I released version 1.4.5 of Verve SSL yesterday.  I updated the doctype so that the plugin will have better compatible with Internet Explorer.  You can download the plugin here.

Kevin

I released version 1.4.4 of Verve SSL yesterday.  I updated the code so that the  plugin will be bypassed and a message will be displayed on the top of the login page if JavaScript is disabled.  It will allow you to login with JavaScript disabled but it will not be a secure login.  If Javascript is enabled the plugin works as normal.  You can download the plugin here.

Kevin

I released version 1.4.3 of Verve SSL today, it includes code optimizations making the code better and faster when processing the case of the URL. You can download the plugin here.

Kevin

I released version 1.4.2 of Verve SSL this week, it includes enhancements making the plugin URL case insensitive. You can download the plugin here.

Kevin

I wanted to configure my WordPress blog so that it would use SSL for the WordPress login and for the Administration Dashboard.  I found plugins that would achieve this for me but it would not redirect back to HTTP when not on the login page or the administration dashboard.

To accomplish this I wrote a script that checks the location.pathname to see if it matches the regular expression “.*wp-.*”. This way it will only find a match if on the login page or the administration dashboard. I then created the next script to use if you browse the site while logged in. It changed the protocol to HTTPS, I made it all work by putting the PHP script in the wp-config.php that checks if logged in and then calls the scripts.

Kevin

<script type="text/javascript" language="javascript">
var protocol = location.protocol;
var hostname = location.hostname;
var pathname = location.pathname;
var href = location.href;
var wpAdminMatch = location.pathname.match(".*wp-.*");
if (protocol == "http:" && pathname == wpAdminMatch) { protocol = "https:"; location.replace(protocol + "//" + hostname + pathname) }
else if (protocol == "https:" && pathname != wpAdminMatch) { protocol = "http:"; location.replace(protocol + "//" + hostname + pathname) };
</script>

<script type="text/javascript" language="javascript">
var protocol = location.protocol;
var hostname = location.hostname;
var pathname = location.pathname;
var href = location.href;
if (protocol == "http:" ) { protocol = "https:"; location.replace(protocol + "//" + hostname + pathname) } else { };
</script>

$current_user = wp_get_current_user();
$Path=$_SERVER['REQUEST_URI'];
$URI='http://www.kevinverver.com'.$Path;
$feed_url ='http://www.kevinverver.com/blog/feed/';
$feed_secure_url ='https://www.kevinverver.com/blog/feed/';
if (0 == $current_user->ID && $URI != $feed_url && $URI != $feed_secure_url) {
    echo '<script type="text/javascript" src="/blog/sslcheck.js"></script>';
}
else if ($URI != $feed_url && $URI != $feed_secure_url) {
     echo '<script type="text/javascript" src="/blog/ssllogin.js"></script>';
}

I recently configured compression on a IIS 7.5 website, but it took a few steps.  I was not able to find all the steps required in one place so I thought I would post them here.

The first step is to make sure static compression is enabled in your ApplicationHost.config file like so:

<httpCompression directory="%SystemDrive%inetpubtempIIS Temporary Compressed Files" minFileSizeForComp="0">
<scheme name="gzip" dll="%Windir%system32inetsrvgzip.dll" />
<staticTypes><add mimeType="text/*" enabled="true" />
<add mimeType="message/*" enabled="true" />
<add mimeType="application/javascript" enabled="true" />
<add mimeType="*/*" enabled="false" />
</staticTypes>
</httpCompression>

Next we must change the javascript mime type in the ApplicationHost.config to:

<system.webServer>
<staticContent>
<remove fileExtension=".js" />
<mimeMap fileExtension=".js" mimeType="text/javascript" />
</staticContent>
</system.webServer>

The last step is to run an appcmd command that tells IIS to compress all pages not just pages accessed twice within 10 seconds, which is the default.

%windir%system32inetsrvappcmd.exe set config
-section:system.webServer/serverRuntime -frequentHitThreshold:1

Now we have static compression enabled in IIS 7.5.

Kevin

There is a cool Firefox and Chrome extension called Page Speed (http://code.google.com/speed/page-speed/).  It allows you to figure out what is making your web site load slowly.  One of the tips it gives is how to Minify JavaScript.  I found this great Minify tool called YUI Compressor (http://www.refresh-sf.com/yui/).  It allows you to paste your JavaScript or JQuery code into the website and it outputs your minified JQuery or Javascript code.  It can also minify CSS.  These two tools help me make websites that load much quicker.

Kevin

I host this blog on Godaddy, and I installed a SSL certificate but could not find a way to automatically redirect the user to HTTPS, without having access to IIS or upgrading to IIS 7.  So I wrote this script that works great for me.

<script type="text/javascript" language="javascript">
var protocol = location.protocol;
var hostname = location.hostname;
var pathname = location.pathname;
if (protocol == "http:")
{ protocol = "https:";
location.replace(protocol + "//" + hostname + pathname); };
</script>

This code does exactly what I wanted by replacing an HTTP with HTTPS if found.  I put this code in my default document and it worked great for me.

Kevin