Problems creating new posts using WordPress 5.2.3

I recently tried to post a blog entry after upgrading WordPress from v4 to v5 and discovered that I couldn’t save a draft or publish it. The diagnostic in the console wasn’t all that helpful to me. Entries such as

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at (Reason: missing token ‘x-http-method-override’ in CORS header ‘Access-Control-Allow-Headers’ from CORS preflight channel).
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at (Reason: CORS request did not succeed).

This came as quite a surprise and challenged my ability to work out how to fix it. Fortunately I eventually discovered mention of a change of editor (which I had noticed) and that the old one was available so I installed it and my problem was solved. I still don’t understand what is going on with CORS but I have a viable workaround.

Implementing DKIM and DMARC

Attending the Global Cyber Alliance’s DMARC Bootcamp has motivated me to move past just implementing SPF and so implementing DKIM and DMARC too. So far the bootcamp hasn’t talked about implementation details but searching the web turned up some useful tutorials on how to implement it on a Debian host using postfix and bind9. The first one was

I didn’t need the SPF instructions but the DKIM ones were very useful. At step 8 it sets the algorithm as “rsa-sha256” but I changed it to “sha256” instead. This means that the “txt” file generated can be simply cut’n’pasted into the DNS without modification. I use bind9 rather than Linode’s DNS manager so I didn’t bother joining the multiple parts of the public key as bind9 was happy with the record as it was (always handy when you plan to create a script to update it).

I chose to make the selector more specific, in case I needed more than one update a month while I was debugging it but maybe a single digit would have been sufficient and I used an inet socket rather than a local one (for no particular reason).

The section on DMARC in this tutorial only configured the DNS record so I had to search for another page to find out what to do with it and I found that at

opendmarc is in the standard repository so there is no need to play with backports. I added “IgnoreAuthenticatedClients true” to the opendmarc.conf file to take into account that users use an authenticated submission to send email. Without it there was an erroneous Authentication-Results indicating that dmarc had failed for This didn’t seem to have any impact on sending email to Google but I wanted to get rid of it.

Applying the mysql schema also turned up a problem when creating the domains table failed. It looked like it should have worked but it would seem that a character was larger than I expected. I added “DEFAULT CHARSET=utf8” to the domains and reporters commands to get around that problem.

When I first used the report_script I executed it in a directory that opendmarc couldn’t write in so the opendmarc-reports script failed. It seemed prudent to modify the script to “cd ${WORK_DIR}” even if it was only to be accessed via cron.

I haven’t modified spamassassin’s rules as I want to check the SPAM like email I receive to see if it would make a difference.

So far I’ve received aggregate reports from Google and Oath. It would seem that a number of sites in China are trying to send it email using my domain while the Oath report showed an attempt from Taiwan.

Updated the web site again

I’ve changed the theme again and gone through the web site updating the photography pages so that they use a common configuration (and should use the theme’s font rather than some random one). I have tried to implement a content security policy, centralised the CSS and cleaned up the javascript.

Rebuilding the web site (again)

I discovered that the plugin I was using to display photos on my web site is no longer being developed or supported so I thought I better hunt down some new software that I was happy to use going forward.

Of course things like that don’t just stop there, after finding three different slideshows that might work, as I decided to try to make the web site iPhone/iPad/Android friendly and that took me down the Rapidweaver Theme rathole where I found that my original photo plugin didn’t play nice with newer themes.

So now I’ve rebuilt the web site using a new responsive theme, and found an app to build slideshows straight out of Adobe Lightroom. Only problem now is converting all those old slideshows into new (and improved) ones. Not helped by the lack of photo cataloging of the older photos.

It sounded so simple in the beginning…

DNS problems

Discovered why some people (including me here in Longyearbyen) are getting my old web site rather than the new one. It seems that the Internode name servers haven’t updated. Looking closer it seems that Internode is using one to do the transfer and it’s being denied as it’s not one of the actual slaves. Fixed that but it seems that there is a race condition too. Had to update the SOA three times and get my server to send notifys to the Internode server to get it to a state where the rest of the data is up to date. Now need to wait for caches to refresh. Maybe tomorrow…

WordPress for iOS hates my self signed certificate

I thought that I would be able to use the WordPress app to write stuff in my blog while I am overseas and not lugging around a laptop but it seems that it doesn’t like self signed certificates. I can be sure though as the diagnostic isn’t particularly informative. It’s not clear which signing authority would be acceptable either.

Using Safari works though, assuming this post makes it 🙂 so all is not lost.

More saga with the web site

I received a report that the Phonebook page wasn’t long enough to display all the entries when viewed using Internet Explorer. I was trying to use the “widget” feature in the new version of iWeb but it would seem that using it allowed the browser to select it’s own font to render the list and this combined with the javascript specifying the length of the widget resulted in the bottom part of the list going AWOL. Extending the length didn’t help overly, even after I was pointed at Eventually I ditched the “widget” and added the contents to the web page but I’m not sure that has even fixed the problem with Explorer.

Some of the systems in browsershots also seem to cache pages which makes things difficult. I have been changing the image at the top of the page (now lavender) every time I change the page so I don’t get sucked into thinking the latest change didn’t do anything.

iLife ’08, some good and some bad

iLife08The new iLife arrived today so I thought I would give the new iWeb a spin. While the web widgets seem like a good idea and allow embedding of HTML easily enough the placement and formatting around it needs work.

I am also not so sure that the Photo Albums template is an improvement. It seems like a good idea except I can’t find a way to select the photograph it uses as an index (aside from reordering the photos so the one I want as an index is first) and then the resulting page takes an eternity to load (I only tried from local storage, it may work better from a web server but I find that hard to believe). The slideshow should cope better with photos in portrait format rather than scale them so they are the same height as the landscape ones. Also if you change the background colour then don’t make it white since that will make the captions “disappear”.

There are certainly more knobs to play with but having a preference panel with default values would be a fine idea if you want a consistent site.

iWeb Annoyances

I’ve been using iWeb to create the new site and it is a fairly painless web tool to use but it would be nice if the templates didn’t have their own default image. This is especially annoying for the Blog type page since you’ve got to remember that it’s not just one page but three pages and you need to “fix” the image in all of them. This is even more annoying than not being able to change the template for an existing site or adding some hierarchy to the site. Also not every blog entry needs an image but the format of the page makes it look pretty weird without it.