Author Archives: Dean

Stopping mass-login attempts to WordPress using nginx

Rather than rehash all the information, let me point you in the direction of this great blog post:
http://ethitter.com/2013/04/protecting-wp-login-in-nginx/

If you have problems with wp-login.php being downloaded to the user then your PHP configuration using this tutorial is wrong. See this article I wrote about it:
http://deanclatworthy.com/2013/02/migrating-from-apache-to-nginx-wordpress-edition/

Getting a twitter user’s latest posts using API v1.1 and Guzzle (PHP)

I’ll keep this brief. Install Guzzle however you wish, but I recommend using composer:

{
    "require": {
        "guzzle/guzzle": "~3.1.1"
    }
}

Then use the following code:

            $twitter_client = new \Guzzle\Http\Client('https://api.twitter.com/{version}', array(
                'version' => '1.1'
            ));
            $twitter_client->addSubscriber(new \Guzzle\Plugin\Oauth\OauthPlugin(array(
                'consumer_key'  => TWITTER_CONSUMER_KEY,
                'consumer_secret' => TWITTER_CONSUMER_SECRET,
                'token'       => TWITTER_ACCESS_TOKEN,
                'token_secret'  => TWITTER_ACCESS_TOKEN_SECRET
            )));
 
            $request = $twitter_client->get('statuses/user_timeline.json');
            $request->getQuery()->set('count', 5);
            $request->getQuery()->set('screen_name', 'YOURUSERNAME');
            $response = $request->send();
 
            $tweets = json_decode($response->getBody());

Don’t forget to put your constants somewhere.

Web fonts not loading in Firefox

I encountered a peculiar issue today regarding web fonts on firefox. On all browsers except Firefox the web fonts were loading correctly. I found multiple references suggesting that Firefox was picky with using quotes when referencing where the font file is hosted. However my findings were more interesting:

Firefox does not support embedding webfont files from a different domain

The good news is the fix is simple. Simply send the following header:

Access-Control-Allow-Origin *

Ensuring facebook canvas applications work in IE8 / IE9 / IE10

Last week I deployed a new Facebook application into a production environment. Everything seemed to be working perfectly, but then I received a report that the application wasn’t working correctly in IE8+. I narrowed down the problem, and then realised that sessions weren’t working. It turns out IE8+ has a security policy that prevents iframes from setting cookies if the parent domain is different. Therefore because my PHP session cooking wouldn’t set, the sessions obviously didn’t work between pages.

The good news is the fix is simple. Add this header to your page:

 header('p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"');

If you want to read more about this check this page:

http://en.wikipedia.org/wiki/P3P

Bonus: if using silex add this middleware:

$app->after(function (Request $request, Response $response) {
    $response->headers->set('p3p', 'CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"');
});