openid

I like WordPress….  Honest… You may argue that there are other tools better and greater, but you know, for what I want, it is perfect.  I love the plugins.  They’ve allowed me to tweak my installation exactly the way I want it.

I’m a big fan of security, and when I heard of the Yubikey on the Security Now podcast, I knew I had to get one!  After a few weeks, my Yubikey arrived, and I started looking for some plugins that would help me secure my WordPress blog, and I came across this one by Henrik Schack.  After some email exchanges and code tweaks, I helped Henrik to get the plugin working great.  I ran it for a few weeks – no issues.

In the past, I tried to get openid working, but my plugin just didn’t want to authenticate.  It was strange.  When I entered my Verisign PIP ID, it worked, but when I tried to enter my own openid URL, it didn’t like the redirection.  I left it at that.  During the week I noticed there’s a new version of the plugin available, so I downloaded it.  After playing around for a while, I realised that my Admin SSL plugin was clashing with OpenID… I don’t know the exact reason, but after disabling Admin SSL, openid authentication is now working like a charm.

Admin SSL is a great plugin.  If you have an SSL certificate on your hosting plan, it will force your wordpress admin pages all over SSL.  Being security conscious, I wanted to do this, but after thinking about it, I realised that with openid, and using the OpenID authentication server from Yubico, I don’t need the Admin SSL plugin anymore.  So it works out great.

So right now, I only have the openid plugin running.  Henrik’s Yubikey authentication and the Admin SSL plugin are both disabled, but I still have the strength in security.  You may wonder why I’ve disabled Henrik’s plugin and went to OpenID.  I guess when you think about it, both openID and the Yubikey plugin will use the same Yubikey, so no harm in having 2 authentication methods… I wanted to extend the openid functionality to all my users too.  Not everyone has a Yubikey, but almost everyone could get an openid.

The last plugin I want to mention is Feed Locations.  If you’re a podcaster or a blogger using something like Feedburner, then this plugin is a must.  WordPress adds your RSS feed into the HTML, but if you decide to use something like Feedburner, you don’t want webspiders to detect your original feed — you want them to pickup a different feed.. This plugin helps you specify what you want that feed to be.

Allright, it’s coffee time, then time to record my next episode of podify.net