WordPress All In One Wp Security (AIOS) locking cloudflare out

I’m going on a trip tomorrow and not gonna bring my computer, so I decided to take one last check at my WordPress site making sure everything is doing fine. Then I saw recently all the bot like high count visitors are from a narrow range of IP from Singapore. I thought it’s just some good old crawler draining up my server, so I casually added the range to All In One Wp Security (AIOS)’s blacklist manager.

Then, without refreshing, I realized I recently setup cloudflare for all my site cuz my other site was DDoS’ed the other day. Couldn’t this happen to be cloudflare’s proxy server right? So I hit refresh. 403. At the same time, my Better Uptime incident alert came.

Bummed by my own stupidity, I think I should just be able to ssh into the server, disable all the plugins as usual, and back to the game. Well, after renaming both all-in-one-wp-security-and-firewall and all plugins at /var/www/html/wp-content/plugins/, I’m still getting 403. Usually all the plugin related issue got solved at this step without needing to restart service, I’m not sure why this time it didn’t work.

So I start to Google something like AIOS self lockout, trying to find where does it store the blacklist that I can quickly manually edit by command line. No luck.

I tried to disable cloudflare proxy at cloudflare dashboard, no luck. And I’m too lazy to switch DNS provider back to where I was using before.

I started to poke around more in the plugin’s folder, and eventually found the file that did the trick: /var/www/html/wp-content/plugins/all-in-one-wp-security-and-firewall/admin/wp-security-list-locked-ip.php.Seems like the IPs are stored at a table called AIOWPSEC_TBL_PERM_BLOCK. I just commented out the entire line here in the prepare_items() function. Refresh, back online, removed the IP range from blacklist, uncomment the line.

So, that was just a small stupid incident on a random Thursday night 9pm before a trip. 乁། * ❛ ͟ʖ ❛ * །ㄏ


If you find this blog useful and want to support my blog, feel free to:

Become a Patron!

How to setup RSS for notion blog using Zapier

RSS has became an almost obsolete concept that most of my friends nowadays never heard of, which is a shame. It’s simple, clean, accessible with correct setup, and most importantly, a highly productive system for information consumption.

Why do you need RSS

Compared to other information consumption form like feed from certain platforms (e.g. Instagram, Twitter) or newsletter, RSS (or atom) has a few clear advantages for consumers:

  1. No sponsored content inserted and pretending to normal content in your feed.
  2. You choose when to read rather getting newsletter pushed to a folder that you never get back to.
  3. No personal information is collected when subscribing. Like receiving broadcast, publisher has no way to trace receiver.
  4. No self-righteous algorithm telling you what order you should be reading your feed and making you miss the content you’re interested.
  5. User friendly interface provided by Modern RSS clients like Inoreader or Feedly making subscribe and manage feed really easy.

As a content creator, making your site available through RSS means that:

  1. More users will know when you have new content, no matter what platforms they usually use. Indie blogs are hard to keep track of without a universal feed, you can’t expect your readers to bookmark your website among tons of other blogs they’re interested in and check all of them everyday.
  2. Less readers miss your content because they happen to not scrolling the social platform you’re on the exactly the moment you post.
  3. Better performance on reader side and less stress on your server. RSS consuming platforms pull your content once and store on their platform, instead of your server feeding each individual visitor.

While popular blog/news website still generate RSS feed and are easy to subscribe, some of the content creators in this new era choose to publish their blog on non-conventional platform, like notion.

Notion blog is easy to setup and much more flexible than some simple article posting platform like telegra.ph or medium. Thanks to notion’s database system, content creators can customize their page with various views, filters and templates. Also it’s free for personal use. The only downside is, it doesn’t come with RSS feed.

Fortunately, automation workflow platform like Zapier provides an easy and free (for now) solution so that your notion blog (or frankly, any notion database) can generate RSS feed.

Continue Reading

The most unprofessional recruiter I’ve ever seen

Throughout my career in tech industry, all of the recruiters I’ve worked with are decent, or at least professional enough to coordinate me and the recruiting teams in their company without issue. Sometimes they’re slow in response or sounded less passionate about the job, which I totally get, everyone gets burnt out sometime. The worst case, they ghost people after interviews, that’s about it.

And I’ve been interviewed with at least 40 companies throughout my career, and talked to even more recruiters, so trust me I have relatively large data pool. Until now I didn’t even know recruiters, or any professionals from a major company, can deal with other people with such a low standard.

TL;DR: This is a story of me getting ghosted by a recruiter three times on scheduled meeting. Each time they sounded like previous events never happened and literally ignored all the alternative backup plans I provided or they promised.

TL;DR 2: Maybe I helped Dropbox Turing tested their AI email replying machine for 3 times?

I’m gonna say the company’s name but not gonna point out the person, just to pretend it’s not personal. I kinda feel like it should be. It’s one of the technical sourcer from:

Dropbox.

Continue Reading

The Perfect Phone for Casual Bird Lover – Samsung Galaxy S21 Ultra One Month Later

It’s been more than a month since I’ve been using Samsung Galaxy S21 Ultra, and I’m still constantly shocked at how good the 10x zoom is. In short it’s the best phone money can buy for almost all people. But I’m also surprised at the lack of reviews and appreciation for the zoom lens I’ve seen on youtube. So this review will focus on the zoom capability from a bird lover’s perspective. I’ve already done a full review, if you read Chinese click here check it out.

The 10x zoom, or zoom ability in general, is the most underrated feature for this phone, in my opinion. Back when you could only have two lens on a phone, I agreed that most people and I would prefer an ultra wide angle lens than a 2~3x zoom. Thus there’s a popular opinion of “Zoom lens are useless””Zoom lens are just gimmicks” among tech Youtubers. But this argument is so 2018. Nowadays all flagships have 3 or more lens, and the Zoom capability on some of them unlock you for a LOT more shot that you can never imagine.

Compared to Oneplus and many other companies’ approach of shameless wasting space and money on making the 4th lens a monochrome or shitty 2MP micro simply to pretend they have a higher end camera array, I prefer Samsung’s approach much more. A high quality 3x zoom, not only for zooming but also for that more close-to-human-eye perspective, plus a 10x zoom with killer stabilization, for wildlife, buildings, reading assist in distance, this is a casual bird lover’s dream.

It sounds less impressive thank it actually looks. This review is full of video and picture comparison, so connect to your wifi and let’s get started.

Continue Reading