Move to WordPress, and Why

wordpress on desk

I moved this site to official WordPress hosting ( about one year ago. I was using WordPress as my blog system since 2005 by moving away from Movable Type. My first site was setup on a LAMP server, then move to Media Temple Grid hosting, and then move to Linode VPS. After few problem and incident I decide move my site to managed WP with a paid plan.

Some times I receive message of asking comparing VPS hosted WordPress and, which is not an easy question to answer. I list reason why I move to and what I lost.

Why I move to

Security and Updates

Site security is important. And it was the main reason I move to a managed solution. I don’t mean how good the security in, but generally speaking they do security better than most VPS owner.

I work for a major IT company, and have client in Top 500 list. I know there will be risk of put my web server direct to internet. So when I deploy WordPress on my Linode VM, I put my Apache and database in an internal network behind a Haproxy.

Example of Haproxy with Let’s Encrypt

The software and proxy run on different VPS connect to private network with Firewalld on. I can only SSH to non-root account with ssh-key, not using password. And also have script for install Linux security update every 2 weeks.

Every thing looks great, but one day in 2017 I see my site was marked with security warning by Google. After check and file scan, several script has been found injected into WordPress plugin and program. The root cause was not found, the best guess was cause by security vulnerabilities in old WordPress version.

I have to complete rebuild those VM, and restore data from backup. But even update WordPress is not a difficult task, I did have experience of failed upgrade, and take me time to fix the problem. This is why I am looking for am managed service, and is the first option.

HTTPs and Let’s Encrypt ACME

I also using Haproxy for HTTPs offloading, and using Let’s Encrypt as my HTTPs certificate provider. But certificate provided by Let’s Encrypt have short expire date, so I setup auto renewal with ACME for update certificate every few weeks.

However, sometimes the auto renewal failed and causing Haproxy stop working. On the other hand helps me renew certificate without any problem.


I currently using Premium Plan from costs me 8.00 USD per month. Compare to VPS plan, cost me 5.00+20.00=25.00 USD per month, save my 204.00 USD each year.

I also using premium theme included in my plan, so I do not need to spend extra cost to buy theme, or safe time for develop by my self. And I don’t need to spend time to maintain those VMs.


There are some limitation of using Some of the limitation due to my 8.00 USD Premium Plan, and can be resolved by upgrade to more expensive plan. But other limitation can not work around easily.

Feature and Plugins

My Premium Plan don’t include plugin service. As a SaaS service, there is no more control other than WordPress dashboard panel, any extra feature not include in WordPress must require install a plugin. The cheapest plan with plugin support cost 25.00 USD per month.

Without plugin support some advance feature such as CDN, some show-box, google analytics are also limited.


DNS and Domain Name can providing one year free domain name for customer, but the best practice is register your domain name with major domain provider such as godaddy or I didn’t use free domain name provide by so I do not know how much I have to pay for next year, and I am not sure offer private Whois.

By default, require using their DNS, and DNS do support most of the DNS record type

But for user have large record list, or do not want to transfer DNS from or, you can create a A record to ingress IP addresses. I using following IP address provided by support:


They can be different from your site, ask support for conformation.

SANS in HTTPs Certificate

Certificate issued by under common name * My domain name list as one DNS record in SANs, with other user’s domain name. I can not have a http certificate with only my domain name in SANs list.

China Problem

I living in China, and sometimes blocked in China. Currently I using a workaround for this issue. This only cause problem for people visit my site from China.

Log and Visiter Metadata

On, I can only see visitor information from Jetpack. If you have plugin support, other traffic analytics service such as Google can be support. But unlike VPS, I can access raw log from Haproxy or Apache web server can and send to ELK on my data platform for archive or analysis.


The only problem for me now is raw access log and no plugin support. I use CDN solve the certificate and access problem. I don’t know is any SaaS provider will provide those access log, but before I see better stable WP managed service, I will stay in, and perhaps buy the Business Plan.

ThinkPad X220 24小时电池续航能力测试

我前段时间拿到一个ThinkPad X220的底座电池,在使用中和原装的6芯电池能达到10多个小时的续航时间。不过X220还有一块9芯的电池可以配合电池底座使用,Microsoft的Ben Rudolph就用9芯的电池和底座电池做了一次真实使用状况下中的耐力测试


数周以前,我得到了一台崭新的 ThinkPad X220,一台配有第二代Core i5,8G内存,160GB Intel SSD的12.5寸的个人电脑。它还带有一块9芯电池和一块可以附加在在底部的6芯超薄底座电池(原文是9-cell “battery slice”,不过底座电池应该是6芯)。联想声称X220将会是一台可以运行24小时的笔记本电脑,不过这仅仅是理论,不过实际将会怎么样呢?




第一排 从左往右

Seagate Barracuda 7200.12 250GB ST3250318AS
Western Digital Caviar 320GB WD3200AAKS
Western Digital Caviar Green 1TB WD10EADS
Western Digital Caviar 500GB WD5000AAKS

第二排 从左往右

Western Digital RE3 1TB WD1002FBYS
Western Digital RE3 1TB WD1002FBYS
Western Digital Caviar Green 2.0TB WD20EARX
Western Digital Caviar Green 2.0TB WD20EARS
Seagate Barracuda XT 2TB ST32000641AS

DIY Apple USB 充电器

同时要给多个设备充电是一件非常麻烦的事情,而同时要给2个iPad,iPhone,HTC G14,iPod Touch,iPod Nano充电就是一件非常痛苦的事情了,特别是给2个iPad充电。和其他用电器不同,iPad需要2A的充电电流,这意味着2个iPad就要用掉20W的功率。每个设备使用自带的原装充电器自然是好,不过数个充电器不仅仅占用数个接线板插口和桌面空间,而且非常不美观,所以多接口充电器便是十分必要的。


解决乱码,让Sublime Text 2支持GB2312和GBK

Sublime Text 2是一个非常不错的源代码及文本编辑器,但是不支持GB2312和GBK编码在很多情况下会非常麻烦。不过Sublime Package Control所以供的插件可以让Sublime Text 2几乎完美地支持CJK编码的文本。

安装Sublime Package Control非常简单,在Sublime Text 2上用Ctrl+~打开控制台并在里面输入以下代码,或者是官方提供的代码。Sublime Text 2就会自动安装Package Control。

import urllib2,os; pf='Package Control.sublime-package';
ipp=sublime.installed_packages_path();<br />os.makedirs(ipp) if not os.path.exists(ipp) else None;
open(os.path.join(ipp,pf),'wb').write(urllib2.urlopen(''+pf.replace(' ','%20')).read());
print 'Please restart Sublime Text to finish installation'

如果该方法不能正确的安装,也可以通过复制文件的方法直接安装。如果Sublime Text 2被安装在有中文的路径下,或者系统路径的%username%包含中文字符的话,可能需要进行手动安装。

  1. 打开Preferences菜单,并选择 Browse Packages…
  2. 系统会打开Sublime Text 2的Packages文件夹,回到上一级菜单,然后打开Installed Packages文件夹
  3. 下载并将下载的Package Control.sublime-package拷贝到Installed Packages文件夹(注意此处是Installed Packages,不是Packages文件夹)
  4. 重启Sublime Text 2

然后使用Ctrl+Shift+P打开命令行模式,在里面输入Install Package即可搜索需要的Package。一般使用“ConvertToUTF8”和“GBK Encoding Support”即可正常读取和写入CJK格式的文件了。

同样如果Sublime Text 2被安装在有中文的路径下,或者系统路径的%username%包含中文字符的话,可能需要进行手动安装这些Package,并把它们拷贝到Package目录下。

Sublime Text 2,几近完美的文本编辑器

Sublime Text 2是一个非常不错的文本编辑器。其目的就是为Vi/Vim用户提供一款界面更加友好,功能更多的源代码编辑器。Sublime Text 2不仅仅支持语法加亮、基于正则表达式的查找与替换、自定义语法高亮、自动括号匹配、自动完成等功能,对Python的插件的支持也提供了更多“自定义”的空间。

如何通过CLI配置Cisco SG-300交换机

Cisco SG-300系列交换机和普通的2层交换机一样可以做到即插即用,但作为一台具有管理功能的交换机,许多功能需要经过配置才能发挥最大的性能。Cisco SG-300的定位是面向中小企业的交换机,所以提供了与多种不同的用户配置界面——包括了通用的命令行界面(CLI)和更直观和方便的Web图形界面(GUI)。这里我们将介绍如何通过CLI来配置Cisco SG-300交换机