sell out When there’s proprietary all about? Linus, right on. They say this cat Shaft is a bad mother Shut your mouth I’m talkin’ ‘bout Linus Then we can digg it

I’m Zander (aka ZPH and ZPH)

Polyglot, problem solver and remote-worker, and engineering leader. I enjoy solving problems according to their technical specifications, ecosystem support, business longevity¹.

I’ve been the CTO of a 50 person startup, a Sr. Director of Engineering, and most recently the manager of managers for a deeply technical backend group of ~20 software engineers and ~3 managers in the Platform area, with a focus on online storage.

I’m deeply interested in results and less interested in the exact tools/technology we use.

I’m currently excited and interested in:

• Founding my own startup
• Databases at scale
• Log Architecture and Data pipelines [eg]
• High throughput distributed & fault tolerant systems

Career Priorities

1. Rapid growth and learning
2. While delivering high business impact
3. That’s sustainable and low maintenance
4. Striking the right balance of speed and precision (depending on circumstance)
5. Enjoying the work I do and the people I work with

Business Domains

• Fintech
• Small/medium startups
• High traffic websites
• Media companies

Engineering Domains

• Platform
• Online Storage
• Infrastructure
• Developer Efficiency

Technologies I want to spend more time with professionally and personally (ORDER BY interest DESC):

• NewSQL, NoSQL, ClassicSQL
  • TiDB
  • ScyllaDB
  • FoundationDB
  • TigrisData²
  • Postgresql
  • MySQL
• GRPC & Protobufs (they’re the future 😍 and the past 🤔)
• Golang (fast, predictable, dull and small syntax surface area 🐿️))
• Rust or Haskell (to improve my craft of software engineering)³
• Elixir (in the right niche circumstances and for the pragmatism of OTP 🔮)⁴
• Clojure (the parenthesis are like a million hugs)⁵

Featured Open Source Work

• 🐘 Moresql
• 🗜️ dotfiles
• 🧳 kit

For a list of open source projects that I’ve worked on, see my github.

Current Technical Interests

• FoundationDB
• TiDB
• ScyllaDB
• TigrisData
• Hermit
• MongoDB⁶ tooling, operations and cluster management

As for the software stack that I have known and loved (daily use || proficient):

• Languages
  • Golang
  • Bash/Zsh/Fish (<3 the cmdline)
  • SQL (PG)
  • Mongo Query Language
  • Ruby / Crystal
  • Elixir
  • Clojure
  • Typescript/Javascript (ES6, React, Redux)
  • Python
• Datastores (ordered by usage in anger/scale)
  • MongoDB⁷
  • PostgreSQL
  • Redshift
  • Redis
  • Riak
• Infrastructure
  • Nginx, Traefik
  • AWS (EC2, S3, Kinesis, SNS, Lambda, CloudFront, Route53, ELB)
  • Terraform
  • Kubernetes, Docker, & Docker Compose
  • CI for testing and release artifact builds (Circle, Travis, GH Actions)
  • Imgproxy and imgix for on the fly image optimizations
  • Honeycomb.io/Statsd/Datadog/Librato (monitoring/metrics)
• Editors
  • Vim/Neovim
  • Emacs/Spacemacs (for Clojure & Org-mode)
  • VSCode

Conferences I’ve Known and Loved

• Present⁸
• 2016 - StrangeLoop (St. Louis, MO)
• 2016 - Ruby on Ales (Bend, OR)
• 2015 - StangeLoop (St. Louis, MO)
• 2015 - Ruby on Ales (Bend, OR)
• 2015 - Ruby For Good (Arlington, VA)
• 2015 - Ruby DCamp (Arlington, VA)
• 2015 - ElixirConfEU (Poland)
• 2015 - CodeMash (Sandusky, OH)
• 2014 - Steel City Ruby (Pittsburgh, PA)
• 2014 - StangeLoop (St. Louis, MO)
• 2014 - Ruby on Ales (Bend, OR)
• 2014 - Ruby For Good (Arlington, VA)
• 2014 - Ruby DCamp (Arlington, VA)
• 2014 - ElixirConf (Austin, TX)
• 2014 - CodeMash (Sandusky, OH)
• 2013 - Steel City Ruby (Pittsburgh, PA)
• 2013 - Ruby Midwest (Kansas City, MO)
• 2013 - Ruby DCamp (Arlington, VA)
• 2013 - Madison Ruby (Madison, WI)
• 2013 - LoneStarRuby (Austin, TX)
• 2012 - Steel City Ruby (Pittsburgh, PA)

I enjoy programming, pairing (1-1), remote teams, Open Source Software, databases, commandline tools, FP and some other important buzzwords.

I’m very fortunate to be happily employed with a few standing offers but if you want to offer me the chance to work on challenging things with kind folks, I’m happy to chat. To set realistic expectations⁹, it’s unlikely I’ll be drawn away from my current team because they’re wonderful folks <3.

-ZPH zander@xargs.io

Public Key for Secure Communications or to Report Site Vulnerabilities (all of which will be publicly credited):

https://keybase.io/zph/key.asc

I’m VERY happily employed full time but I’ll consider the right side projects if I have availability and we’re a good fit. I often schedule freelancing work one to two months in advance.

Full-time work

I work remotely and prefer limited travel in US or nearby timezone (in the range of monthly to quarterly).

I’m not looking for opportunities since I have a good fit in my current role and other possibilities available.

But if you have something exceptional where I can work on hard problems, blend technology and product vision, raise and mentor software engineers, pair program with talented and empathetic individuals and guide companies and individuals towards success: email me.

Consulting

Read About Me and shoot me an email about the project goals or problems.

I’m interested to hear about your project :) and I look forward to setting up a video call to discuss it further. These engagements take different forms depending on the objectives, from short one off blocks of hours to more ongoing relationships.

Current interests:

• Solving problems, with people as a technical leader or as a software engineer.
• Building engineering teams that are communicative, smart and caring to give businesses a competitive edge.
• Helping companies transition off of Mongo, without downtime or business disruption. If mongo’s no longer the right choice and you need a seamless transition, let’s talk!

Prior Success:

I’ve successfully and happily delivered the following and could leverage these talents for you:

• Shifted engineering culture to become positive, productive, proficient and autonomous.
• Transitioned codebases languages or databases due to technical, business or hiring constraints.
• Built remote engineering teams with positive team culture, technical skill and respect.
• Reduced Engineering onboarding time-to-first-commit from 2 weeks to 1 day.
• Architectural guidance and proficiency in various technologies
• Implementing and standardization of development environments, staging and production across AWS, GKE, CI, using EC2, Kubernetes, Docker and Bash. This automation pays off massively as teams scale.
• Guided security standards, guidelines and training utilizing ssh bastion hosts, Oauth2 proxies, MFA.
• Made security easy for development teams using aws-vault, chamber, aws secret storage and IAM policies.
• Created Moresql and implemented realtime Mongo -> PostgreSQL streaming in production as a strategy to ingest the data for business intelligence. In another situation this was the backbone we used to successfully and seamlessly, without downtime, move off of Mongo onto PostgreSQL.