This past weekend, I embarked upon a task of positively Herculean proportions. With Chrome 68 coming out and the continued emphasis by Google to ensure HTTPS is the default on sites, rather than HTTP, I decided to go ahead and add SSL certificates from Let’s Encrypt to, oh, 13 domains that I host, both for myself and for friends and family. (I had a lot of fun posting to my Instagram story about it, too!)
I’d done a test run with one of my domains earlier in the year and, though it wasn’t without a challenge or two, it seemed to go just fine.
The trouble, of course, came when dealing with various WordPress sites (including this one!) because how do you change ALL THE LINKS in ALL THE POSTS and ALL THE PAGES to HTTPS from HTTP? Well, thankfully, there are database queries and free plugins.
While I’ve generated and installed the certificates for all thirteen domains, one of them basically has no traffic, so I haven’t updated that WordPress database yet. Then, there’s another one that is just too daunting for me to bother with right now — two WordPress installations, plus my own hand-coding elsewhere, plus redirects galore… So I said to hell with it for now. I haven’t forced SSL on for either, but both are accessible via HTTPS. When I have more time, I’ll go through them both and force SSL on, after dealing with updating the references in the databases.
In addition to that, I redid my personal homepage at juliemartin.org. Not only does it also have SSL enabled (and forced), but it’s also mobile-responsive! It’s not as pretty as I’d like it, but it’s not bad for a quick redo. I also used PHP Mailer to create a contact form. Additionally, I put in a hidden field that humans can’t see (owing to CSS) as a honeypot for spammers and if that field is filled out, then the form fails to send.
It was in the creation of this form that I realized how much the form’s enctype matters, because if you choose the wrong one, it’s entirely possible that your $_POST array will be completely empty. It worked fine on my own local environment, but I suspect it was getting wiped out by my host’s mod_security in Apache, because I did get a couple of 406 errors, though they weren’t consistent. I spent a good amount of time on Saturday evening wondering why the hell my $_POST array was empty, checking everything, from making sure the form was set to POST to double, triple, quadruple checking the field names.
In the end, the enctype was the issue and everything ran beautifully once I fixed that up. I used Postman to test out a variety of differences between my browser’s POST request and finally found it.
Then I was able to easily code in the hidden field and the failure if there’s anything in it. (Fun fact: I’m pretty certain that the placeholder text in a form does, indeed, count when your conditional is if (!empty ($_POST[’emailaddress’]) though it would most certainly require more testing.)
Overall, I did a crapton of stuff this weekend, I learned a ton of stuff and my brain hurts sufficiently.
In other news, making moves towards ordering parts for a new computer. I’m getting pretty excited about it, not gonna lie.
Next post, pics of my living room setup, I promise. I just got a desk-mounted dual monitor stand from Amazon, which I am in love with and really makes my workspace look awesome.
Until next time!