When I started working at Automattic, it was just me and Matt, and two servers. A web server and a MySQL server. I knew the root password to WordPress.com. I needed it as I spent a lot of time tuning the MySQL server in those days, but I was thrilled when we got some real systems people on board like Barry. I have to admit to a certain sadness when I ran sudo and the password didn’t work, however.
Automattic in 2006, when my luggage was delayed and I was wearing a British Airways tshirt.
When I started working at Automattic, many of my colleagues I work with now, were still in school. There was a time at the start of this year that my team had the first employee and the latest employee on it. I didn’t have any grey hair then, and well, I have some now, and I make jokes about the “old days” but there are quite a few of us boldermatticians.
I spent most of my time working in Vim, in an SSH session, but that’s changed to VS Code and Cursor in recent years. I tried the Vim extensions for those, but they never felt as good as the original.
Now, it’s the upstart AIs that are disrupting everything related to my job, but while it certainly feels like it’s making me a lot more productive, apparently it’s making me dumb too. Time will tell. Andrej Karpathy uses a number of analogies in this video at Y Combinator, but one thing that resonated with me was his comparing the state of AI to computing in the 60s. There were massive mainframes that people used thin clients (or punch cards!) to interact with them. In 2025, the AI is this brain in the cloud we talk to and ask questions of in a chat window. What’s it going to be like in another twenty years?
The Speculative Loading plugin for WordPress is a plugin you should probably try out on your site, especially if you use WP Super Cache or Jetpack Boost to cache things. It uses the new speculation API that Chrome/Edge supports to load pages in the background if you even hover over a link.
It will dynamically prefetch or prerender pages before they’re requested by the visitor on your site, which means that the page will show instantly when the visitor actually clicks the link.
It doesn’t work in Firefox yet, but it won’t hurt either, as the browser will just ignore the extra bits and pieces added to the page.
The default “moderate” eagerness works fine for me. The “eager” setting appeared to load links if the cursor got anywhere near them, which was a little too aggressive.
You won’t notice your browser loading the page in the Network tab of the webdev tools, but if you tail your access_log, you’ll see the requests go through when you hover over the links.
Browse around this site, or take a look at my photoblog for a feel of what it does.
There’s more info in the make blog post about it, and this insightful comment about the wastefulness of loading pages that might not be used, especially for visitors on limited data plans, or low powered devices. That’s definitely something to think about before using this plugin. I may yet remove it later, and I’ll update this post if I do.
Today saw the release of updates to two plugins I work on. The first, unsurprisingly, is WP Super Cache, and it’s a bug fix release. It fixed a PHP8.2 warning, adjusted some labels on the settings page, solved a problem with “late init” and POST requests, and some other changes, but the major news I want to share is not about that plugin at all.
I’m on the Jetpack Boost team in Automattic, and for the last month or so, we’ve been working on adding a full-page cache to the plugin!
Jetpack Boost is already a pretty remarkable plugin, with what it does to CSS, JavaScript and images, so a page cache was an obvious next step.
If you’re already using WP Super Cache, but you’re not using any of the advanced features, I think you should give Jetpack Boost a go. It works really well at serving cached pages fast. Jetpack Boost will be a drop-in replacement if you have these features enabled in WP Super Cache:
Simple caching
Caching Disabled for logged in visitors
Garbage collection set to one hour.
You’ll have to disable WP Super Cache first before trying Boost Cache, as they both rely on the same mechanism to load. Disable Jetpack Boost to go back to WP Super Cache. You can enable Boost again, without using the Cache module, and the two plugins will happily co-exist.
I’ve been using it here for the last two weeks, and it has worked flawlessly. I post images daily on my photoblog, and they get shared to Mastodon, where the expected deluge of requests from hundreds of servers happens each time. Between Jetpack Boost and WP Rest Cache, my server barely noticed. Just like with WP Super Cache.
“If it performs just like WP Super Cache, why should I use Boost?” I hear you asking. For some, you’ll need the extra features of WP Super Cache, but otherwise, Boost may be just what you need. Apart from the cache, it also has remarkable features that will squash your CSS and JavaScript in various ways that load super quick. Give it a go, and let WP Super Cache handle the cache if you need to.
If you’re still here, read on, and I’ll give you a whirlwind tour.
Boost supports an exception list like WP Super Cache does, and logging of activities in a similar, but easier to use way.
To simplify caching, only requests by logged out visitors are cached now, but that’s the recommended way of using WP Super Cache too.
Developers: like WP Super Cache, it also supports the “DONOTCACHEPAGE” constant. If you define that while a page is being created, then Jetpack Boost won’t cache it. If you can enable it before the page loads, then the plugin won’t serve a cached page either, but that will be difficult since the cache system loads so early.
To learn more, there’s a fine manual to read. It explains in detail how to enable the cache and how to use it. Yes, I’m biased, but I think you should give Jetpack Boost a go! Caching helps a lot, but the extra CSS and JavaScript features help render the page quickly once loaded.
Pebble, aka t2.social, was a short lived social network like Twitter. Last week they sent out emails to all their users to tell them that the site was shutting down on November 1st. I first came across it thanks to Topgold, but it was always a small site. In a crowded section of the Internet, another Twitter clone would have a tough time competing.
I hadn’t posted much there and wasn’t going to download my data, but this post by Eugen Rochko caught my attention and reminded me to go visit.
If #Pebble was part of the social web, they would have had a network of 1.8M active users, not 1,000, and perhaps wouldn’t have had to shut down.
Eugen Rochko
Maybe it would have survived, but it would have had to be extra special and offer some compelling features to compete with all the “free” Fediverse servers out there. The Activity Pub plugin for WordPress recently hit version 1.0 and was launched on WordPress.com too, so potentially millions of new Fediverse sites are coming online, all of which are on more mature software.
I started work at Automattic 18 years ago today. Matt offered me a job working on a new WordPress based website a few weeks before. I had just bought a house the year before, I had become engaged the month before, and left my old job at the same time, so I jumped at the opportunity to work on WordPress full time!
It started out small with us working on 2 servers and an invite system. I felt I was doing as much admin on MySQL and Apache as coding. More people were hired. Many of them are still at Automattic. We worked on lots of cool little things like the global tag system, and so much else that I’ve forgotten about. Then moving onto the billing system because I had done billing at my previous job, then on to Crowdsignal, on to Jetpack Forms and finally onto the team working on Jetpack Boost and WP Super Cache.
WordPress.com is unrecognisable from what it was 18 years ago, but if I run “blame” on the right files, I’ll sure I’ll still see my name on some ancient code nobody has touched in all that time.
Fast forward 18 years, and I’m in the same office at home. I definitely made the right decision that day in 2005.
What does that even mean, though? WordPress is the community of people who have built it and contributed to it over the last two decades, and before that, when it was a little known blogging package called b2. So, thank you so much to everyone who has contributed to WordPress over the years.
WordPress has given me, and countless others, many opportunities we couldn’t have dreamed of. Just over two years after WordPress was first released, I joined Automattic. Working on two machines, Matt and I started work on the first WordPress.com. Here I am, almost 18 years later, and still working on WordPress related software. What a journey. Matt marked the occasion by announcing a generous scholarship programme. Matt was also on stage in London with Mike Little and Dries Buytaert last week in a conversation I must listen to yet, but I’ve heard some good things about it WRT Gutenberg.
Anyway, it’s almost midnight here, but I wanted to get some words down on this blogging platform we all love. May we all be here for the next twenty years.
Oh, and before I go, you can hear me say a few words about meetups at Automattic in the latest episode of the Distributed podcast. It’s edited well, that’s all I’ll say!
Earlier this month I noticed that a particular bot that likes to visit my website, “MJ12bot/v1.4.8” seems to be particularly attracted to the “reply to comment” links generated by my blog. Those are links that bots see, but we see the “Reply” button that uses JavaScript to reply to a comment.
To be honest, it’s pretty annoying to see a bot constantly fetching those URLs from my website. Earlier this month, it was on a roll and grabbing several dozen at a time. While my server can handle the traffic without any issues, who wants a bot trampling over their server?
I decided to stop them in two ways:
Redirect them back to the post in a mod_rewrite rule.
Block them in robots.txt and hopefully the bots will go away.
Coming up with a mod_rewrite rule was surprisingly hard, but after mentioning this on Mastodon I received a reply from Jos Klever who figured out I needed the QSD flag. So, to spare you the hassle of researching it, here are the mod_rewrite rules that worked for me. It causes a 301 permanent redirect to the anchor tag of the comment. Add this to your .htaccess file.
Blocking requests like this in the robots.txt is much simpler. WordPress can generate the robots.txt file for you using the robots_txt filter. Add the following to a mu-plugin PHP script.
I haven’t received many comments on my posts lately. However, I stumbled upon some interesting posts by clicking the RANDOM link above, which I decided to examine as part of my research. During my search, I delved deep into the blogosphere of the past, almost like being an archaeologist, because some links were no longer available, and I had to search for them on archive.org. I was also pleasantly surprised to find that a link to a GIF from 2005 was still alive!
You might not be on Mastodon yet, but your blog could get a torrent of traffic from Mastodon, or other Fediverse network if it’s shared there.
If your website is mentioned there, it might be the “victim” of an inadvertent denial of service attack, as hundreds or thousands of servers request the URL in the 60 seconds or so afterwards. That is precisely what JWZ blogged about last month when his site was taken down by Mastodon servers.
Every time I do a new blog post, within a second I have over a thousand simultaneous hits of that URL on my web server from unique IPs. Load goes over 100, and mariadb stops responding.
JWZ has over 8,000 followers. Every time he shares a post on Mastodon, the instances (servers) where those followers live will send a request to his blog to generate a preview. Actually, two requests will be sent:
A request for the wp-json embed for the page.
A request for the page that was shared.
Eventually, he blocked the Mastodon user agent. That stops previews of his website showing up on Mastodon posts, but resolves the problem for his website.
Yesterday morning, I decided to see what effect sharing a link on my Mastodon account would have on my server. My Mastodon account has 1.8K followers. A far cry from the number of followers JWZ has, but still enough to test my server.
I wanted to test several scenarios:
Caching the post before sharing.
Changing Apache configuration.
Sharing without caching on my server.
My server is at Linode. I pay an average of $24/month to run this site and my photoblog is on it too where I share a daily photo + link on Mastodon. It’s not a heavy-duty server that can withstand a huge amount of traffic.
If you’d like to skip the details, my server coped fine with sharing a URL from here to Mastodon. The load average went up for about 20 seconds, topping out at the max for about 5 seconds before things calmed down. It was responsive the whole time. Install a full-page caching plugin like WP Super Cache, Jetpack Boost and WP Rest Cache and your site will probably be fine. Jetpack Boost and the Jetpack Image Accelerator will help when human visitors arrive.
1 minute load average topped out at 1.34 for 5 seconds.
The page was cached by WP Super Cache, but I had set the garbage collection TTL to 60 seconds and I believe it expired halfway through the test, so it had to generate the cache again. Once I adjusted that, and set the TTL to 600 seconds, the second test performed better. The page remained cached throughout:
273 requests for the page embed.
289 requests for the page itself.
1 minute load average topped out at 0.71 for 5 seconds.
The main points of my Apache configuration:
Keep alives are disabled.
5 start servers
Minimum 10 spare servers
When I reduced the start and minimum spare servers to 1, the next test took longer to complete, and the load average rose to 1.24, even on a fully cached page. This was expected as the server didn’t have the spare capacity to deal with the sudden traffic.
After reverting the changes to Apache, I disabled caching on my blog and shared another URL. The load average only rose to 1.12 for a very short time. I was pleased with that. While caching does help, my server could cope with that traffic.
A sample of the user agents used by Mastodon instances hitting my blog for previews
I suspected that there was one hit per Mastodon instance on my site. I checked my logs and was proved right. For all the accounts that follow me on mastodon.social, only one request was made. That does mean the onslaught of requests isn’t as bad as it might be. Instead of 1,800 requests for a page, there were far fewer. I did notice that a Friendica instance requested one of my test URLs several times.
Mastodon and other Fediverse servers will start requesting a preview within a second of you sharing your post on the network. It helps if your server is running some sort of caching.
If you have many Mastodon followers or if you’re worried about a DDoS from Mastodon, the following will help:
Make sure Apache/Nginx has the spare capacity to grow quickly and respond to a sudden torrent of requests.
Use “expert caching” in WP Super Cache which serves the cached page using mod_rewrite. That will mean your blog post is served almost as fast as requesting a text file from the server. No PHP is executed at all.
Install WP Rest Cache as it will soon cache the embed page request.
Install Jetpack and enable the Image Accelerator and Jetpack Boost for human visitors who come later.
This problem has existed for a long time. Popular blogs had the same issue when they published new content and people following their blogs (through RSS feed readers, remember them?) hit the server looking for the new post. At least with Mastodon, you can load the post in a private browser window and cache it before sharing it. I want to write a WP Super Cache add-on plugin that allows the site owner to preload a new post as it’s published. That will ensure the new content is ready for sharing. I haven’t started work on that yet, so don’t ask when it’ll be done. Maybe someone else will beat me to it and claim all the credit!
Before we start, do you know what Mastodon is? It’s sort of like email, where you can send an email from gmail.com to a yahoo.com account, except it looks very like Twitter. This pcmag article is a good introduction to it. Jeff Jarvis wrote a good post too, and Time Magazine interviewed Eugen Rochko, the founder of Mastodon that you should read.
This weekend, a probably sizeable chunk of #IrishTwitter migrated to Mastodon. We’re not the only ones. Twitter has been getting more hateful and acting as an echo chamber for lots of horrible people over the years. The sale of Twitter to Elon Musk, the firing of half the staff, his pronouncements of “free speech” all point towards the site being less regulated, less maintained and less moderated. You can’t deal with complaints if there’s nobody there listening to complaints of harassment or hate.
(No we didn’t)
I don’t doubt that many of us will continue to visit and contribute to whatever Twitter becomes. Over the last few years, most of my interactions there have been publicising my blog posts. All I could see on there was angry tweets from different people, or people who were broadcasting their top ten ways of doing X, Y or Z. Hardly any actual conversation.
So, Mastodon. I woke up early on Saturday morning and discovered there was a #TwitterMigraton to Mastodon. I already had an account on mastodon.social but Irish Twitter was moving to mastodon.ie, and that’s where I went too, creating @donncha@mastodon.ie.
Judging from what I’ve read elsewhere, all mastodon instances are experiencing a HUGE surge in user registrations as people look for an alternative to the stinking sinking ship that is Twitter.
On Saturday, the admins of mastodon.ie ran into performance difficulties as they dealt with the influx of new users. The site slowed down and people couldn’t upload images. Over 6,000 people are on that instance now.
Remember the early days of Twitter?
The admins increased their hosting plan, eventually maxing out at the top tier. To pay for hosting they asked for donations. Right now they have raised over €4100!
How do I add my WordPress blog to Mastodon?
It’s mostly straight forward. Install these two plugins:
The installation instructions are unfortunately not great. After you install both plugins, go to your Profile page (Users->Profile) and scroll right to the end. Down there you will find your profile identifier. It will look like @author@hostname.tld. For this blog that is @donncha, and I have my photoblog at @donncha. Search for those on Mastodon and you will find my two blogs. Please feel free to follow!
When a post is made and shared on Mastodon, it allows others to reply. Those replies to the toot on Mastodon will be sent to your WordPress blog as a comment! That blew my mind when I discovered that!
Troubleshooting
I discovered that running the plugins on a multi-site WordPress install will cause problems. Instead of activating it on the root install, you need to activate it on each one. I presume that’s maybe because the rewrite rules are added on plugin activation, but that’s just a guess.
If you have caching you might want to turn it off, or at the very least disable caching in /.well-known/ as that’s where Mastodon and other services will query your server for updated information.
It can take 10 to 15 minutes before a new post is seen. Be patient!
Why not?
There’s one reason you might not want to do this. Your blog will be on a Fediverse instance by itself. Your blog posts will only show if someone is following it, or you boost the toots on Mastodon, or in the Federated feed. They won’t show in the Local Feed of your Mastodon instance. The best way around this is by careful use of relevant hashtags, but please don’t spam them, or you’ll be blocked.
Alternatives
You can hook your WordPress blog to your account too. I haven’t used them, but I saw two people use these plugins. Those posts will appear in the Local Feed of your Mastodon instance, which is a plus for discoverability.
You can also use IFTTT if your site can’t run plugins, and you have an RSS feed. Some details in this blog post. Thanks Sandy for that link!
I’m very excited about this. Is it too early to say that there’s enough momentum to sustain a #IrishMastodon community? I hope it succeeds.
Edit: George has a guide on his blog explaining how to do the same thing but points out that you need the WebMention plugin to receive replies as comments. I saw replies to my toots appear here as comments, but only if they were direct replies. If I replied to someone who replied to my blog that reply wouldn’t show as a comment, and I just tested that again and WebMention doesn’t change that, unfortunately.
Matthew Thomas has created a remote follow tool called apfollow, with source available. This creates a page where you can follow a Mastodon account by entering your own details in a box and it redirects you to your home server to do the follow. Here’s a link to follow my Mastodon.ie account. It fails for me, but maybe that’s something to do with mastodon.ie settings. I’ll fill out a bug report but it looks promising.
Close
Ad-blocker not detected
Consider installing a browser extension that blocks ads and other malicious scripts in your browser to protect your privacy and security. Here are a few options.
uBlock Origin is a free, open source, ad blocker for your browser.
Use pi-hole if you have a spare Raspberry Pi on your network.
Set the private DNS settings on your phone to dns.adguard.com to block adverts and trackers.
