Further Information For Windows IIS users and Pixgallery
After more extensive investigation it appears that Windows IIS users who are utilizing WordPress and Pretty Permalinks might need to consult the following webpage for information on a fix that is needed to fully support this Apache feature: http://neosmart.net/blog/2006/100-apache-compliant-request_uri-for-iis-and-windows/.
It appears that the use of certain standard Server variables is not followed under the standard install of Apache on Windows IIS, which causes issues when mod_rewrite (that which allows the Pretty Permalinks to exist) is utilized. This has lead to some issues using my AWSOM Pixgallery plugin on IIS servers with Pretty Permalinks enabled. I can’t guarantee that the information on actions described on the above website will correct all issues when using AWSOM Pixgallery on these types of set ups, but it’s probably most of the reason why the issues are occurring. I’ll try to see if there is anything I can do from the plugin side of things, but incorrect information at the server level makes it very difficult to compensate for this issue.
Another Comic moves to WordPress, yada, yada, yada….
Ok, Yeah, it’s really getting old for me to say this, but yet again another webcomic is moving over to WordPress: Starslip Crisis. The same stuff I’ve been saying for awhile…., now I can’t wait for another site to start up the “Yet again, another webcomic is adopting AWSOM.org plugins….”
Yet Another Troubleshooting Page Update
As AWSOM Pixgallery becomes more popular (thank you!) I have been receiving more info on corner cases where it does not work properly. Most of the time it is in regard to improperly set up server settings or other non-standard situations install situations. In particular, it appears that Windows IIS server versions of PHP often do not have the proper GD image library set up in place to allow image manipulation functions to occur. In this case, Pixgallery will either give a string of PHP errors, or the gallery page will not fully load. There are a ton of websites talking about this issue and how to resolve it to get GD installed, so google is your friend if you run an IIS server.
Security a focus as WordPress Matures
The typical scenario of any software project is “get it working first, we’ll secure it later”. This is particularly true of Web packages, since it’s not easy in advance to know all of the possible issues you may run into across all of the possible server instances that exist. WordPress has now become enough established that the idea of “hardening” it against attack is starting to become a major focus. One of the easiest ways to start doing this is to eliminate the known database table structure, so it’s harder for hackers to try to inject password searches or other methods of gaining higher privileges on your server or WordPress. In my tutorial on setting up WordPress I try to stress that you should always change the generic database prefix “wp_” to something completely random to help accomplish this. Unfortunately many people missed this step, or set up their WordPress using an installer program that does not allow this change.
All is not lost though. I have recently discovered a plugin that might help. The folks over at BlogSecurity.net have developed a plugin for WordPress that is designed to alter this prefix. WP Prefix Table Changer gets activated like a regular plugin but will alter things so that you have this vulnerability fixed.
This is a very minor thing to do, but every little security step you can take enhances your overall stability and makes you less of a target.
AWSOM Plugin Troubleshooting page updated
I’ve added a few new entries to the AWSOM Plugin Troubleshooting page to help explain a few issues that have been recently reported for some of the plugins. In particular there is a possible issue in regard to images hosted on external servers (like Flickr or Photobucket) and server security settings that can cause a page loading issue with Pixgallery.