Animated Creativity | Page 5 of 55 | Animate your life. Don't be static.

Apple Notes for code snippets without the “smart quotes” mangling: the System Settings change that fixes it once

October 9, 2025 by admin

Hands typing CSS code on a MacBook on a wooden desk — photo by goumbik on Pexels

You paste a Bash one-liner into Apple Notes for safekeeping. An hour later you copy it back, paste into Terminal, hit Enter, and bash blows up: command not found: 'curl'. The reason: Apple Notes silently turned your straight quotes …

Self-signed certificate authority for a homelab in 30 lines of openssl: the trust-store install per-OS

October 1, 2025 by

Brass padlock locking a chain around a tree — photo by Markus Winkler on Pexels

For internet-facing domains, Let’s Encrypt is the right answer. But the moment you have a homelab service running on a .local domain, on a private subnet, or behind Tailscale — Let’s Encrypt either doesn’t work (HTTP-01 needs public reachability) or …

Pi-hole on a Raspberry Pi 4: blocking ads at the DNS level for the whole house, with the CGNAT and IPv6 gotchas

September 30, 2025 by admin

You’ve installed a content blocker on every browser. The phone in your pocket has a half-dozen apps that show ads anyway. The smart TV in the living room shows ads on the home screen with no user-facing way to turn …

Continuity Camera in 2026: making your iPhone the webcam for video calls (with the Studio Light + Center Stage edges)

September 26, 2025 by admin

Person on a video call with a laptop and an iPhone on a tripod beside it — photo by Mizuno Kozuki on Pexels

The webcam in your MacBook is fine for hopping on a quick call. The webcam in your iPhone — even an iPhone 12, let alone a recent Pro — is dramatically better. More megapixels, larger sensor, better stabilization, way better …

A real Restic backup script with Healthchecks.io heartbeats and B2 as the destination

September 18, 2025 by admin

Close-up of HTML code on a dark monitor — photo by Pixabay on Pexels

The first time you write a backup script, it’s six lines: restic backup /home. The first time it silently stops running, you discover that the only signal something’s wrong is “I went to restore something and the most recent …

A practical 3-2-1 backup strategy for a one-person infra: rsnapshot to NAS + restic to B2 + offsite mirror

September 10, 2025 by admin

Person holding a Samsung Portable SSD T5 1TB in retail packaging — photo by Jibaro Foto on Pexels

The 3-2-1 backup rule is older than this whole industry: 3 copies of the data, on 2 different media types, with 1 of them offsite. It’s the conservative answer for a reason — ransomware can take out one local …

Get WordPress off MySQL root: per-site users in one Python loop

September 6, 2025 by admin

A single key resting in a locker door, symbolizing per-site database credentials with no shared master key (photo: Jakub Zerdzicki / Pexels)

If you run more than one WordPress site on a single server and every wp-config.php has DB_USER = 'root', your eight sites are effectively one site as far as a compromise is concerned. One vulnerable plugin on any of …

zsh-only macOS: getting rid of bash’s appearance in your login shell entirely (and the launchd implications)

August 25, 2025 by admin

Programming code in a dark editor — photo by technobulka on Pexels

Apple switched the default macOS shell from bash to zsh in Catalina (2019). Most people changed nothing and have been on zsh ever since for interactive use. But if you look at /etc/shells, run which sh, or open …

SSH brute-force fingerprints: how to read /var/log/auth.log without grep madness — awk one-liners that actually work

August 23, 2025 by

Multi-pane terminal session showing log output and system monitoring on a dark monitor — photo by Tima Miroshnichenko on Pexels

Open /var/log/auth.log on a public-facing server and you’ll see thousands of lines per day — failed logins, accepted logins, sudo events, cron registrations. The signal you usually care about (who’s brute-forcing me, from where, against which users?) is buried in …

Block WordPress REST API user enumeration without breaking the admin

August 7, 2025 by admin

Close-up of JavaScript code showing ajaxTransport, encodeURIComponent, and readyState functions — typical view of REST API client code (photo: Markus Spiske / Pexels)

By default every WordPress install since 4.7 leaks usernames over a public, unauthenticated REST endpoint. Anyone — no login, no auth header, just a browser — can hit https://yoursite.com/wp-json/wp/v2/users and get a JSON array of every user the site considers …