Culture Tips & How To's

How To: Work From Home, Be Productive and Stay Sane

I just spent a few minutes looking through my draft posts for inspiration to restart blogging.

I came across the oldest draft in my queue, dated November 11, 2009.

I missed 11/11 1:11 by 6 minutes!

The post read as follows:

I’ve worked from home for 6 of the past 8 years in a variety of workspaces. Initially I worked in my parents basement, I briefly worked in my mother-in-law’s dinning room and for the past 2 years I’ve worked in the common space of a 2 bedroom apartment, with a toddler. Over this period I’ve maintained a 35 – 50 hour work week and managed to stay sane (and reasonably productive). Now that I’ve had my own dedicated works space for a couple of weeks I’ve had some time to reflect on a few of the ways I’ve been able to make it work.

  1. Good Employer
  2. Keep A ToDo List
  3. Don’t Answer The Phone
  4. Set “Business Hours”
  5. Don’t Follow Them
  6. Be Distracted

Reflecting on this now that we’ve all been covidworkingfromhome for the past 18 months (or is it 32?) and have just started a permanent remote positions, I’d say that list of advice still rings true.

1. Good Employer

Simply put: you need an employer who trusts you to work from home. One who understand that things might come up throughout the day and doesn’t have a problem with that.

If you’re having trouble finding an employer like this in 2021, imagine how rare it was 12 years ago.

During COVID, even bad employers didn’t have a choice but to begrudgingly let their employees work from home. Good employers will differentiate themselves from by ones by allowing their employees to continue working from home into 2022 and beyond.

2. Keep a To Do List

What I really meant by this was “be organized and focused.”

I still prefer physical to do lists. I like crossing things off with a pen and crumpling up the list at the end of the day.

Organizational tools and apps have really matured and keeping a physical to do list is not really necessary.

Don’t forget to include personal/home things on your to do list. Writing everything down is a great way to keep yourself from getting distracted.

3. Don’t Answer the Phone

“The phone” is much less of a thing in 2021.

Better advice would be “don’t read text messages, or non-work DMs”.

4. Set “Business Hours”

Over my years working from home this has come to be the main key to success.

Setting business hours adds the structure that I need to stay focused. It also sets expectations with my family. They’ll know not to interrupt or distract me between 8 – 5 unless it’s urgent.

Having an office door that you can closes helps, but it’s really not as crucial in my experience.

5. Don’t Follow Them & 6. Be Distracted

These two rules are really the same thing “allow yourself to be distracted.”

I’ve found that giving myself permission to break the rules has been the key to staying “sane.”

Take a long lunch, grab a coffee, go to the store.

Just don’t stray too far, too often.

In 2021, I would only add two additional pieces of advice to this list.

7. Wear Pants

Get dressed for work.

I’ve found that it really puts me in the mindset to get to work.

This has been a rule I’ve always followed, I don’t know why I didn’t add it to my original list.

8. Have an Amazing Partner (or I guess, live alone?)

I couldn’t have made it this far without an understanding wife.

Tips & How To's

How to: Set Up A Personal VPN

Skill Level, Novice: To set this up you’ll want to be mildly comfortable with the command-line. But you won’t necessarily need know (or care) about the technologies involved.

Way back in 2010, firesheep scared my pants off. I was traveling for work when it dropped and I became acutely aware of just how vulnerable my data was on huge airport wifi. In the 8 years since then  https everywhere has become a reality and the threat of bad actors sniffing your web traffic is nearly a thing of the past.

But I’m still paranoid. And today I finally did something about it.

Enter Streisand

Streisand is an open-source project with the goal of defeating censorship. The best way to defeat local censorship is secure, undetectable VPN connection (usually in a foreign country). The goal of defeating censorship aligns nicely with the goal of hardening your internet connection.

Streisand is essentially an installer for a set VPN tools which you’ll install on a cloud hosted server that you control. The project presently supports Amazon EC2, Azure, DigitalOcean, Google Compute Engine, Linode, and Rackspace. You simply run a few commands, select a few options (the defaults are totally fine) and Streisand does the rest.

If you’ve ever run apt-get or setup homebrew on MacOS you should have no problem setting this up. Streisand’s installation instructions well written and easy to follow (jump right to the instruction here).

Much to my surprise — unlike many of these types of command-line driven projects — I ran into absolutely zero issues during the install.

It gets even easier.

If that doesn’t sound easy enough — get this — Streisand copies over an HTML document with an incredibly easy to use guide, per-filled with all the configuration settings your need for your server. It’s dead simple to share this with anybody you choose.

Bonus points: Auto-Connect on public WiFi.

The last time I used the TunnelBear app, I noticed an advanced setting to auto-connect to all wifi except for a whitelist of trusted network. So that if you’re on your secure home, work or other trusted wifi network, you don’t waste VPN bandwidth or take the potential performance hit.

Unfortunately, iOS doesn’t support settings like this natively.

In order to accomplish this, you have to create a custom .mobileconfig file. These files are huge XML documents that you probably shouldn’t write by hand.

Save yourself a headache, use this iOS VPN autoconnect generator (props @klinquist).


I am hosting my Streisand VPN on Linode, my goto host for the past serveral years. Their lowest tier server is more than power enough to host a VPN. And they generously include 1TB of service. For US$5/mo.

The $5/mo price-point is competitive with many of the popular VPN services. Except, since you’re self-hosting, you are not limited to 1 user. You can freely hand out the streisand connection to friends and family.


One of the most powerful aspects of the internet and open source software is the ability to take control of everything yourself. As somehow with this skills to do this myself, I am going to start to make a concerted effort to take control of more things myself and be less dependant on untrustworthy third-parties.

Running my own VPN is just one small step.

I wrote a short follow-up post you might enjoy:

DIY Internet: More on personal VPNs

Tips & How To's Web Development WordPress

How to Keep Your New WordPress Site Running Smoothly

So you just launched a WordPress site for your business, everything is up and running. Pages load quickly, SEO is better than ever, you paid your development team. Now you’re all set for the next few year, right?

In an ideal world, this would be true. Unfortunately, the Internet is a dangerous place and software is not perfect. With WordPress presently powering 1/4 of the Internet, it is a huge target for hackers and internet miscreants. Left untouched, your site is almost guaranteed to become infected by malware at some point in the future.

Click “Update!”

Clicking that “update” button in the WordPress admin is the single most important thing any WordPress site owner can do. In Windows or macOS these types of security updates can seem like a pain, annoying nag messages that you always dismiss immediately. While these updates are important for desktop computers, in reality, your desktop machine is typically removed from outside attackers by 1 or 2 levels of routers. Your website on the other hand has to be accessible to the broader internet in order for the public to have access to it.

One fact that might be overlooked if you’re unfamiliar with software development is that the vast majority of security patches are in response to a reported issue. What this means is that, potential attackers already have the information to create mass exploitation tools by the time you see the update notification in WordPress.

To put it another way: In my time working with WordPress, I’ve never see a compromised WordPress site that is totally up to date with all updates.

Is It Safe?

One concern that causes many computer users to put off software updates is the fear that something will break. While this fear is not totally unfounded, most software updates are safe, most of the time. When dealing with WordPress updates, you’re looking at new code from different sources. Core updates come from the WordPress open source project, these updates are all vetted by professional developers. Plugin updates are submitted by the plugin author. The experience level of these authors varies widely, they could be hobbyists working on the weekend or large teams of professional developers.

So is it safe?

Minor WordPress Core updates are safe. The minor updates are the updates where the main version number (ie. 4) does not change. The WordPress team takes great care to ensure that updates do not break anything.

Major WordPress updates are probably safe. Again, the WordPress team has a great track record of building in backwards compatibility. So, your site probably won’t break. However there are two caveats. 1) Major features in the WordPress admin will likely look and/or act differently; 2) Some plugins may stop working.

Plugin updates should be safe, but it depends. With a few notable exceptions, most well written plugins will update without issue.The same rule of thumb about major and minor updates apply to plugin updates, a major version update is more likely to break something. A good WordPress site developer will only install plugins that they’ve individually vetted, I never install plugins for my clients that I do not trust.

Be Proactive

A number of plugins and security solutions have started to become available for WordPress over the past few years. They are essentially virus scanners and firewalls for WordPress. By setting these up, you should be able to fend off additional threats or at the very least disable malware if it happens to make it onto your site. A Google search will reveal many good options. My current go to plugin is Wordfence security, I install it on all new sites. I like it because it works well out of the box and it typically does a better job finding malware than the other plugins I’ve tried.


As developers, I think we often do a bad job communicating the importance of ongoing maintenance and security. After all, it’s a little embarrassing to have to concede that this great product you just spent weeks of time and a good chunk of money on, is a giant bullseye for internet miscreants. It can seem like a slimy up-sell to suggest a maintenance contract.

In reality, if you’re comfortable reading and digesting release notes, you should be able to handle keeping WordPress up to date. If you’re less of a tech-DIY person, you may want to get in touch with a developer.

One more thing: Backups

Backups are always a good last resort. I didn’t mention them in this post because backups are typically a poor malware recovery solution. Two main reasons: 1) The type of malware that affects WordPress rarely corrupts content; 2) it can be difficult to pinpoint when a malware infection started, so you won’t know which backup to restore to.

Tips & How To's WordPress

Using Jetpack’s Photon CDN to host images in custom WordPress themes

Photon is a great free image CDN that you can use with any self-hosted WordPress install via Automattic’s Jetpack suite of plugins. Photon uses’s infrastructure to host your site’s images on one of the fastest CDN globally.

I highly recommend enabling it on every WordPress install. If your site is on cheap shared hosting, it will dramatically improve page load times. If you’re hosting a huge news site, it’ll save you loads of money.

By default, Photon automagically serves any images embedded in or attached to a WordPress post or page. Including feature images, galleries, third-party sliders. Due to the nature of WordPress hooks and filters, it’s not possible for photon to grab images stored in post meta fields, or any images that are part of theme template files.

I’ve written a gist that exposes Photon’s CDN wrapper as a simple function you can call in templates:

Relevant Jetpack documentation. 

Tips & How To's

5 Tips for Playing Board Games With Younger Kids

I have two kids, boys, currently aged 5 and 7. We’ve been playing board games as a family almost from birth. Over the years, I’ve been constantly impressed by their ability to pick up and enjoy some of the most complex and involved modern board games.

The 21st century board game explosion has spawned hundreds of great games geared toward children of all ages. There’s nothing wrong with those games.

But I don’t think you should stop there. In my experience, kids are learning machines! Introducing them to more advanced games can be a great fun way to challenge their math, logic and reading skills.

Here are some ideas to help you choose games to play with kids.

1. Ignore Recommended Ages

The recommended ages listed on the sides of the board game boxes are almost always completely meaningless. Unlike recommended ages on LEGO boxes, board age ranges are an extremely poor gauge for complexity or appropriateness. These recommendations certainly don’t speak to the amount of fun a child might have with the game.

Sometimes it’s OK to use the age as a judge of relative complexity. For example, it’s fair to assume that a Haba game listed as ages 3+ is less complex than another game listed as 8+. But that doesn’t mean a 7 year old won’t enjoy Monza, nor does it mean that a 5 year old won’t be able to grasp Formula D with a bit of hand holding.

There may actually be a pretty good reason for the odd age listings. Games sold in the US market are subject to the The Consumer Product Safety Improvement Act, which is (apparently) a very ambiguous law that regulates the safety of products sold to children under the age of 14 [source]. It can be costly and time consuming to go through the testing and approval process. Sometimes distributors will stick an “Ages: 14+” on the side of the box and I believe sometimes the regulator will set the age based on their own findings.


  • Sometimes the age suggests inappropriate themes. For example, a 10 year old is probably not ready to face the violent moral dilemmas in Dead of Winter.
  • Obviously, if a kid hasn’t figure out how to not put small pieces of plastic in their mouth, you might want to stick to card games. There’s no real age limit on this 🙂

2. Game Length is irrelevant

If your kids are anything like most kids, the game length listed on the side of the box is several orders of magnitude longer than your kid’s attention span. But that’s ok. You don’t have to “finish” the game.

If they’ve never played the game before they won’t know the victory conditions. I’m not advocating lying to children. I’m just suggesting on coming up with more condensed victory conditions if you believe your children won’t have the attention span to get through the entire game.

In most cases, this can be done without changing a other rules:

  • If you’re playing a game with victory points, you can simply lower the total victory points needed to win.
  • If the game has a fixed set of rounds, knock off one or two rounds.
  • Or, simply set a reasonable time limit. This can work well with adventure games, or longer strategy games.

With some games that depend a lot of long strategy, you will lose that aspect of the game. But with the most complex games, kids will need more time to grasp the full strategy anyways. By playing shorter games, you’ll be able to keep them in the game, while teaching them bits and pieces of strategy.

3. Avoid “Take That” Mechanisms

Games with heavy reliance on “take that” mechanisms can be devastating to children. Maybe this goes without saying but, kids aren’t really accustom to the concepts of being screwed over or stabbed in the back. Doing something to take away victory points they just worked hard to earn IS MEAN and WILL make them cry.

This doesn’t necessarily mean you have to avoid playing those games altogether. I’m just suggesting avoiding take that or modifying the way you play those games.

For example, a key aspect of the Munchkin games is playing extra monsters and other cards against opponents in a fight. I simply don’t do this, I learned quickly that this does not go over well. It doesn’t take away at all from the humour or cooperative aspects of the game. One day they’re realize (or we’ll tell them) that they can play those cards against their opponents and it’ll open up an entirely new aspect of the game

4. Don’t Avoid Math and Reading

Games are probably the single best way to trick kids into learning.

Most 4 year olds can count the pips on a 6-sided dice. I’d argue that dice games are the best way to teach kids simple math.

Reading is a little more nuanced. Games with simple written commands can be a great way for kids to learn how to read. Card games with longer descriptions can be ok too. Kids are great recognizing pictures, once you’ve read the same card a few times, there’s a good chance they’re going to remember what the card does.

Card games with hidden hands and complex can be a little harder to play with kids who are still learning to read.  You might be able to play the face-up hands until they learn the game. But for some games where hiding cards is really important, this might not be an option. Use your best judgement, obviously.

5. Help Them Win

If you’re playing to win, you’re doing it wrong. Kids are going to have a more positive experience if they do well and have a strong finish. They’re not going to be very happy to watch you show them how to to lose.

Playing games with kids should be a fun learning experience. Take time to hold their hands. If you see them make a strategical mistake, take a moment to explain the implications of the move and talk about different things they could do and why they might be a better idea. DO NOT tell them what to do. Do give them the opportunity to disagree with your advice.

In Conclusion, Don’t Under-Estimate Kids

Candyland, Battleship, Monoply Jr, Sorry, playing cards and all those old staples are certainly one way to waste a rainy afternoon at the cabin. The modern offerings from the likes of Haba (I really don’t know any other modern kid-focused publisher, sorry) are a great iteration on the “kids game.”

But seriously, your kids are smart and they love play.

Obvious Caveat: Your milage may vary, all kids are different.