I like WordPress…. Honest… You may argue that there are other tools better and greater, but you know, for what I want, it is perfect. I love the plugins. They’ve allowed me to tweak my installation exactly the way I want it.
I’m a big fan of security, and when I heard of the Yubikey on the Security Now podcast, I knew I had to get one! After a few weeks, my Yubikey arrived, and I started looking for some plugins that would help me secure my WordPress blog, and I came across this one by Henrik Schack. After some email exchanges and code tweaks, I helped Henrik to get the plugin working great. I ran it for a few weeks – no issues.
In the past, I tried to get openid working, but my plugin just didn’t want to authenticate. It was strange. When I entered my Verisign PIP ID, it worked, but when I tried to enter my own openid URL, it didn’t like the redirection. I left it at that. During the week I noticed there’s a new version of the plugin available, so I downloaded it. After playing around for a while, I realised that my Admin SSL plugin was clashing with OpenID… I don’t know the exact reason, but after disabling Admin SSL, openid authentication is now working like a charm.
Admin SSL is a great plugin. If you have an SSL certificate on your hosting plan, it will force your wordpress admin pages all over SSL. Being security conscious, I wanted to do this, but after thinking about it, I realised that with openid, and using the OpenID authentication server from Yubico, I don’t need the Admin SSL plugin anymore. So it works out great.
So right now, I only have the openid plugin running. Henrik’s Yubikey authentication and the Admin SSL plugin are both disabled, but I still have the strength in security. You may wonder why I’ve disabled Henrik’s plugin and went to OpenID. I guess when you think about it, both openID and the Yubikey plugin will use the same Yubikey, so no harm in having 2 authentication methods… I wanted to extend the openid functionality to all my users too. Not everyone has a Yubikey, but almost everyone could get an openid.
The last plugin I want to mention is Feed Locations. If you’re a podcaster or a blogger using something like Feedburner, then this plugin is a must. WordPress adds your RSS feed into the HTML, but if you decide to use something like Feedburner, you don’t want webspiders to detect your original feed — you want them to pickup a different feed.. This plugin helps you specify what you want that feed to be.
Allright, it’s coffee time, then time to record my next episode of podify.net