When Apple created the Macintosh, Steve Jobs also created the Laserwriter. It was Steve’s interest in “typography, graphic layout, and font design” that led to the Apple Laserwriter and the birth of what was then known as desktop publishing. Consumers had for the first time access to beautiful proportionally spaced type and fonts without having to go to a specialist offset printer. Apple made a little booklet called The Basic Elements of Design and it’s a wonderful introduction to typography, page layout and text-based graphic design. To this day, it’s the book that inspired me to love text based design. While the booklet is out of print, you can download a PDF of it here.
Blog
Use Cloudflare to Block Brute Force Login Attacks
The excellent Limit Login Attempts wordpress plugin will detect failed logins and put up its armoury of defences. Nothing showed its usefulness than seeing the number of attempts it detected. However, the plugin still requires WordPress to handle the failed attempt and only login attempts via http and https are handled. XML-RPC attacks and Bot-related attacks need another solution.
For my setup, I only need admin login to WordPress from one IP address. This is where Cloudflare’s content distribution network and it’s Web Application Firewall can provide excellent protection.
The WAF is extremely easy to setup and all you need to do is add the IP addresses that you want to allow into a rule that will block access except for the addresses you have specified (see screenshot).
This will block not only brute force login attempts but also XML-RPC and related attacks from even reaching the wordpress server.
Lightroom Tip: Review and Select Photos in Library and NOT Develop mode
I’ve been using Lightroom from the very first version and I’ve now just realised I’ve been reviewing and selecting my images in the wrong mode. Like many, I thought that if I created Standard and 1:1 Previews it would speed up Lightroom in scrolling from image to image. But LR was still excruciating slow in some situations, eg when an image has lots of complex adjustments, scrolling from or to that image would just bog LR down to a crawl. Especially if there were a sequence of images with heavy adjustments.
It turns out that for simply scrolling and selecting images, make sure you’re in the Library module and NOT the Develop module. In Library, LR will use the image’s standard preview and scrolling is lightning fast. You can make sure you’re in that mode with the keyboard shortcut “E”. It’s an extra key stroke but the difference is night and day. So after editing an image in the Develop module, hit the E key before scrolling to the next images if all you want to do is review.
Fix for iOS and iPadOS apps bypassing AdGuard Home using DoH
When Apple allowed apps to specify their own encrypted DNS server, this was a convenient way for apps to avoid ad-blocking DNS servers. I got tired of the Gmail app on iOS and iPadOS bypassing my AdGuard Home DNS server, just like it can bypass similar blocking services like PiHole. Another example is Safari browser on iPadOS and iOS in Privacy mode will bypass your DNS servers and use an Apple specified DNS over HTTP server. If you use a standard (ie unencrypted) DNS server, this will be bypassed.
It turns out it’s relatively easy to stop this from happening.
You need to specifiy a DNS over HTTPS (DoH) server via a configuration profile as this will override any specific DoH server that has been done in an app. Since AdGuard Home can serve as a DoH server, all you have to do is turn on this feature and install a configuration profile that points to it.
The steps are:
- Turn on Encryption settings in AdGuard Home (see screenshot above)
- Use your preferred method of getting a SSL certificate for your AdGuard Home server. LetsEncrypt is the most common method
- You’ll probably want add a rewrite rule to point the name of you DoH server to an internal IP address
- Download iMazing, the excellent and free Configuration Profile tool
- Make a profile with a DNS Setting payload (see screenshot below)
- Save and install the profile on your i-Device
No more AdGuard bypass by apps!
Amex PDF statements missing fonts
Around November 2023, American Express Australia changed the format of the PDF statements by not embedding the font. This made rendering of the page virtually unreadable on macOS. Inspecting the PDF shows that it uses two fonts from the Bento Sans family.
To make the pages render properly, the fonts can be downloaded from sites like https://fontsgeek.com/tagged/styles/bentonsans
After installing the fonts, restart your PDF reader and all should be good.