Image Credit: Socialmediatoday.com

1. Kung nakareceive ng pera for pay-ins, huwag ipopost ang tracking number hangga’t hindi pa ito nakiclaim. Baka may magclaim na iba. Picturan mo na lang at saka mo ipost kapag nakabili ka na ng Global Package.

2. Kung ipopost ang resibo ng remittance after maclaim, iblur ang branch ng remittance center. Baka ka abangan sa susunod mong pagclaim ng pera.

3. Huwag ipost na papunta ka na sa BCO / branch para bumili ng Global Package. Baka abangan ka dahil alam na may P7,980+ kang dala. Lalong lalo na kung 7 heads ang pay-in, huwag muna iannounce kung papunta ka pa lang sa office.

4. Huwag ipost ang birthdate, address, TIN, SSS, etc kahit kailan sa social media. Baka mabiktima ka ng identity theft.

5. Kung nagpadala ka ng products/ Global Package via LBC, JRS Express, EMS, PhilPost, etc, iblur and tracking number at address bago ipost sa social media. Baka may magclaim na iba.

6. Kung magpopost ng picture na may hawak na malaking pera, make sure na nasafe-keep (nadeposit na or naitago na sa lumang baul ni lolo ) mo na ito bago mo ipost sa social media.

7. Magpost ng totoo lamang. Walang halong yabang o kasinungalingan.

Image Credit: Cloudflare

See TLDR below if you are in a hurry.

Now, let’s start first with my story…

The past few days, I’ve been trying to setup SSL on BatangasToday.com for extra security using Cloudflare’s Flexible SSL. After several days of trial-and-error, I finally nailed it!

The instruction on the WordPress.org website is simple. Just add the following code on wp-config.php file and it will work.

define(‘FORCE_SSL_ADMIN’, true);

Well, it will work if you have a Full SSL setup. (Refer to the image on the right to know the difference, ok?) But for a Flexible SSL on Cloudflare, setting it will result in infinite redirect loop error.

However, according to that same instruction, you need to put additional code on wp-config.php if you are on Reverse Proxy, just like Cloudflare. The code looks like this:

define(‘FORCE_SSL_ADMIN’, true);
define(‘FORCE_SSL_LOGIN’, true);
if ($_SERVER[‘HTTP_X_FORWARDED_PROTO’] == ‘https’)
$_SERVER[‘HTTPS’]=’on’;

Tried the code. The result is the same infinite redirect loop error. That’s because maybe, Cloudflare is not setting up HTTP_X_FORWARDED_PROTO properly.

When I contacted Cloudflare asking them to check if they are setting up HTTP_X_FORWARDED_PROTO properly, they instead suggested me to go the Full SSL route.

So I asked them, “Can’t you fix this without advising us to go to the Full SSL route?” In which their support replied, “I can most certainly have us check it out. I am curious, however, if choosing the full option gets rid of the loop.”

Well, I don’t know if choosing the full option can get rid of the loop, since I don’t have the ability to go Full SSL since I don’t have SSL setup on my host. Setting up my own SSL on my host costs $3.95/month for self-signed certificate. I’m a cheap a$$ so I insisted that they set HTTP_X_FORWARDED_PROTO properly.

Then, after some more googling, I found this forum post. Analyzing the code there made me think that Cloudflare might not be setting up HTTP_X_FORWARDED_PROTO properly, but they are sending HTTP_CF_VISITOR with “https” substring on its value when the site is being accessed on https.

So, instead of checking for HTTP_X_FORWARDED_PROTO, I checked HTTP_CF_VISITOR on wp-config.php file. I added the code below instead of the code suggested above:

define(‘FORCE_SSL_ADMIN’, true);
define(‘FORCE_SSL_LOGIN’, true);
if( isset($_SERVER[‘HTTP_CF_VISITOR’]) && strpos($_SERVER[‘HTTP_CF_VISITOR’], ‘https’) )
$_SERVER[‘HTTPS’]=’on’;

And bang! No more infinite redirect loop. And I can access all admin pages on https. And everything works fine! Except for the mixed content error, which simply means that I am showing pages on http and https, mixed, since some CSS files are taken from the http.

To fix that, I installed the WordPress HTTPS plugin, to remove the mixed content error and see the “green lock” on the browser when I’m on the WordPress Admin panel.

Everything works fine now.

=======

TLDR. If Flexible SSL is already setup on your Cloudflare account, you just need to add the following code on wp-config.php file.

define(‘FORCE_SSL_ADMIN’, true);
define(‘FORCE_SSL_LOGIN’, true);
if( isset($_SERVER[‘HTTP_CF_VISITOR’]) && strpos($_SERVER[‘HTTP_CF_VISITOR’], ‘https’) )
$_SERVER[‘HTTPS’]=’on’;

You can optionally install WordPress HTTPS plugin to remove mixed content warning on your browser and see the “green lock”.

That’s all folks!

BTW, I’m using Dreamhost’s Cloudflare Plus option, cheaper than the Cloudflare Pro option.

Credit: benparr.com

SOPA. Stop Online Piracy Act. Ito ang mainit na issue sa US ngayon, kasing-init yata ng RH Bill dito sa Pinas. Pero ano nga ba ito at maaapektuhan ba ang mga tao dito sa Pinas kung maipasa ang bill na ito sa Amerika?

Majority ng mga major websites ay tutol dito. Google. Twitter. Tumblr. Youtube. Reddit. 4Chan. Bakit? Panoorin nyo na lang ito:

Maganda ang layunin. Sablay ang paraan. Kaya marami ang tutol. Sa mga kumikita online, malaki ang magiging epekto sa atin kung maipasa ito, lalo na kung majority ng mga visitors nyo ay mula sa US. Kayang kaya nila iblock ang website nyo kung may makita silang “infringing” contents sa sites nyo. Goodbye US visitors na kaagad. Patay ang negosyo.

Paano tayo makakatulong para hindi maipasa ang batas na ito? Since hindi naman tayo pwedeng makisawsaw sa kongreso nila, we can spread awareness para yung mga readers nyo na mga taga US, sila ang gumawa ng paraan. Malaman nila kung ano ba talaga itong SOPA at matawagan nila ng pansin ang kanilang mga congressman. Kaya makikita nyo dyan sa header ng blog ko, merong “Stop Censorship”. Kahit yung Batangas Today, nilagyan ko na rin. Kung paano lagyan yung website nyo nyan, just visit americancensorship.org.

Stop the Firewall of America. Stop SOPA. Kumain na lang tayo ng sopas.

Tupac still alive in New Zealand
by PBS Web Tech

Prominent rapper Tupac has been found alive and well in a small resort in New Zealand, locals report. The small town – unnamed due to security risks – allegedly housed Tupac and Biggie Smalls (another rapper) for several years. One local, David File, recently passed away, leaving evidence and reports of Tupac’s visit in a diary, which he requested be shipped to his family in the United States.

“We were amazed to see what David left behind,” said one of sisters, Jasmine, aged 31. “We thought it best to let the world know as we feel this doesn’t deserve to be kept secret.”

David, aged 28, was recently the victim of a hit-and-run by local known gangsters. Having suffered several bul1et wounds on his way home from work, David was announced dead at the scene. Police found the diary in a bedside drawer.

“Naturally we didn’t read the diary,” one officer states. “We merely noted the request to have it sent to a US address, which we did to honor the wishes of David.”

Officials have closed down routes into the town and will not speculate as to whether Tupac or Biggie have been transported to another region or country. Local townsfolk refuse to comment on exactly how long or why the rappers were being sheltered; one man simply says “we don’t talk about that here.”

The family of David File have since requested that more action be taken to arrest those responsible for the sh00ting. “David was a lovely, innocent boy” reported his mother. “When he moved to New Zealand, he’d never been happier.”

His brother Jason requested that one part of David’s diary be made public in an attempt to decipher it. “Near the end,” Jason says, “there’s a line that reads “yank up as a vital obituary”, which we’ve so far been unable to comperhend.”

David’s girlfriend, Penny, did not wish to make a statement.

So, why did I delete my account then? Because I signed up on Friendster for social networking, not for any new service they are planning to offer. Having my account already with them makes me subscribed to their planned service already, whatever it is. And I don’t want it that way. I want to see the service first and sign-up with them if I like it. I signed-up for a social networking service, not a gaming or music service.

I highly recommend you do the same. We don’t know what they are going to those account information anyway. After they deleted the reasons we have the Friendster account in the first place, don’t expect that we’ll just stay there and let our information be used on any way they want.

So, how do you delete your Friendster account? Simple, after downloading your information using the Friendster Exporter app, go to Settings on the upper right hand corner of your account. Then click Cancel Account. See screenshot below. Click the image for a larger view.

And that’s it! Goodbye Friendster!

See how it works:

Yesterday, I installed the Pixazza code in my photo blog. It is now showing the Pixazza ads in my photos.

According to their About Us page, Pixazza is a private company funded by August Capital, CMEA Capital, Google Ventures, and Shasta Ventures, with offices in Mountain View, CA.

You can join them by visiting their site: pixazza.com.

All you need to do is to create your Dreamhost Rewards account for free and you’ll get your affiliate link from that account. Earnings? You’ll earn $97 for each account you refer.

Create your account here and start earning! You don’t need to have a website. Get the affiliate link and promote it on Twitter, Facebook or any social media you are fond of. Join NOW.

If you are one of those people on their “hit list”, if your IP address has a record of spamming websites or doing any malicious things in the past, you will not be allowed to enter this site unless you prove yourself on a captcha. However, if your IP address has no bad record, you visit this blog normally, no captcha whatsoever.

How Cloudflare Works
Credit: Cloudflare.com

With Cloudflare, before a spammer could reach your site, they are already blocked on the entrance. It becomes your first line of defense. You can also block IP address by hand, if it passes Cloudflare and you think it is doing some malicious activities on your site.

Aside from protecting your site from known spammers, Cloudflare is also a CDN. A content delivery network. Since Cloudflare has servers all over the world, it will deliver your content from its server nearest to the visitor. Making your site load faster!

And we’re not finished yet. Aside from being a CDN, Cloudflare also acts as a fail-over backup server. With its “Always Online” feature, your site will never go offline again. When your host goes offline, Cloudflare will take over and deliver your content taken from their cache. Your visitor might not be able to write comments since your host is offline, but they can still read your posts and you can still earn from your ads. You might not be able to write new posts while your site is offline, but your existing content remains active giving you money while your host is fixing the problem.

Now, with all these features, guess how much Cloudflare is? You won’t believe but it’s free! All you need is your own domain. If you have access to your domain registrar and you know how to edit your nameservers, configuring Cloudflare is as easy as changing your pants.

Go, visit Cloudflare and try it now.

NOTE: This is NOT a paid post. I am just happy to share this to you because it is really cool!

For example, if somebody from Amsterdam visits this blog, instead of downloading all the static files (css, jpg, ico, js, etc..) directly from my host (Dreamhost), the files will be delivered from a server in Amsterdam, making it load faster. If someone from LA visits this blog, it will receive the files from an LA server.

Aside from speed advantage, it lightens the load on my server. It will only serve the static files to the CDN and the CDN will be the one delivering them to the visitors. Bandwidth and memory usage decrease which in turn pull down my monthly hosting payment.

I just paid $39.95 for the CDN for 1 TB bandwidth for 1 year, speed up my sites and made a monthly savings on my hosting payment of around $50. This means that I paid $39.95 to save $600 in one year. Not bad, isn’t it? Though $39.95 is just a promo price, the regular price is only $99, which I’ll pay on my second year. Still, an advantage for me.

I use MaxCDN for my CDN needs. The CDN used by John Chow, Mashable and CopyBlogger. I’ll be posting a tutorial on how to implement MaxCDN to a self-hosted WordPress blog using WP Super Cache in the near future. Most of the tutorial I see online uses W3 Total Cache. Since I’m a WP Super Cache user and I don’t like changing plugins just to use another service, I studied and found a way to implement CDN using WP Super Cache. I’ll blog about it later, maybe tomorrow.

Yeah, right! I know, there’s no such thing as 100% uptime. Your site could go down anytime. This is not a perfect world. So, there really is no 100% uptime. But what is Dreamhost 100% uptime guarantee? Do they say that your site is not going to go down ever? NO.

Here’s what they mean by a 100% uptime guarantee:

If your web site, databases, email, FTP, SSH or webmail is unusable as a result of a failure in our systems and for reasons other than previously announced scheduled maintenance, coding or configuration errors on your part, we’ll credit your next invoice with 1 day hosting free for each 1 hour (or fraction thereof) of service interruption; up to 10% of your next pre-paid hosting renewal fee.

Dreamhost will credit your next invoice with 1 day hosting free for each hour or fraction thereof of service interruption up to 10% of your next prepaid hosting renewal fee. Got it?

Dreamhost may not give you the 100% uptime coz 0.01% of the time, s#!t happens. But since they have the 100% uptime guarantee, they will credit you that 0.01% downtime on your next invoice.

Other hosts will promise you 99.99% uptime. If your site went down, they’ll just say sorry, you are experiencing the 0.01% downtime. On Dreamhost, they will not just say sorry, they will give you 1 day credits for every hour your site is down to fullfill their 100% uptime guarantee. Isn’t that cool?

One day credit might just be equivalent to $0.30 ($119.40/365) on you. So, you’ll just get $0.30 for every hour your site is down. But imagine the impact on Dreamhost if thousands of their clients went down just for an hour, just like what happened to the other hosts today? They will be losing huge money because of this guarantee. This is the reason every time your site went down on Dreamhost, they will do their best to bring it up at the soonest possible time. Every hour counts on them if they don’t act as soon as possible.

On my almost 3 years on Dreamhost, I never had my sites down for more than 24 hours after reporting it. They usually fix it in less than an hour or two.

Here is their official 100% Uptime Guarantee page. Here is my official Dreamhost discount page, in case you want to try it. No risk. 2 weeks free trial with 97-day money back guarantee and 100% uptime guarantee! Sign-up now