yii2-simple-auth v1.0.0

Today I released new extension for Yii 2yii2-simple-auth. It provides components for easy authenticate and validate the HTTP request. Each request gets its own unique token with the expiration time, so no passwords or keys are sent with the request – it should be safer than basic access authentication when you don’t use https. Read README on GitHub to get more info.

In addition I create simple helper for official HTTP client for Yii 2 – yii2-simple-auth-yii-authenticator.  It simplify authenticating requests generated by official yii2-httpclient.

Both extensions are already used for some time on Salenauts and Łowcy Gier to authenticate communication with internal API, so you can consider it as tested and stable :).

Https for the New Year

Changing hosting has opened a new opportunities, among other things it became possible to use my own SSL certificate for domain. For some time I tested https on site and free certification from StartSSL. IMO tests were quite successful, and the New Year is a good time for a changes. From now https on page is forced and all traffic will be encrypted.

Unless you have a very outdated system and browser, there should be no side effects – page requires a SNI support, so if for example you are using Windows XP and IE 8, you can not be able to open it. But this is one of the less important problems what you have with this configuration. 😀

WordPress multisite – a rewrite infinite loop bug

WordPress multisite – a rewrite infinite loop bugWordPress multisite – a rewrite infinite loop bug

When I create my new home page I use WordPress multisite feature. By the way, I noticed an interesting bug. When I try to view such a non-existent image from wp-content directory, the server returns an error with code 500 instead of 404. At first I thought it was a problem with hosting, but it turned out to be a bug in the default configuration of .htaccess for WordPress running as a multisite with path-based network. Read more