Remember to Reclaim September

It’s been a month, the new semester is in full force and I am just coming up for some air. I’ve a bunch to share in more detail, but this post will be a bit of a summary of highlights to help me get get back in the groove (and doubling as a blog to-do list). So anyway, time to blog!

Thank you, Reclaim

Lauren Hanks has left the Reclaim building! After eight amazing years, Lauren is moving on and we’re thrilled for her and the new adventures that await. That said, anyone who knows Lauren understands how big a loss this is for Reclaim. She was old gold Reclaim through-and-through and her presence will be missed terribly. There’s more to say on this, but all I can say for now is thank you, Lauren, for showing up every day and ruling all.

ReclaimPress Logo

I think I’ve been using the development of a forthcoming product, ReclaimPress, as a way to avoid dealing with Lauren’s departure. Intense work cures many a woe, and ReclaimPress has been a lot of fun to play with.  In short, ReclaimPress is just WordPress. If you want to get up and running with a just WordPress without the overhead of cPanel, this is a great solution, and I think we can price it so that the costs are comparable with shared hosting. What’s more, from this space you can scale from hobby project to enterprise grade without ever moving your instance. Containerized WordPress hosting with a slick user interface is coming to Reclaim, and that is a beautiful thing.

Bryan Mathers Art for the Win!

And as always, we have Bryan Mathers doing his magic with the art. That needs to be its own post given it will help me flesh out ReclaimPress a bit better—as his art always does—so stay tuned for more.

ReclaimPress Dashboard

Part of how I play with any new platform we stand-up is moving as many of my own sites to the new space as possible. This helps me work out any kinks and generally get a sense of the experience we’re providing our community. So, as you might have guessed, this blog is now hosted on ReclaimPress, as is both and You can see from the image above I not only have this blog running in two regions (bavamulti-1 on the West Coast of the US and bavamulti-2 in Canada), but now is also running as a multi-region—progress! was the first of the three to come over

After getting comfortable with my own sites in ReclaimPress, I started working with some select folks to help me test the new space. In particular, Bryan Mathers was intrigued while creating the art work, and he has a few sites running on our shared hosting that could use a performance boost. So, we moved them over to ReclaimPress and it seems to be a very good fit thus far, plus his sites are so beautiful!

The great Visual Thinkery site now hosted on ReclaimPress

One of his sites ( was using WooCommerce, and ReclaimPress has a special hosting package just for that plugin, so we tried that out as well, and by all reports it is doing the trick for his Ulster zine project, which is just another stroke of Mathers genius.

Bryan Mathers’s Zine project to focused art on Ulster

After figuring out those sites, we have started the process of moving larger managed WordPress instances from Reclaim Cloud to ReclaimPress, so things are in motion for sure.

National Geographic GIF featuring penguins migrating

In fact, a big focus for Reclaim Hosting this month has not only been on managing the September rush, but also getting a plan together for a bigger migration project of all of our servers off CentOS 7 to Ubuntu. A huge project for sure, but this month we’ve started to dig in our broader plan into action so we can start chipping away at the migrations each day, week, month for the next 11 months. When it’s done our entire infrastructure will be not only have been migrated, but also upgraded in the process. Many of which are security enhancements that will go a long way towards future-proofing our fleet.

There is a lot more on the Reclaim Hosting front for sure, but the above underscores how much of the  focus has been on ReclaimPress and our server migration project, not to mention beginning of the semester!

Posted in reclaim, ReclaimPress | Tagged , , | Leave a comment

On This Day

I was recently reading John Johnston’s blog, and I noticed he had an “On this day” tab that led to a page that lists all the posts he had written on that day over the life of his blog. He then went on to note:

This page uses Alan’s wp-posted-today: WordPress plugin provides shortcode for displaying posts published on current day. I find it fascinating, it also allows me to do some digital gardening, mending broken images and links as I wander through my past.

So cool, after seeing it on John’s blog I vaguely remember Alan programmed this bit of magic, but in my rush to the next thing I never stopped to install it. What’s more, John’s notion of using this plugin to help weed his blog garden and keep his archive in order seemed like an eminently practical way to keep things from degenerating entirely. One of the things that haunts me about this blog is the thought of all the broken images, defunct links, and Youtube videos long since taken down. The significant toll of not-that-much time on the web is a stark reminder of its fragility. So, I decided to install the plugin and use it not only to be reminded of ideas past (that very well could have been written by someone or something else), as well as to use it as a daily reminder to clean-up the archive. I’m hoping the little-by-little, day-after-day approach over the next year is less intimidating than trying to do it all in a few weeks.

The ‘on this day” page linking to post from the bava archive written on this day, plugin thanks to Alan Levine

So after installing the plugin this morning I went to the “On this day” page and saw the following:

There are 13 posts previously published on September 4th

  • 2021
    • Robot Tour of Reclaim Arcade This morning I streamed and recorded a tour of Reclaim Arcade via the robot. It’s always fun to do this kind of thing, and hopefully this video gives you some sense of the space.
    • A Quick Tour of Owncast I spent some of yesterday and this morning playing with an open source streaming software called Owncast. Mo Pezel told me about it last month, and when I saw Digital Ocean had a marketplace app I decided to try and … Continue reading ?
  • 2017
  • 2014
    • Creating GIFs with Text in GIMP Here is a quick screencast showing you how to add text to GIFs in GIMP. And keep in mind, GIFs don’t necessarily need text for the summary assignment. And here’s a GIF with text ?
    • Wire 106: S01E11 “The Hunt” Meredith Fierro, Jessica Reingold, Paul Bond and I discussed Episode 11 of Season 1 of The Wire: “The Hunt.” This was special for me because it’s the first time we had UMW students enrolled in ds106 join the discussions about the … Continue reading ?
  • 2013
    • What I’m up to…. Think of this as a placeholder post until I can get around blogging each one of the points below in some detail. We’re already midway through week 2 of the semester and I’m desparately trying to keep my head above … Continue reading ?
  • 2011
  • 2010
    • Child Bride (1938) So, I recently got the latest issue of Filmfax (my favorite magazine in the world) and it was a good one. As soon as a I got it I was heading directly for the article on Peter Hyams’s NASA conspiracy … Continue reading ?
    • Rosemary’s Baby: A Retrospective This is a quick and fascinating retrospective on one of the great horror films of the late twentieth-century: Rosemary’s Baby (1967). It’s interesting to hear what Polanski thought of as the best scenes and shots, and even wilder to realize … Continue reading ?
    • Blood Meridian: Some Quotes 224:”…the bull had planted its feet and lifted the animal rider and all clear off the ground…” Image source: “Six versions of Blood Meridian” I’ve been reading and re-reading Cormac McCarthy’s Blood Meridian most of the Summer, and I don’t think … Continue reading ?
  • 2009
  • 2008

Crazy, I wrote 13 posts on September 4th since 2008, and this one will make 14. It’s interesting to see some of the trends of this blog, there’s a fair amount of earlier blogging about movies, such as Bad Boys, Mildred Pierce, Broadway Danny Rose, and Rosemary’s Baby. Most of those early film posts are relatively brief, and some just have links to videos (long gone now).  There is a real sense of the blogosphere before Twitter took over given the short posts that could garner 4 or 5 long, thoughtful comments. Or even folks using one of my  posts as inspiration to write their own, as Antonio Vantaggiato does in response to the Broadway Danny Rose post. And then there’s a post like Child Bride (1938) which was a throw away reflection on an article in Filmfax that has become one of my most regularly commented upon and regularly read posts over the last ten years. It’s a post I cringe about in retrospect given the subject matter, and then the comments have turned into a strange genealogical fishing expedition that’s taken on a life of its own.

Several of those posts housed long-broken links to videos that I’m not entirely certain were from my terminated Youtube account or not. I took the liberty to update them with videos I believe I originally posted, but then again I really can’t remember. Did the original Bad Boys scene I included feature Sean Penn using a pillowcase full of soda cans to defend himself? Or was it the opening robbery scene? I have no idea, and that is one of the strangest things of having a blog for so long that you poured endless hours laboring over, 15 years later you have little to no idea what you were thinking.

After the movie posts, there are some ds106 posts, which is not a huge surprise 🙂 One was an instructional screencast for making GIFs with text, and the other a wire106 video conversation with ds106 students—including Reclaim’s Meredith Fierro!—reflecting on a specific episode of the HBO series The Wire. Unfortunately, both the screencast and the discussion video were uploaded to UMW’s short-lived Mediacore service, which was not renewed and many of those videos seem to have been lost.* Appears linked video is the most fragile piece of my archive, and I’ve been trying to rectify that by preserving as many videos as I can on for posterity.

“EdTech transmissions: We Control the Vertical and the Horizontal” at Maricopa College

There is also a reflection post on my presentation at Maricopa Community College in 2011, which brings back amazing memories of Northern Voice 2011 and the legendary Sanctuary jam session, as well as the subsequent trip to Phoenix with Cogdog to not only present on the magic of ds106, but also to head to Strawberry and spend some downtime with the blog king himself.

What I’m up to….

Possibly the most informative snapshot post from this list is the “What I’m Up to…” written in 2013 (ten years ago to the day!) that highlights a series of projects, including the then newly-formed Reclaim Hosting. After that, there’s a couple of Reclaim-related posts, such as this one about accessing multiple hosting accounts in cPanel via the WHMCS API or this one about playing with Owncast on Reclaim Cloud.

Robot Tour of Reclaim Arcade

And to top it all off, there is the robot tour of Reclaim Arcade in 2021 (long before the renovations), how crazy is that?

It’s hard to fully express all the different feelings going through my mind browsing this list of 13 posts. I think there is something to this attempt to document one’s work on a blog, if for nothing else than to remember it 🙂 Thanks for the inspiration, John, and thanks for the plugin, Alan, it made my Labor Day! And hopefully it will prove to be the fitness program this blog’s archive has long needed.


*I am currently downloading backups from S3 of my computer from around that time to see if I can salvage anything, but I am not hopeful.

Posted in Archiving,, bavatuesdays, blogging, plugins, WordPress | 2 Comments

9 WordPress Themes from 2007 that Still Work

I’ve been preparing ELS Blogs to be flattened and archived, and I’m working on another, longer post that both reflects on and documents the process. Part of that post became unruly, so I figured I would break it out here. I started to go down the rabbit hole of themes from 2007 that didn’t break 16 years later. You see, probably the biggest issue archiving a blog platform like ELS Blogs or UMW Blogs is broken themes that make flattening any content either ugly or impossible. Probably more than half the 68 sites in ELS Blogs were inaccessible due to broken themes. I spent time this morning going through and fixing each and every one so they resolve cleanly before being archived.

But rather than just focusing on what was broken, I wanted to highlight the themes that didn’t break, so I figured it might be fun to provide a little showcase of early WordPress themes that still work fairly well. So, here it goes:

The “All I Could Say Was…” blog is donning a very time appropriate “Thoughts” theme (Version: 2.0) designed by Lisa Sabin-Wilson, with the tagline: “a muted blueness.”

The “Dry Your Eyes” blog is sporting a personal favorite, the “Connections Reloaded” theme (ver. 1.5) designed by Ajay D’Souza, the tagline for this theme is “going places in some style.”

“Ellie’s FTC Blog” is floating another theme by Lisa Sabin-Wilson, this one is Waterlily (ver. 2.5) with the tagline “messing about on the river.”

“A Tropical Iceland” is using Framefake (ver. 1.0) by Kai Ackermann, who is “getting framey with it.”

The “And why not? It worked in Blazing Saddles!” blog chose Jakarta (ver. 1.1) by Jose Mulia, where “sandstone meets accessibility” is this theme’s claim to fame:

The GlossyBlue theme (ver 1.2) by Nick is the choice of HumanisticMystic’s “New Media Studies” blog because “it’s glossy, it’s blue… need you know any more?

The “I’m Always Home. I’m Uncool” blog went with RoundFlow (ver. 1.0)
by The undersigned  because you can “set every colour just how you like it:”

The Crop Circles theme (ver. 1.5) by Marianne has by favorite tagline: “a theme invaded by aliens.” That has got to be why the “George Street” blog chose this one.

Finally, there is Regulus (ver, 2.2) by Ben Gillbanks the theme that delivers “highly customisable headers and more.” Custom headers were a big deal in 2007, as the “Byronolog” will attest to!

I know Olia Lialina termed the early website designs Prof. Dr. style, what to we call the designs of this era? I got many of these themes from a theme pack James Farmer assembled for folks creating WPMu instances like ELS Blogs or UMW Blogs, and there was a huge attraction to being able to provide both choice and customization for your site, and looking at the above sites I am remembering why 🙂

Posted in themes, WordPress | Tagged , , , , | Leave a comment

Rise of the Machines

I’ve been pretty resistant to the idea of AI in edtech and beyond, and part of why was epitomized in a recent email I received from a self-acclaimed “cyberpunk anti-hero from the future” that underlines the cash-in zeitgeist that repels me. Perhaps I’m just showing a bit of my age in the field, I mean I did have fun with Michael Branson Smith’s AI Levine project, and it’s pretty clear AI colonized our imaginations long before the present gold rush, but the speed at which it has already arrived at inevitable is a bit frightening.

And it’s because of that fear, engulfed in a rank stench of opportunism, that I have kept most of it at Michael Bay thus far. I haven’t blogged about it (until now). I haven’t played with ChatGPT, Mid-journey, DALL-E, or other tools like them beyond a cursory fashion, and I acknowledge my limits, but there’s a deep sense of dread that accompanies offloading pleasures like blogging or taking images to the machines. There are also people I deeply respect that have begun to dig in, and I’m glad they’re bringing a practical, thoughtful voice to the discussion. In fact, part of me feels like I should too, but it’s difficult to shake the sense of déjà vu watching the tech lizard people emerge from the swamp to slither towards the territories—the pioneering spirit attracts as many hucksters as it does explorers.

But the other part of me feels this territory might be better left untouched, I mean most historical “discoveries” of “unclaimed” lands have been euphemistic expressions of exploitation and extraction? In fact, you don’t need to go back to the 15th or 16th centuries, just think back 20 years to the rise of social networks and the unimaginable scale and speed in which they rose to the level of nation-states. And then there’s the economic side wherein the wealth of those behind the tech-gilded age dwarves that of many countries. This more recent history is what makes the rise of the machines that much more dire given we seem entirely comfortable abandoning any remaining trace of humanity in the process, it’s a whole new twist on the colonizing trick.

I don’t want to be a nay sayer, but I can’t shake that sense of dread that has nothing to do with the pedestrian concerns around plagiarism—rather it seems the very fabric of how we currently understand reality is at stake. And perhaps that’s where I’m long in the tooth, many folks mid to late career in the 90s probably felt the same way  about the web. But maybe not all of them were wrong? I guess it’s time to dig deep and channel some Beckett: “I can’t go on, I’ll go on.”

Posted in Uncategorized | 11 Comments

Mail Suppression

No, the other mail suppression! You see, if I was a better blogger and a funnier person I would write extended similes like Martin Weller in his “Your social media choices, as 70s disco tracks,” making him the undisputed John Milton of edtech analogies, but alas this is a b-blog.

This is yet another niche post that will hopefully remind me of how I’m running my infrastructure once I inevitably forget everything. Namely, I’m forwarding my email so that I can send from multiple emails domains from my main Gmail account. The issue was a colleague was not receiving any of my emails on the address, but could from my I found time to start tracking the issue down, and realized I was running the forward for my email through Mailgun and there were quite a few more send failures for that domain than the rest.

There were 9 “suppressed” messages over the last month, and after looking in the Suppressions tab all of the recent occasions are to this one user. Seems like Mailgun started suppressing this address given an issue that is still not clear to me. Luckily it was an easy fix, I could delete the suppressions and emails starting working again, but this is not something I would have known about if I hadn’t discovered it while poking around. Email troubleshooting still haunts me.

Posted in Uncategorized | Tagged , , | Leave a comment

Good Vibrations for MU Migrations

I just used 10up’s MU Migration plugin to pull the Daily Create ( out of the multisite, and it was really impressive. You can install MU Migration as a plugin, but also as a package that uses the WP-CLI to make migrations, and it is pretty amazing. It will pull individual subsites out of a WordPress Multisite instance, that can then be imported into a stand-alone WordPress. Or,  going the other way, you can use it to import a stand-alone WordPress instance into a Multisite. It is impressive, especially after the touch and go nature of import/export plugins like All-in-One Migration and Updraft that tend to leave a lot of holes that needed to be plugged.

So, a command like the following ( had the site id of 10) will pull that sites users, active plugins, active theme, and all database details into a zip file call

wp mu-migration export all --blog_id=10 --plugins --themes --uploads

From there you would copy the zip file into the directory were your new install lives, and then make sure MU Migration is working on the site. After that you run the following command to migrate the entire blog (including media, users, themes, plugins, etc.):

wp mu-migration import all

The only snag I ran up against was the Daily Blank theme was active on the Daily Create site, but it depends on the parent theme WordPress Bootstrap. Seems like MU-Migration has no way to detect this, so I needed to install Bootstrap as well. Once I did so the entire migration of over 1 GB of media was done in seconds. While this definitely falls under the niche WordPress topic post, if you spend your time like we do at Reclaim Hosting migrating WordPress sites, then this is a definite must for the plugin toolbox.

Posted in plugins, WordPress, wordpress multi-user | Tagged , , , , , , | 9 Comments

Preparing for ReclaimPress

I’m pretty excited because one of the things I’ve been looking forward to for several months now, is testing and documenting ReclaimPress, which will be Reclaim Hosting’s latest product. In short, ReclaimPress offers performant, high-available WordPress hosting for when you outgrow shared hosting, and/or have a mission critical, enterprise-level instance that cannot be a fiat of the shared hosting fate. It is run on the same infrastructure as Reclaim Cloud, but for several reasons we are spinning it up in as a separate, stand-alone cluster.

This new cluster will start with 3 regions (US East, US West, and Canada) and just this morning we pointed DNS, so the service could be ready for testing and customizing as soon as early next. I’m planning on documenting what I learn here on the bava, with the idea that much of that can be repurposed (after heavy editing 🙂 ) as documentation once ReclaimPress is ready for primetime.

In anticipation of digging in, Taylor Jadin and I jumped on a stream and talked a bit about the service, why we are excited about it, and some of the features you can expect. We kept the stream to a managable 30 minutes, so if you are interested give it a spin!

Posted in reclaim, Streaming, Uncategorized, WordPress, YouTube | Tagged , , , , , | 2 Comments

August Community Chat: Reclaim Social Networks

For Reclaim Hosting’s August Community Chat we had the good fortune of being joined by Bonnie Russell of Michigan State University’s MESH Research Lab to talk with us about the work she is part of to think more broadly about using federated networks that leverage ActivityPub, amongst other syndication protocols, to continue to build community for the Humanities Commons. The work this group has been doing with the Mastodon fork Hometown over at underscores both the need and demand for alternative, federated social spaces for academic communities. Bonnie eloquently captures the expansive thinking this group is doing to design academic commons for the age of federation, and it’s truly some of the most exciting work happening since mother blogs 🙂 You can see her slides here, but I highly recommend taking the time to listen to her very succinct overview during the first 10-15 minutes of the above video.

Posted in reclaim | Tagged , , | Leave a comment

More Notes on ds106 Clean-Up

I think the worst of the ds106 hack is behind us, and thanks to Wordfence managing most of the heavy lifting it was not all that bad in the end. Now I’m just going through and pretty ruthlessly removing plugins and themes that are outdated, removing users, and seeing where old PHP code that never made the jump from 7.X. to 8.X can be cleaned up or removed. I enlisted Tom Woodward for the PHP clean-up in a few themes and plugins, and I also paid for an updated version of the Toolset Types plugin, which drives the Assignment Bank -it was the easiest short term solution until we can figure out a way to replicate that functionality without a premium plugin. As mentioned in my last post on the hack, I also bit the bullet and purchased the latest version of the premium theme Salutation so that it was also PHP 8 compliant.

At this point I think we’re in a pretty good shape. The only issue after the clean-up has been a result of my zeal to remove plugins and themes. I deleted the 960bc theme Tom had already cleaned up (oops!) as well as the Daily Blank theme that’s driving the Daily Create. I restored a version of that theme that still had some left over cruft, so finally did what I should have done in the first place: download a clean copy of the Daily Blank from Github.

My idea is to try using the MU Migration plugin I’ve heard great things about from Charles Fulton to pull the Daily Create out of the multisite into its own instance. That’s currently the most active of the sites, and exploding some of these sites from the multisite at this point will make it easier for me to work through a full blown flat-file archive/migration of the main ds106 syndication site that has almost 100,000 posts. So, the upside of all this is it provides a great excuse for a bit of experimentation with a new migration tool as well as some more archiving in the vein of UMW Blogs.

Speaking of experimentation, the whole reason I was playing with that ultimately led to the discovery of the hack was to test out the WP Offload Media plugin I am running on this blog. It’s up and running on as well, and serving media for the main site as well as the assignment bank without any issues. The other test was to see if it works cleanly with a mapped domain, and this led to getting the Camp Magic MacGuffin domain re-mapped. Mapping a domain on a WordPress Multisite that’s running in Reclaim Cloud (where ds106 lives) is pretty easy, we even have documentation for it. The one thing I had to do was add the following line to the wp-config file given I was having cookie issues when logging into the admin of :

define('COOKIE_DOMAIN', false);

Adding the above line in wp-config.php solved the login issues, and Camp Magic MacGuffin is once again mapped, so I can now further test how media that is offloaded to S3 works on a mapped domain.

While all the media in the media library has been offloaded to S3, I have not removed the local media given I’m not a very trusting person when it comes to losing files. That said, I did notice that existing files are still loading over the subdomain rather than being pushed to the domain alias on S3: I could do a rewrite in the database to ensure they load over, but it’s odd given the subdomain does push all images to automatically. This is something I’m going to have to test more, but good to know that all the media files are in S3, and I can find and replace if I have to. But I do want to understand why they don’t automatically switch on this mapped domain site.

So, I guess we are far enough through the hack that I can get back to some experimentation, that eventually, will lead to another hack 🙂

Posted in AWS, digital storytelling, s3, WordPress, wordpress multi-user | Tagged , , , | Leave a comment

ds106 Hacked and WordFence to the Rescue

If you have used WordPress for any length of time, chances are you’ve gotten hacked at least once or twice. That certainly has been my experience, and it never helps when you let old plugins and themes sit around for a while and stink up the fridge. In fact, before I went on vacation over two weeks ago I realized was down, and that was the clue that the site had been hacked. We have rapid response scripts to lock sites down when this happens and change passwords and cordon off everything so that we can work through cleaning up any remnants. There were malicious scripts left-over in several of the theme and plugin files that I manually cleaned up, but after doing some work on with the WP offload Media plugin, I discovered that the hack had left scripts in almost all of the nearly 100,000 posts in archive.

Not fun, and the worst part was I discovered this while on vacation and the Reclaim Hosting crew had their hands full with a more pressing issue. When Chris suggested Wordfence as a way to get me out of Slack, I knew he was right and decided to reach out to see if they would/could clean it up given the scope. I’m glad I did because not only did I get a sense of what Wordfence can and cannot do as part of the Wordfence Care offering, but also because Gert—who works with Wordfence and was my point of contact— was amazing. Like pretty much everyone, I love good customer service. In fact, Reclaim Hosting was built on a foundation of responsive support, so it was really nice to work with a company that also values a great support experience. I mean Wordfence have become synonymous with WordPress security for years now, they’ve built an amazing niche for themselves. Even more remarkable, is despite their growth and obvious success they’ve maintained such a high-level of support for the one-off user like myself. Major kudos to those running that ship given I have some idea how hard that balance can be.

So, a couple of things I knew would be issues that Wordfence confirmed, and one I didn’t:

  • Site running PHP 7.3 is a no-go
  • Can’t have old WordPress core files anywhere on server
  • A WordPress Multisites with more than 5 sites cannot be part of the Wordfence Care product I signed-up for

Points one and two were not a surprise, and I bit the bullet and bought the recent version of the Salutations’s Paralellus theme from ThemeForest so that I could get the site running cleanly on PHP 8. Removing the tmp folder with old core files was not an issue given it was only there when we were replacing core files after the original hack. The third point was not one I expected, but given the implications of cleaning a huge WordPress Multisite, it should not be all that surprising.

Luckily, ds106 only has about 9 sub-sites, so I temporarily “archived” (archive is the term WordPress uses for making them inaccessible to the web) a few that were tests or not in regular use. There are two sites I archived—namely the original Daily Create and the Re-Mixer—that I want to bring back online here shortly, but first I need to figure out what other sites might be a good candidate for flat-file archiving. After taking four sites offline I asked Gert if that would allow us to continue on the Wordfence Care package for the next year, and luckily it did! After that, they went ahead with the scan and clean-up of any and all offending malicious scripts. Whew!

The clean-up took several hours given the size of the database, and I’m still waiting on the post-mortem given this was all done over the weekend on Saturday and Sunday!—did I mention I love Wordfence? As of now all the offending scripts have been removed and I’ve been going through and removing out-dated plugins and themes in an attempt to avoid any re-occurrence. That said, I’m happy to remain on the Wordfence Care plan for another year to ensure all is good. Part of this is because I have an idea for a new ds106 course and you can’t start something new until the existing infrastructure is solid. Not to mention it just makes good sense to continue the clean-up and archiving of large parts of this site to future-proof its survival. I think that was the big take-away from the UMW Blogs archival project, and it’s work we should continue to push on.

It might be worth noting the thing that tipped me off there were still hacked files was browsing on the phone, something I normally would never do. But given I was on a vacation from my problems (well, not really in the end!),  I had been testing the WP Offload Media plugin for using the phone. When clicking a link on the site via mobile a new tab gets created that opens a crypto spam site, but this happens only on mobile devices. So it was hard to find, and probably impacted next to no one given the site is fairly dormant, that said this aggression will not stand, and hence Wordfence did the sweep and things are cleaner than a fresh “Hello World!” site.

There’s still a PHP conflict on that needs to be resolved, and not able to get the wp-cli to play nicely to find and replace some strings to ensure all older embedded Youtube videos play, but if those are the worst of my problems right now then we’re on easy street!

Something else that might be worth noting is that is hosted on Reclaim Cloud, which made giving Wordfence access to a single container in a clean way separate from my other environments pretty easy. We can use the collaborator tool for this, and I have to say it made giving server-level access to a container that much cleaner. That said, Wordfeence also needed a user with SSH access beyond the built-in web interface SSH client, which is possible if they share a public key. The one issue we hit is when someone shares a public key and we try and use the SSH Gate created by Reclaim Cloud there can be issues when connecting server-to-server. Taylor suggested adding the public key directly to the server environment (so not through the SSH key interface in Reclaim Cloud) and then using ssh user@ipaddress to access once the public key was added, which worked perfectly. Gert was patient with me while we worked through this, and this is very good to know for any future issues we may have. because, let’s face it, when using WordPress you’re a big target on the web in this day and age. And while preventative security is crucial, hacks will happen and response-time and effective clean-up services are increasingly becoming necessities when you host your site using WordPress.

Posted in digital storytelling | Tagged , , , , , | 4 Comments