Metro Manila’s ‘Skyway’ extension to the north

I had the absolute pleasure of driving along the newly opened Skyway Extension in Metro Manila, which now connects the South Luzon Expressway (SLEX) directly to the North Luzon Expressway (NLEX), meaning travellers no longer have to do battle through the heavily congested metropolis to go from south of Manila to the north.

Joining Skyway northbound from the city of Makati means a few hundred meters of driving along Osmeña Highway, just beyond the junction with Buendia Ave. This new extension takes you right up to the Balintawak toll booths and from there directly on to NLEX itself. The old way of doing this would have been to work your way along EDSA (Epifanio de los Santos Avenue), which has long been known as a trouble spot for traffic, or winding your way through multiple hotspots going through Makati into Manila and on to Quezon City. Driving along EDSA means being in the right lane at the right time is crucial to avoiding traffic violations and fines, as well as hitting the right exit points – it is almost an art form. Anyone who has ever driven in Manila will know what I mean, although local drivers seem to take it all in their stride. Getting to NLEX from Makati previously would have taken anything up to 2 hours for a 15km journey, depending on the time of day and the amount of traffic.

The Skyway extension avoids all of that, and gets you to NLEX from Makati in just over 15 minutes.

You read that correctly! I joined Skyway, maintained a steady speed at the signposted 60kmh all the way to Balintawak and started the clock ticking as I hit the on ramp. By the time I got to Balintawak, just 15 minutes had passed. I had to do a double-take, and once I had confirmed it, drove on to NLEX to see how that went. In not much more than 20 minutes I was at Balagtas. That’s about 35 minutes to get to Balagtas from Makati – a notional distance of about 40km, which is much shorter on Skyway. This not only saves fuel, wear and tear on the car and driver patience, but also relieves traffic along the much troubled EDSA route.

This makes a day trip to Baguio possible – normally allowing around 6-8 hours for that journey each way, it can now be completed in a respectable 3-4 hours only… assuming NLEX and local roads further north are not too congested.

I have to say I couldn’t quite believe the timing myself, so I turned around at Balagtas and returned to Makati, and there it was again. Just over 30 minutes to the off ramp at Buendia avenue.

This is a bit of a game changer to say the least. Yes, eventually there will be tolls once the charging matrix has been sorted out, and yes, it’ll be expensive compared to sitting on EDSA, but time is also money. For me, I’d save the time and spend the money on the tolls just to be so quickly in the north. After all, getting old sitting in a queue of frustrated drivers all jostling for position in an incredibly busy road for two hours is no fun. Cruising gracefully along Skyway for 15 minutes to get to the same place for a reasonable fee works much better for me. Rumour has it that fee might be anything up to 240 Pesos one way, but I hope it is less! (For reference, that’s roughly GBP£4.00, or just under, at the time of writing).

Well done, to the architects and construction companies for this scheme, and to those who funded it. This is a truly  excellent development, and an absolute game changer for travellers.

I tip my hat to you.

Running WordPress on AWS – some experiences, problems and solutions

If you’ve found this post it’ll be because like me, you had issues setting up WordPress to run on AWS. However, it does work, and if you solve each of the issues one by one you’ll get to see WordPress running efficiently and well.

First off, some basics. I am using Linux, v 20.04. It has MySQL 8.0.22 and PHP 7.4.3. I updated to WordPress 5.6, and found a few things not running any more.

1 – plugins – some incompatibility, and requiring updates, but auto update didn’t work. Worse, WordPress asks for FTP settings so I can have it manage the process, and I am not about to install FTP onto the server.

2 – email sending used to be fine, but now no longer runs as it used to

3 – editing any text, anywhere was a problem – the changes could not be saved

4 – ReCaptcha not appearing on forms.

Auto Update

WordPress used to be painful to update. Years ago it involved logging on to your server, creating backups, copying files over the top of existing files and directories and hoping for the best. Nowadays it is a lot easier, and in the WordPress dashboard you should be able to simply click a button and get the updates.

However, when you do, you are presented with the WordPress FTP panel asking for a hostname, username and password, and giving you the option of FTP or SFTP. Neither worked at all for me, ever. And no chance of working on AWS either because of the use of PEM (or PPK) security files to actually log in to the server. WordPress has no way of handling those, so it simply won’t work. Fortunately, all you do is make a small edit to the wp-config.php file on your server and the FTP dialog disappears.

To get rid of this, you’ll need to edit your wp-confg.php file and add a simple line of code. Some people say add it at the bottom as the last line, but I found that didn’t work. Instead, I added it to be just above the database connection settings:

define(‘FS_METHOD’,’direct’);

In the latest WordPress versions, it’ll be about line 22 or 23. Add it in before you get the database definition statements and save the file.

When you next try to auto update you’ll see no FTP dialogue box.

What this addition does it tells WordPress to use a ‘direct’ method of writing to the server, and not use FTP. However, there may be a second issue for you when you do this.

File Ownership and Permissions

Whenever you move files onto a server, they are given certain attributes, and on Linux these will include who owns them, and who has permission to modify them. You may think of yourself as the owner, and you’d be right… but the server itself runs certain applications (such as your web server – probably Apache or NginX) and each of these is like you – they have a role on the server to do their job, so the server considers them also able to own and manipulate files.

The second thing to remember is that you as a user exist on the server in a ‘group’ which has certain privileges. Other users can exist in this group too, and the group has overall permissions. If you upload files, they also belong to the group and have the permissions afforded to the group. For example, let’s say your login to the server uses a name ‘Ubuntu’ – then the files belong to ‘Ubuntu’ and are in the group for ‘Ubuntu’. The problem is, the web server isn’t in that group, so can’t get to the files to do what WordPress needs. Whilst you can read and edit them because you are in that group, no-one else can. They may be able to read them, but writing changes? That is not going to be allowed.

So you have to make sure that WordPress has the ability to read and write to the files, but that the files are protected from malicious actions. Fortunately, it’s not too hard to achieve and there are many resources on the web telling you the exact file and directory permissions to use. However, you must ALSO grant the web server the right to use the files if you want WordPress (which uses the web server to do the work) to be able to update them.

In the world of Ubuntu, the Web Server is given a name and group called ‘www-data’.

You therefore need to change the owner and the group for each of your WordPress files and directories, and maintain the overall security using the file permissions. Don’t worry, you’ll still be able to access and edit them yourself if you need to, but mostly, you won’t have to.

Open up your terminal and connect to your server, and navigate to your WordPress installation. All of the files and folders within it need to be assigned to the www-data user:

chown -R www-data:www-data /var/www/html/wordpress

This literally means ‘CHange OWNership Recursively to be owned by www-data and in the group for www-data in the directory where WordPress lives. Note that the location I’ve shown in this example  (/var/www/html/wordpress) may not be the same on your server.

If you log in to your WordPress Dashboard after making these two changes (using a direct method of update and getting the permissions right) you should have the ability to auto update your WordPress site without resorting to logging in to the server directly. It can all be achieved from within your Dashboard, and that’s a lot simpler! If you do want to edit the files in the server directly, you’ll find you no longer own them, and so will need to log in as the root user or use the ‘Sudo’ command to access them.

Email Sending

It used to be quite simple to send email from WordPress on any other server except AWS, it just worked. However Amazon in their wisdom have prevented you sending email directly, because they have blocked port 25. This is the port that SMTP uses, and so mail cannot leave your server. It’s a great way to reduce the chance of AWS servers being used for Spam and Spam relays, but it’s a nuisance for those of us just wanting to host a site and have it send out alerts and messages. You have two options:

1 – contact Amazon from your console panel and ask them to lift Port 25 restrictions. They do listen, and are sympathetic, but not daft. You may wait a day or two before it is done, and when it is done they may apply other requirements.. such as using their Simple Email Service (SES) to ensure Spam and malicious emails are under control.

2 – use a different SMTP relay which goes through a different route. There are many such services on the web and all you need to do is install a suitable WordPress plugin to allow you to bypass the built in functions and use your SMTP server such as Google, or any other mail service.

Look for ‘Easy WP SMTP’ as a plugin which gives you many options and the obvious ones for SMTP. Just put in the details required, and WordPress will route your mail out that way. Keep in mind that port 25 is not the only way to send mail, and different providers use alternatives, such as 587. This is fortunately not blocked by Amazon, and so email will once again ‘just work.

Text Editing

The latest version of WordPress continues with the ‘Gutenberg’ text editor, which when running well, works nicely. However, I had the problem of it not updating the text, and I miss the old ‘classic’ editor I’ve come to love. Luckily, you can restore the old editor, and get that retro feel, and at the same time fix the errors in Gutenberg.

It’s another plugin, this time called ‘Classic Editor’. Just install it, check the settings and enjoy text editing working once again.

ReCaptcha

If you have ever used WordPress before you’ll know how much of a target it is for security. It is so important to keep things under control, and that includes your forms and other places where users can write content on to your pages.

I use the Contact Forms 7 plugin which gives me a nice simple interface for creating any number of forms that I might need, and also now supports Captcha from Google. You’ve all seen these – small puzzles that you must solve before accessing or sending content – often involving traffic lights, or pictures of store fronts.

The problem was when I updated Contact Forms, the captcha just didn’t appear. In earlier versions it was completely removed, but the ability to use Captcha was reintroduced and it is worth using it to prevent a lot of problems with forms and content entry being taken over by bots. So I was dismayed to lose the captcha, and did a bit of investigating. there are two types of Captcha – v2 and v3. The latest version of Contact Forms uses v3 by default, and so you need to provide v3 credentials. Go to Google, sign up for a ReCaptcha account and add an entry for the domain you want to protect. Enter the secret key and public key Google gives you in the WordPress plugin and you are nearly done.

You also have to add the reCaptcha to your form layout.

You also need to make sure that the version of PHP that you are running has the right libraries to support it!

Let’s add the code to the form layout. Here is a simple example of a contact form using the ReCaptcha codes (WordPress short codes). Check the last but one line:

 

Note the codes in this version I am using

[captchac captcha-1] [captchar captcha-1]

This is calling two parts of PHP from your server in order to create the effect. Firstly, Captcha uses an image and secondly it needs you to type text. If you don’t add this into your form, then Captcha won’t show.

When it is added, the captcha appears under your form, as in the template layout.

 

 

 

By far the biggest issue for me was the file permissions and ownership, and once that had been done the auto-updates just worked. But also, the auto install of new plugins, removal of old ones, pretty much everything I want to achieve is possible from within WordPress now. No longer any need for me to log into the server and use the tools built in there, and this means keeping WordPress up-to-date will be easier, so there’s less of an excuse not to!

A brief word on security.

WordPress has long been the target of attacks on servers and is one of the main reasons for server slow down and other problems. It is such an issue that you need a robust security plan to be in place when you run WordPress. Fortunately, there are many plugins to help, and you will no doubt have fun reading reviews on them all, but I am much more relieved to see some significant improvements to security tools built right into WordPress and available to any administrator to see the issues and possibly to fix them too.

The WP Security tab is a huge step forward, in my opinion.

I am not a server administrator, and am not really familiar with of all the nasty things hackers can do, but at least there is some comfort from knowing I have better tools to help me now than I had when WordPress first came out all those years ago. I’ll keep using it for a while longer, I guess!

Happy ‘pressing!

Magical Mangosteens

 Today, after a pretty rough night spent mostly awake and mostly inconvenienced, I am not eating very much at all. I’ve decided to go on a bit of a detox for a day. Yes, those far more informed than I can wax lyrical about how bad that is for your body, but to be brutally honest, I no longer care. Anything I consume at the moment stays approximately 15 seconds before making a reappearance… so it is time to do two things:

1 – change my water filter cartridge
2 -eat things that only give you a really healthy benefit.

A third thing is to drink something to rehydrate myself… my poor and ageing body needs to recover!

So it is that I happened to have some Mangosteens in my refrigerator. I bought them not knowing what they were, and vowing to try them. Tropical fruits can be a bit hit and miss for me, so I was a little anxious and had thought to leave them a while. But then last night happened.

In reading about Mangosteens, most of the scientific evidence is completely inconclusive “not enough work has been done to verify the claims made about this food”… you know the sort of thing – totally non-committal, basically consigning it as a fad and whilst experiments in lab animals (seriously? They still do that?) have shown remarkable results it has to be pointed out that it wasn’t a simple fresh piece of fruit they used, but a highly concentrated version of it.

The anecdotal evidence, however, is compelling to say the least. Mangosteens, the leaves, the bark from the tree they grow on, the roots… all have considerable local folklore attached to them about what they can and cannot do. From helping with dysentery and diarrhoea to actively fighting bowel cancers, fast healing of wounds and so on… naturally, once you read these claims you are slightly cynical. But, given my state this morning, it’s a case of ‘any port in a storm’!

The edible part of the mangosteen is inside the rather fibrous outer shell. When you cut around the middle, you can pull the shell off easily, and reveal a small set of segments – like an orange has got… only these are white. The larger segments will have ‘stones’ in them, about the size of a stone inside a plum or perhaps a bit larger. These are the seeds for the plant. All you do is simply take a teaspoon and spoon out the segments and pop them into your mouth. And I have to say, they are simply delicious!

They have a citrus like tang, but a unique flavour – not unlike an orange, but certainly not the same. The ‘stones’ are easily dealt with – take the flesh off them with your teeth, and spit out the ‘pip’… It’s rather bitter in flavour so I wouldn’t recommend crunching it. The flesh, however, is simply wonderful! These native fruits of SE Asia (where I am as I write this) are so good! You could probably add them to a smoothie, blend with strawberries or even oranges, plus a banana and you’ll get a brilliant flavour. I cannot overstate this – they are delicious, and should be on your dinner tables as part of a fruit desert.

Now for the left over parts, the husky shell- you can simply cut them into smaller pieces and boil in a pan with water enough to cover them. the water will go a deep reddish-purple colour, and within a few minutes you’ve got a delicious drink. Add a spoon of honey (the shells can be a bit bitter) and use that for your morning brew.

Apparently, locals here in the Philippines cut into very small pieces and dry the shells first – naturally hot sunny days help with that – and then use that as ‘tea leaves’. They store for ages, and make a refreshing and healthy alternative to tea, coffee or other hot drinks. I’m game to try it!

Having eaten one, the taste is so good, I’ve eaten two more. Within the hour my gastric issues have settled down. This is not a scientific test, but all I can say is, given the choice of a difficult time with some tablets to help me, or a few mangosteens, I prefer to have the mangosteens. Try them!

You’ll be glad you did.

Live currency exchange rates in Apple Numbers

For a while now I’ve been looking for a simple way to have a spreadsheet look up a lie currency exchange rate. The various solutions offered included writing scripts to go and get the live values… but try as I might I couldn’t get Apple Numbers to work with this. As a result, I’ve been manually looking up the current rate and typing it manually into a cell that all other cells reference. It works, but it’s a bit manual and clunky.

It turns out I had the solution all along – it’s built in to Numbers, but isn’t obvious (at least not to me!)

All you do is click into a cell and enter a formula, so just choose your cell and type the ‘=’ sign to bring up the formula entry. Now type CURRENCY

(yes, it’s really that obvious)

There are three components to enter – the currency you want to convert from, the currency you wnat to convert to, and the price of that currency. The last part is what you will get dynamically.

Firstly, you need to know the currency codes for your conversion. For example, if you want to know how many US dollars there are to one GB Pound, you’d need to know the currency code for Sterling is GBP and for the dollar is USD. These are the first two things to type, and you have to add quote marks around both:

CURRENCY(“GBP”,”USD”,0)

The third thing is the zero at the end. This forces Apple Numbers to look up the current price. In the formula editor you can see a drop down list of possible values to use instead of zero, such as the name, or the current change in rate.. or the highs, lows and so on.

What you should get back, after a very slight pause when you enter the formula, is the cell showing you the current exchange rate (At the time of writing, this returned $1.31)

This is a really useful feature if you are trading in different currencies and need to do some basic calculations. Keep in mind that whilst this looks up the live rate, it is not the rate a bank will offer you! Use it as a guide… if you want to check it, go to https://xe.com and see what they say there. It’ll be pretty close!

 

Disable Gatekeeper on OSX

You know that annoying moment when you have downloaded an application – perfectly legally – from an ‘unidentified developer’ and your Mac decides you are not allowed to run it? Well that is pants! I realise Apple are only trying to protect you from the evils of the universe, but it really ticks me off that I don’t get an option to ‘open anyway’ right there and then. No… instead I need to go to system preferences and enable it, or right click the app icon to start with. This is just too tedious. It’s a feature called ‘Gatekeeper’, and it really is there to prevent malicious code being run on your machine.

In previous versions of OSX it was possible in System preferences to allow apps from ‘Anywhere’ to open, but in more recent versions that has ben taken away. Apparently we are not allowed to play with ‘Anything’ – only those from the App store or ‘identified’ developers (i.e. anyone who distributes through the App store).

OK – once again I get the need to protect us from our own stupidity, but it is taking it a little far, IMO.

So for all you geeks who want to return the option in system prefs to allow apps from ‘Anywhere’ just follow these steps:

  1. Quit system prefs if it is running
  2. Launch a terminal window
  3. type this:
    sudo spctl --master-disable
  4. Then enter your password.

that’s it – job done. Now you can open system preferences and see the welcome return of ‘Anywhere’ in your Gatekeeper panel.