Metro Manila’s ‘Skyway’ extension to the north

I had the absolute pleasure of driving along the newly opened Skyway Extension in Metro Manila, which now connects the South Luzon Expressway (SLEX) directly to the North Luzon Expressway (NLEX), meaning travellers no longer have to do battle through the heavily congested metropolis to go from south of Manila to the north.

Joining Skyway northbound from the city of Makati means a few hundred meters of driving along Osmeña Highway, just beyond the junction with Buendia Ave. This new extension takes you right up to the Balintawak toll booths and from there directly on to NLEX itself. The old way of doing this would have been to work your way along EDSA (Epifanio de los Santos Avenue), which has long been known as a trouble spot for traffic, or winding your way through multiple hotspots going through Makati into Manila and on to Quezon City. Driving along EDSA means being in the right lane at the right time is crucial to avoiding traffic violations and fines, as well as hitting the right exit points – it is almost an art form. Anyone who has ever driven in Manila will know what I mean, although local drivers seem to take it all in their stride. Getting to NLEX from Makati previously would have taken anything up to 2 hours for a 15km journey, depending on the time of day and the amount of traffic.

The Skyway extension avoids all of that, and gets you to NLEX from Makati in just over 15 minutes.

You read that correctly! I joined Skyway, maintained a steady speed at the signposted 60kmh all the way to Balintawak and started the clock ticking as I hit the on ramp. By the time I got to Balintawak, just 15 minutes had passed. I had to do a double-take, and once I had confirmed it, drove on to NLEX to see how that went. In not much more than 20 minutes I was at Balagtas. That’s about 35 minutes to get to Balagtas from Makati – a notional distance of about 40km, which is much shorter on Skyway. This not only saves fuel, wear and tear on the car and driver patience, but also relieves traffic along the much troubled EDSA route.

This makes a day trip to Baguio possible – normally allowing around 6-8 hours for that journey each way, it can now be completed in a respectable 3-4 hours only… assuming NLEX and local roads further north are not too congested.

I have to say I couldn’t quite believe the timing myself, so I turned around at Balagtas and returned to Makati, and there it was again. Just over 30 minutes to the off ramp at Buendia avenue.

This is a bit of a game changer to say the least. Yes, eventually there will be tolls once the charging matrix has been sorted out, and yes, it’ll be expensive compared to sitting on EDSA, but time is also money. For me, I’d save the time and spend the money on the tolls just to be so quickly in the north. After all, getting old sitting in a queue of frustrated drivers all jostling for position in an incredibly busy road for two hours is no fun. Cruising gracefully along Skyway for 15 minutes to get to the same place for a reasonable fee works much better for me. Rumour has it that fee might be anything up to 240 Pesos one way, but I hope it is less! (For reference, that’s roughly GBP£4.00, or just under, at the time of writing).

Well done, to the architects and construction companies for this scheme, and to those who funded it. This is a truly  excellent development, and an absolute game changer for travellers.

I tip my hat to you.

Running WordPress on AWS – some experiences, problems and solutions

If you’ve found this post it’ll be because like me, you had issues setting up WordPress to run on AWS. However, it does work, and if you solve each of the issues one by one you’ll get to see WordPress running efficiently and well.

First off, some basics. I am using Linux, v 20.04. It has MySQL 8.0.22 and PHP 7.4.3. I updated to WordPress 5.6, and found a few things not running any more.

1 – plugins – some incompatibility, and requiring updates, but auto update didn’t work. Worse, WordPress asks for FTP settings so I can have it manage the process, and I am not about to install FTP onto the server.

2 – email sending used to be fine, but now no longer runs as it used to

3 – editing any text, anywhere was a problem – the changes could not be saved

4 – ReCaptcha not appearing on forms.

Auto Update

WordPress used to be painful to update. Years ago it involved logging on to your server, creating backups, copying files over the top of existing files and directories and hoping for the best. Nowadays it is a lot easier, and in the WordPress dashboard you should be able to simply click a button and get the updates.

However, when you do, you are presented with the WordPress FTP panel asking for a hostname, username and password, and giving you the option of FTP or SFTP. Neither worked at all for me, ever. And no chance of working on AWS either because of the use of PEM (or PPK) security files to actually log in to the server. WordPress has no way of handling those, so it simply won’t work. Fortunately, all you do is make a small edit to the wp-config.php file on your server and the FTP dialog disappears.

To get rid of this, you’ll need to edit your wp-confg.php file and add a simple line of code. Some people say add it at the bottom as the last line, but I found that didn’t work. Instead, I added it to be just above the database connection settings:

define(‘FS_METHOD’,’direct’);

In the latest WordPress versions, it’ll be about line 22 or 23. Add it in before you get the database definition statements and save the file.

When you next try to auto update you’ll see no FTP dialogue box.

What this addition does it tells WordPress to use a ‘direct’ method of writing to the server, and not use FTP. However, there may be a second issue for you when you do this.

File Ownership and Permissions

Whenever you move files onto a server, they are given certain attributes, and on Linux these will include who owns them, and who has permission to modify them. You may think of yourself as the owner, and you’d be right… but the server itself runs certain applications (such as your web server – probably Apache or NginX) and each of these is like you – they have a role on the server to do their job, so the server considers them also able to own and manipulate files.

The second thing to remember is that you as a user exist on the server in a ‘group’ which has certain privileges. Other users can exist in this group too, and the group has overall permissions. If you upload files, they also belong to the group and have the permissions afforded to the group. For example, let’s say your login to the server uses a name ‘Ubuntu’ – then the files belong to ‘Ubuntu’ and are in the group for ‘Ubuntu’. The problem is, the web server isn’t in that group, so can’t get to the files to do what WordPress needs. Whilst you can read and edit them because you are in that group, no-one else can. They may be able to read them, but writing changes? That is not going to be allowed.

So you have to make sure that WordPress has the ability to read and write to the files, but that the files are protected from malicious actions. Fortunately, it’s not too hard to achieve and there are many resources on the web telling you the exact file and directory permissions to use. However, you must ALSO grant the web server the right to use the files if you want WordPress (which uses the web server to do the work) to be able to update them.

In the world of Ubuntu, the Web Server is given a name and group called ‘www-data’.

You therefore need to change the owner and the group for each of your WordPress files and directories, and maintain the overall security using the file permissions. Don’t worry, you’ll still be able to access and edit them yourself if you need to, but mostly, you won’t have to.

Open up your terminal and connect to your server, and navigate to your WordPress installation. All of the files and folders within it need to be assigned to the www-data user:

chown -R www-data:www-data /var/www/html/wordpress

This literally means ‘CHange OWNership Recursively to be owned by www-data and in the group for www-data in the directory where WordPress lives. Note that the location I’ve shown in this example  (/var/www/html/wordpress) may not be the same on your server.

If you log in to your WordPress Dashboard after making these two changes (using a direct method of update and getting the permissions right) you should have the ability to auto update your WordPress site without resorting to logging in to the server directly. It can all be achieved from within your Dashboard, and that’s a lot simpler! If you do want to edit the files in the server directly, you’ll find you no longer own them, and so will need to log in as the root user or use the ‘Sudo’ command to access them.

Email Sending

It used to be quite simple to send email from WordPress on any other server except AWS, it just worked. However Amazon in their wisdom have prevented you sending email directly, because they have blocked port 25. This is the port that SMTP uses, and so mail cannot leave your server. It’s a great way to reduce the chance of AWS servers being used for Spam and Spam relays, but it’s a nuisance for those of us just wanting to host a site and have it send out alerts and messages. You have two options:

1 – contact Amazon from your console panel and ask them to lift Port 25 restrictions. They do listen, and are sympathetic, but not daft. You may wait a day or two before it is done, and when it is done they may apply other requirements.. such as using their Simple Email Service (SES) to ensure Spam and malicious emails are under control.

2 – use a different SMTP relay which goes through a different route. There are many such services on the web and all you need to do is install a suitable WordPress plugin to allow you to bypass the built in functions and use your SMTP server such as Google, or any other mail service.

Look for ‘Easy WP SMTP’ as a plugin which gives you many options and the obvious ones for SMTP. Just put in the details required, and WordPress will route your mail out that way. Keep in mind that port 25 is not the only way to send mail, and different providers use alternatives, such as 587. This is fortunately not blocked by Amazon, and so email will once again ‘just work.

Text Editing

The latest version of WordPress continues with the ‘Gutenberg’ text editor, which when running well, works nicely. However, I had the problem of it not updating the text, and I miss the old ‘classic’ editor I’ve come to love. Luckily, you can restore the old editor, and get that retro feel, and at the same time fix the errors in Gutenberg.

It’s another plugin, this time called ‘Classic Editor’. Just install it, check the settings and enjoy text editing working once again.

ReCaptcha

If you have ever used WordPress before you’ll know how much of a target it is for security. It is so important to keep things under control, and that includes your forms and other places where users can write content on to your pages.

I use the Contact Forms 7 plugin which gives me a nice simple interface for creating any number of forms that I might need, and also now supports Captcha from Google. You’ve all seen these – small puzzles that you must solve before accessing or sending content – often involving traffic lights, or pictures of store fronts.

The problem was when I updated Contact Forms, the captcha just didn’t appear. In earlier versions it was completely removed, but the ability to use Captcha was reintroduced and it is worth using it to prevent a lot of problems with forms and content entry being taken over by bots. So I was dismayed to lose the captcha, and did a bit of investigating. there are two types of Captcha – v2 and v3. The latest version of Contact Forms uses v3 by default, and so you need to provide v3 credentials. Go to Google, sign up for a ReCaptcha account and add an entry for the domain you want to protect. Enter the secret key and public key Google gives you in the WordPress plugin and you are nearly done.

You also have to add the reCaptcha to your form layout.

You also need to make sure that the version of PHP that you are running has the right libraries to support it!

Let’s add the code to the form layout. Here is a simple example of a contact form using the ReCaptcha codes (WordPress short codes). Check the last but one line:

 

Note the codes in this version I am using

[captchac captcha-1] [captchar captcha-1]

This is calling two parts of PHP from your server in order to create the effect. Firstly, Captcha uses an image and secondly it needs you to type text. If you don’t add this into your form, then Captcha won’t show.

When it is added, the captcha appears under your form, as in the template layout.

 

 

 

By far the biggest issue for me was the file permissions and ownership, and once that had been done the auto-updates just worked. But also, the auto install of new plugins, removal of old ones, pretty much everything I want to achieve is possible from within WordPress now. No longer any need for me to log into the server and use the tools built in there, and this means keeping WordPress up-to-date will be easier, so there’s less of an excuse not to!

A brief word on security.

WordPress has long been the target of attacks on servers and is one of the main reasons for server slow down and other problems. It is such an issue that you need a robust security plan to be in place when you run WordPress. Fortunately, there are many plugins to help, and you will no doubt have fun reading reviews on them all, but I am much more relieved to see some significant improvements to security tools built right into WordPress and available to any administrator to see the issues and possibly to fix them too.

The WP Security tab is a huge step forward, in my opinion.

I am not a server administrator, and am not really familiar with of all the nasty things hackers can do, but at least there is some comfort from knowing I have better tools to help me now than I had when WordPress first came out all those years ago. I’ll keep using it for a while longer, I guess!

Happy ‘pressing!

Learning online for compliance training is gaining popularity in the Philippines. Here’s why..

For most people, going to a face to face event is the only way they are going to get access to training when at work. Normally this means a day off work, a travel across the city and an expense for food and drink. The thought of travelling across Metro Manila is enough to put some people off attending training already, let alone when the training is all about a compliance subject such as Anti-Money Laundering (AML) that would make most people sleepy within a few minutes!

 

Up until very recently, the only way you could get your AML training or AML certification was to attend a face to face event, or if you work in a large organisation, you might be lucky enough to get your very own compliance officer talk to you about changes to the law. In some rare cases your company might buy in a specialist AML training officer for the day and put you in the company training rooms togged you up to date with the latest AML regulations and requirements.Whichever way you look at it, AML certification costs are high, when you factor in the travel, training provider and loss of working time.All of that was how AML training was done in the Philippines, but thankfully it’s about to change.With the latest AML regulations there is a requirement that all covered persons are trained regularly. Since there are many thousands of covered persons, and not many AML trainers or subject matter experts, the Anti Money Laundering Commission (AMLC) has been busy finding online service providers, such as Framedia-inc, to develop online learning content for anti-money laundering.

 

Framedia-inc are the first online provider to be accredited by AMLC, and have been through a very detailed and rigorous process to ensure their AML courses, presentations and videos are at the right quality and cover the right topics. Whilst AML training provided directly by AMLC is free, the online version is not, and there is a cost for the AML certification. The good news is the fees are low enough to be very tempting, and well within the budgets normally spent on AML training for employees. Whereas your board of directors may want to go through their AML training in the comfort of some swanky hotel, complete with food and drinks supplied, that’s not the way the rest of us will have to do it. For the normal staff member, going to any compliance training event is hard work, but not if it is online, and not if you can get your AML certification using your mobile phone!

 

Those clever people at Framedia-inc have not only designed and built interactive training modules which meet the strict requirements of AMLC, but they’ve done it in a way that means you can do your AML training from your phone, laptop or desktop computer. All of your progress is stored online, so complete a module during your morning commute by using your phone, do another on your work computer, and then finish another one using your laptop in the comfort of your own home!

That’s right, AML training can be done at times and places to suit you, and you do not have to travel half way across Metro Manila to get it done, either. Of course, if you wanted to, you could – but you could do a few modules during your commuting time (assuming you’re not the one driving, of course!)

 

There are very few anti money laundering courses online and the ones you’ll see are from companies based outside of the Philippines. Framedia-inc are a Philippine based company and the first one to get through the strict accreditation set out by AMLC. This means AML training can be done in the Philippines, to the standards set by the AMLC regulations and achieved in the comfort of your own home if you wish. It’s not free, but it’s not too expensive either.

 

AML training online with Framedia-inc costs start from 1500 peso for a single user, with discounts available for bulk purchases. You can get to the shop by visiting certified.ph and buying either the single user AML CFT training or the multi-user AML training course.

 

The sheer ease of organising your own training at times and places to suit you, with the added bonus of using any internet enabled device is a sure way to please your customers. Anti money laundering policy and procedures is a fairly dry topic, but made into online learning modules by Framedia-Inc they are both fun and informative. The interactive modules use a lot of specialist video so there is not a lot of reading to be done, but you’ll then sit an anti money laundering questionnaire for each of the modules, leading to your final AML certification. Your certificate is security coded so that it is only you that can claim it as yours. No amount of copying it will help – this AML certificate is protected, and can be checked at any time by a compliance officer or auditor.

Where before you only had to physically turn up to a training event to be guaranteed of getting your certificate, AMLC have set about making sure you also need to pass a relatively simple AML exam, or series of short exams, to gain your certificate. This is a really good thing, and means anyone getting their training will need to meet a minimum standard, making it far more reliable for employers to know who has been trained and at what level. Setting the standard for AML training is a key priority for AMLC, and the future looks to be even filled with even more rigorous approaches to training and certification will be adopted. It’s best to get it done online now, whilst it’s still new and relatively easy, and avoid the congested Manila traffic by doing so!

AML Online Training, Affiliate Program Up And Running, Become An Affiliate


The exciting thing about setting up new systems is you get to set up new ideas, too. And on this occasion, it’s the Anti-Money Laundering program in the Philippines, which we’ve been working on since April 2019.

It’s going well – we have become the first accredited online provider for AML training online, and we work closely with the Anti-Money Laundering Commission to get the content of the training to match perfectly with their face to face training.

Now we have also set up an affiliate program and we are inviting people to participate. However, there is a catch – you need to be actively working with the kind of businesses that need to be certified in AML within the Philippines! You don’t have to be employed by such a business (although it won’t hurt if you are), but i order to maximise your chances as an affiliate for anti-money laundering training you really ought to be able to refer people who will need to be certified. The online training is comprehensive and anyone successfully completing the course is awarded a certificate, fully accredited by AMLC themselves!

Affiliates earn a generous commission if they can refer people to the AML online training in reasonable numbers, and that’s why we only want people who have the networks into the target businesses to take part in this. For more information on taking part, please complete the application form online, and we will review your details.

 

Magical Mangosteens

 Today, after a pretty rough night spent mostly awake and mostly inconvenienced, I am not eating very much at all. I’ve decided to go on a bit of a detox for a day. Yes, those far more informed than I can wax lyrical about how bad that is for your body, but to be brutally honest, I no longer care. Anything I consume at the moment stays approximately 15 seconds before making a reappearance… so it is time to do two things:

1 – change my water filter cartridge
2 -eat things that only give you a really healthy benefit.

A third thing is to drink something to rehydrate myself… my poor and ageing body needs to recover!

So it is that I happened to have some Mangosteens in my refrigerator. I bought them not knowing what they were, and vowing to try them. Tropical fruits can be a bit hit and miss for me, so I was a little anxious and had thought to leave them a while. But then last night happened.

In reading about Mangosteens, most of the scientific evidence is completely inconclusive “not enough work has been done to verify the claims made about this food”… you know the sort of thing – totally non-committal, basically consigning it as a fad and whilst experiments in lab animals (seriously? They still do that?) have shown remarkable results it has to be pointed out that it wasn’t a simple fresh piece of fruit they used, but a highly concentrated version of it.

The anecdotal evidence, however, is compelling to say the least. Mangosteens, the leaves, the bark from the tree they grow on, the roots… all have considerable local folklore attached to them about what they can and cannot do. From helping with dysentery and diarrhoea to actively fighting bowel cancers, fast healing of wounds and so on… naturally, once you read these claims you are slightly cynical. But, given my state this morning, it’s a case of ‘any port in a storm’!

The edible part of the mangosteen is inside the rather fibrous outer shell. When you cut around the middle, you can pull the shell off easily, and reveal a small set of segments – like an orange has got… only these are white. The larger segments will have ‘stones’ in them, about the size of a stone inside a plum or perhaps a bit larger. These are the seeds for the plant. All you do is simply take a teaspoon and spoon out the segments and pop them into your mouth. And I have to say, they are simply delicious!

They have a citrus like tang, but a unique flavour – not unlike an orange, but certainly not the same. The ‘stones’ are easily dealt with – take the flesh off them with your teeth, and spit out the ‘pip’… It’s rather bitter in flavour so I wouldn’t recommend crunching it. The flesh, however, is simply wonderful! These native fruits of SE Asia (where I am as I write this) are so good! You could probably add them to a smoothie, blend with strawberries or even oranges, plus a banana and you’ll get a brilliant flavour. I cannot overstate this – they are delicious, and should be on your dinner tables as part of a fruit desert.

Now for the left over parts, the husky shell- you can simply cut them into smaller pieces and boil in a pan with water enough to cover them. the water will go a deep reddish-purple colour, and within a few minutes you’ve got a delicious drink. Add a spoon of honey (the shells can be a bit bitter) and use that for your morning brew.

Apparently, locals here in the Philippines cut into very small pieces and dry the shells first – naturally hot sunny days help with that – and then use that as ‘tea leaves’. They store for ages, and make a refreshing and healthy alternative to tea, coffee or other hot drinks. I’m game to try it!

Having eaten one, the taste is so good, I’ve eaten two more. Within the hour my gastric issues have settled down. This is not a scientific test, but all I can say is, given the choice of a difficult time with some tablets to help me, or a few mangosteens, I prefer to have the mangosteens. Try them!

You’ll be glad you did.