I made a new minimal icon for the fantastic Lyx document processor. Here’s the 512×512 icon Lyx icon suitable for using on MacOS (and probably other OSes); and here’s the Lyx icon SVG source.

On MacOS, you can replace the default icon by doing “Get Info” on the application file, copying the image from Preview, then pasting it into the icon square in the top left corner of the Get Info window.

One of my essential tools is having multiple rows of tabs in Firefox. Yes, I’ll admit it– I often open many, many tabs at once while doing research. And even when I’m not doing research. Multi-row tabs should come built in and accessible with a config setting, but it doesn’t. Over the years I had been using snippets of custom CSS I downloaded from random places on the Internet to do it. But the recent Firefox update (89) introduced a new user interface style called Proton that’s on by default. It broke my multi-row tabs…

So how do I get it back?!?

It took some research, but I found a good way to do it. With this change, I love the new Proton UI. And I have multi-row tabs back. Clone or download this git repository: https://github.com/aris-t2/customcssforfx

The Proton configuration is in this file: multiple_tab_lines.css – install that as the userChrome.css file or add the contents to a userChrome.css file. Here’s the directions in the file:

1. Open profile folder: address bar > about:support > Profile Folder > Open Folder
Create “chrome” (sub)folder.
Save this file as ‘userChrome.css’ inside “chrome” folder or add code to an existing userChrome.css file.

2. Open config area: address bar > about:config > modify/add the following values/settings:

toolkit.legacyUserProfileCustomizations.stylesheets > true || enables custom style sheets
browser.compactmode.show > true || shows ‘Compact mode’ in customizing mode
browser.uidensity > 1 || enables compact mode
browser.proton.enabled > true || enables proton mode
browser.proton.contextmenus.enabled || enables proton context menus
browser.proton.doorhangers.enabled > true
browser.proton.modals.enabled > true
browser.proton.places-tooltip.enabled > true

3. Restart browser

It’s magic – the new multi-row tabs look like they were built in. Thank you aris-t2!

If you want this feature to be built in to Firefox, you can comment on this Firefox Bugzilla bug and say so.

I made some really tasty cauliflower-crust pizza yesterday. It’s a great alternative if you are looking for something that has less carbohydrates in it. This recipe uses cauliflower, and some brown rice flour and tapioca, but has no cheese in the crust, so it’s more like a regular gluten-free pizza that is closer to a paleo diet: Tasty Gluten-free Cauliflower Crust Pizza

I’ve been making really tasty artisan gluten-free sourdough bread for a while now. I put up a page on how to make pizza with that dough: Amazing Gluten-free Sourdough Pizza.

I’ve been using the great Ulysses writing app on my Mac. It’s a lot like Evernote, but strictly for writing– you won’t be posting other media there, since everything in Ulysses is written in Markdown. Ulysses is pretty minimalist, which I like. And it’s very smooth– I can type as fast as I want and there’s never any pauses, freezing up, or the dreaded pizza of death. These are frequent occurrences in Evernote.

Ulysses looks a lot like Evernote too– no manually managing files, you just create a new one with Command-N (⌘-N) and away you go writing. But out of the box the app doesn’t show creation date or modification date on your notes. This is a problem if you use it for journaling like I do. But you can get the app to display dates, here’s how:

In order to view the creation date or modification date of a sheet on Mac:

1. Go to the menu “View” › “Sheet Preview” and check “Dates”.
2. Now, sort your group “By Creation Date” or “By Modification Date” and the date will be visible in the sheet list.

That hint comes from Alexander Roth, Head of Customer Support for Ulysses, via a support email request.

I wrote down my recipe for great artisan, crusty gluten-free sourdough bread.

My partner says it’s the best bread she’s ever tasted, and it happens to also be gluten-free. It’s chewy with a real artisan crust. Eating it, she doesn’t miss wheat bread at all. I don’t either.

There’s nothing like having a house filled with the smell of baking bread. We make this every few weeks now, and slice it and freeze it, and so can have crusty gluten-free bread whenever we want.

Marco Polo is a fun app that lets you send and receive videos– a video “walkie-talkie.” The app only gives you the ability to save videos that you sent. But on an iPhone or iPad it’s possible to save videos that other people sent you by using iOS’s screen recording function.

Update: Marco Polo added the ability to save videos to your Photos library on your phone, so the steps below aren’t needed.

Here’s how to download a Marco Polo as a video into your iPhone or iPad photo library (and save on your computer if you want).

1. First add the screen recording button to your control center
2. Then go to Marco Polo.
3. Pull up the control center by swiping up from the bottom of the screen.
4. Start recording.
5. Close the control center.
6. Play the Polo – the sound will be recorded too.
7. Swipe up to bring up control center, stop recording.
8. The video is saved in your Photos library. You can send it to your computer via Airdrop.

I own one of these Brita 10-cup water filter pitchers, and found it a bit tricky to take it apart to clean the inside. Buried in a review on Amazon were these great instructions:

How to take off the filter housing is quite simple: fill the pitcher with soap and water, flip it upside down and the housing should just slip off.

The important part is to fill up the bottom of the pitcher, leaving the top empty. When you flip the pitcher upside down, the weight of the water will make the white plastic insert pop out.

Update: This eventually became too hard, since the insert can stick, and make it hard to remove. I bought a ZeroWater pitcher and am quite happy with it, it’s easy to disassemble for cleaning.

This is a quick note about how to remove and block Monero crypto-currency mining WordPress malware.

Symptom: You run WordPress on your Linux web server and its CPU is at 100% but it should not be.

Logging into the system, and looking at running processes, you see this:

$ ps ax|grep php
 4328 ?        S     0:03 ./cron.php -e0.0.0.0 -p56113
16936 ?       Sl   174:51 /tmp/phprScAj0_j3oku523wjamvhep -c /tmp/phprScAj0.c
17740 pts/0    S+    0:00 grep php

The cron.php is allowing a backdoor to let bots run mining malware on your server. The /tmp/phprScAj0_j3oku523wjamvhep program is a Monero crypto-currency miner, making money for someone who broke into your system.

The temporary file /tmp/phprScAj0.c contents looks like this:

threads = 1
mine = stratum+tcp://46FrzMYxeiwW9ua7HkNuZmB3YXTCvmRm6ZroKEj7GnqiR7tyFKQEoNxKKTDLAvaLca9NS3r325cSq5PyjhNP6JNZPiMETHh:x@monerohash.com:3333/xmr

Kill the processes (replacing the process ids with the ones on your system):

$ sudo kill -9 4328 16936

Now remove the malware and secure your system:

1. Install the Sucuri WordPress plugin – you can do this from WordPress plugins page by doing Plugins > Add New > (search for Sucuri)
2. Download a new copy of WordPress and copy the new files over the infected ones listed by the plugin – via the command line
3. Remove all non-Wordpress files listed by the plugin
4. Install the iThemes Security WordPress plugin – you can do this from the WordPress plugins page by doing Plugins > Add New > (search for iThemes Security)
5. Disable XML-RPC using the iThemes Security > Settings > WordPress Tweaks page
6. Remove all php files from wp-content/uploads (these will be named like WordPress system files, but they are not):

   $ find wp-content/uploads -iname "*.php" -delete
   

7. Disable PHP execution in the wp-content/uploads directory
8. Now examine all your theme code for backdoors. You are looking for something like this:

   
   If you do the following you can rapidly page through all the php code looking for strange things like a big block of numbers like the above example:
   $ find wp-content/themes -iname "*.php" |xargs cat|less
   
   Remove the file or the offending block of code.
   Another way to find the files is the following:
   $ find . -iname "*.php" -exec grep -H ';\$GLOBALS\[' {} \;
   
   If the file only contains malware (a large eval block) just delete it.
     
   Find and remove files of the form favicon_0c57fe.ico - the letters and digits after the underscore can be different:
   $ find . -iname "favicon_*.ico" -delete
   
   These are not ico files, they have a php back door embedded in them.
     
   Look in wp-config.php for any weird looking includes - maybe including an ico file like the ones listed above. If you find any, remove them.
   You are done! - Watch your CPU graphs to make sure you really deleted it and it doesn't come back.
   

I am not sure all the steps are needed, but this worked for me and keeps the bots out. I hope it helps someone else.

I noticed that Google Analytics for WordPress has Shopp eCommerce plugin support that enables conversion tracking, but it doesn’t work on Shopp v1.2.9, the version I have.

I have a fix for this problem – I applied this fix and it works on my site.

You need to change the two lines in the Google Analytics for WordPress plugin file frontend/class-frontend.php function shopp_transaction_tracking that read:

if ( function_exists( 'is_shopp_page' ) && !is_shopp_page( 'checkout' ) ) return $push;

to this:

if ( function_exists( 'is_thanks_page' ) && !is_thanks_page() ) return $push;

I submitted this to the plugin author, Joost van de Valk via Yoast.com but he hasn’t gotten back to me, so I’m posting this in case it helps someone else.