.htaccess redirect FROM subfolder to domain name (root).

Placing the following .htaccess in / (where your index.php is located) should do the trick:

RewriteEngine on
RewriteRule ^subfolder/(.*)$ /$1 [R=301,L]

Or you could place the following .htaccess in /subfolder:

RewriteEngine On
RewriteRule ^(.*)$ /$1 [R=301,L]

Note that the () around .* and the $1 redirects /subfolder/someFile.php to /someFile.php. If you skip it, everything in /subfolder redirects to /.

11 Dos and Don’ts for Small Group Ideation Sessions

The first part of a brainstorming meeting is idea generation when you use divergent thinking. The second part is idea selection when you use convergent thinking. Here are my top tips for a meeting that will produce great ideas:

Before the meeting

Choose a diverse group. Six to ten people is ideal. If at all possible bring in some provocative outsiders to challenge the conventional thinking in your team.

Appoint a facilitator. Ideally the facilitator should be external to the group. They can use different techniques to manage the process. The manager is often a poor choice for this role as they cannot stop themselves shaping the content.

Meet off-site. Getting away from the office somehow helps to break conventional thinking. Unusual locations are good. I have run ideation meetings in a zoo, a museum, an art gallery and a castle.

Idea generation using divergent thinking

Suspend judgment. No one is allowed to criticize or even discuss an idea.  As ideas are expressed they are simply recorded. This can be done on post-its, lap-tops or flip charts but no fault-finding or comments are allowed to slow the process of idea flow.

Go for quantity. Quantity leads to quality in brainstorms so don’t stop until you have a large number of ideas – typically 60 to 100 or more.

Go beyond reason. Wild ideas are useful because they challenge boundaries and provoke other fresh ideas. It is easier to tame a wild idea than to inject something radical into a bland one.

Ride on other people’s Ideas. When one person suggests a creative concept others should chip in with extensions, developments and specific ways to make it happen. Piggyback on each other’s notions.

Displace people out of routine thinking. There are many good techniques to do this – some of my favorites are Random Word, Similes, Pass the Parcel or SCAMPER.

Idea selection using convergent thinking

Set criteria. Make an initial sift of the ideas using some broad criteria agreed with the group. For example we want ideas that will please customers, increase awareness and can be implemented in the next 12 months.

Discuss the short list. When you are down to say 10 or 12 good ideas then discuss them constructively. Sometimes there is a clear consensus as to which are the best. Sometimes you might want to vote to see which are the most popular. Whittle the list down to a handful of really good ideas.

Assign actions. Start the ball rolling by assigning follow-up actions for the best ideas. Add them to your to do list and make sure they are expedited. The brainstorm is worthwhile only if it delivers actions.

You should run regular brainstorm meetings with your team. They should be fun and motivational for people. They can deliver the ideas and innovations you need to transform your organization.

The “Real Mojito” Recipe

The Real Mojito

“This is an authentic recipe for mojito. I sized the recipe for one serving, but you can adjust it accordingly and make a pitcher full. It’s a very refreshing drink for hot summer days. Be careful when drinking it, however. If you make a pitcher you might be tempted to drink the whole thing yourself, and you just might find yourself talking Spanish in no time!
Tonic water can be substituted instead of the soda water but the taste is different and somewhat bitter.”


Place mint leaves and 1 lime wedge into a sturdy glass. Use a muddler to crush the mint and lime to release the mint oils and lime juice. Add 2 more lime wedges and the sugar, and muddle again to release the lime juice. Do not strain the mixture. Fill the glass almost to the top with ice. Pour the rum over the ice, and fill the glass with carbonated water. Stir, taste, and add more sugar if desired. Garnish with the remaining lime wedge.

How to secure an Ubuntu 16.04 LTS server – Part 1 The Basics

This guide is based on various community forum posts and webpages. Special thanks to all. All comments and improvements are very welcome as this is purely a personal experimental project at this point and must be considered a work in progress.

This guide is intended as a relatively easy step by step guide to:

Harden the security on an Ubuntu 16.04 LTS server by installing and configuring the following:

  1. Install and configure Firewall – ufw
  2. Secure shared memory – fstab
  3. SSH – Key based login, disable root login and change port
  4. Apache SSL – Disable SSL v3 support
  5. Protect su by limiting access only to admin group
  6. Harden network with sysctl settings
  7. Disable Open DNS Recursion and Remove Version Info  – Bind9 DNS
  8. Prevent IP Spoofing
  9. Harden PHP for security
  10. Restrict Apache Information Leakage
  11. Install and configure Apache application firewall – ModSecurity
  12. Protect from DDOS (Denial of Service) attacks with ModEvasive
  13. Scan logs and ban suspicious hosts – DenyHosts and Fail2Ban
  14. Intrusion Detection – PSAD
  15. Check for RootKits – RKHunter and CHKRootKit
  16. Scan open Ports – Nmap
  17. Analyse system LOG files – LogWatch
  18. Apparmor –  Application Armor
  19. Audit your system security – Tiger and Tripwire


  • Ubuntu 16.04 LTS or later server with a standard LAMP stack installed.

1. Firewall – UFW

  • A good place to start is to install a Firewall.
  • UFW – Uncomplicated Firewall is a basic firewall that works very well and easy to configure with its Firewall configuration tool – gufw, or use  Shorewall, fwbuilder, or Firestarter.
  • Use Firestarter GUI to configure your firewall or refer to the Ubuntu Server Guide,  UFW manual pages or the Ubuntu UFW community documentation.
  • Install UFW and enable, open a terminal window and enter :
sudo apt-get install ufw
  • Allow SSH and Http services.
sudo ufw allow ssh
sudo ufw allow http
  • Enable the firewall.
sudo ufw enable
  • Check the status of the firewall.
sudo ufw status verbose

2. Secure shared memory.

  • Shared memory can be used in an attack against a running service. Modify /etc/fstab to make it more secure.
  • Open a Terminal Window and enter the following :
sudo vi /etc/fstab
  • Add the following line and save. You will need to reboot for this setting to take effect :
  • Note : This only is works in Ubuntu 12.10 or later – For earlier Ubuntu versions replace /run/shm with /dev/shm 
  • Save and Reboot when done
tmpfs     /run/shm     tmpfs     defaults,noexec,nosuid     0     0

3. SSH Hardening – key based login, disable root login and change port.

  • The best way to secure SSH is to use public/private key based login. See SSH/OpenSSH/Keys
  • If you have to use password authentication, the easiest way to secure SSH is to disable root login and change the SSH port to something different than the standard port 22.
  • Before disabling the root login create a new SSH user and make sure the user belongs to the admin group (see step 4. below regarding the admin group).
  • if you change the SSH port keep the port number below 1024 as these are priviledged ports that can only be opened by root or processes running as root.
  • If you change the SSH port also open the new port you have chosen on the firewall and close port 22.
  • Open a Terminal Window and enter :
sudo vi /etc/ssh/sshd_config
  • Change or add the following and save.
Protocol 2
PermitRootLogin no
DebianBanner no
  • Restart SSH server, open a Terminal Window and enter :
sudo service ssh restart

4. Apache SSL Hardening – disable SSL v2/v3 support.

  • The SSL v2/v3 protocol has been proven to be insecure.
  • We will disable Apache support for the protocol and force the use of the newer protocols.
  • Open a Terminal Window and enter :
sudo vi /etc/apache2/mods-available/ssl.conf
  • Change this line from :
SSLProtocol all -SSLv3
  • To the following and save.
SSLProtocol all -SSLv2 -SSLv3
  • Restart the Apache server, open a Terminal Window and enter :
sudo service apache2 restart

5. Protect su by limiting access only to admin group.

  • To limit the use of su by admin users only we need to create an admin group, then add users and limit the use of su to the admin group.
  • Add a admin group to the system and add your own admin username to the group by replacing <YOUR ADMIN USERNAME> below with your admin username.
  • Open a terminal window and enter:
sudo groupadd admin
sudo usermod -a -G admin <YOUR ADMIN USERNAME>
sudo dpkg-statoverride --update --add root admin 4750 /bin/su

6. Harden network with sysctl settings.

  • The /etc/sysctl.conf file contain all the sysctl settings.
  • Prevent source routing of incoming packets and log malformed IP’s enter the following in a terminal window:
sudo vi /etc/sysctl.conf
  • Edit the /etc/sysctl.conf file and un-comment or add the following lines :
# IP Spoofing protection
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1

# Ignore ICMP broadcast requests
net.ipv4.icmp_echo_ignore_broadcasts = 1

# Disable source packet routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv6.conf.all.accept_source_route = 0 
net.ipv4.conf.default.accept_source_route = 0
net.ipv6.conf.default.accept_source_route = 0

# Ignore send redirects
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0

# Block SYN attacks
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 2048
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 5

# Log Martians
net.ipv4.conf.all.log_martians = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1

# Ignore ICMP redirects
net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0 
net.ipv6.conf.default.accept_redirects = 0

# Ignore Directed pings
net.ipv4.icmp_echo_ignore_all = 1
  • To reload sysctl with the latest changes, enter:
sudo sysctl -p

7. Disable Open DNS Recursion and Remove Version Info  – BIND DNS Server.

  • Open a Terminal and enter the following :
sudo vi /etc/bind/named.conf.options
  • Add the following to the Options section :
recursion no;
version "Not Disclosed";
  • Restart BIND DNS server. Open a Terminal and enter the following :
sudo service bind9 restart

8. Prevent IP Spoofing.

  • Open a Terminal and enter the following :
sudo vi /etc/host.conf
  • Add or edit the following lines :
order bind,hosts
nospoof on

9. Harden PHP for security.

  • Edit the php.ini file :
sudo vi /etc/php5/apache2/php.ini
  • Add or edit the following lines an save :
disable_functions = exec,system,shell_exec,passthru
register_globals = Off
expose_php = Off
display_errors = Off
track_errors = Off
html_errors = Off
magic_quotes_gpc = Off
mail.add_x_header = Off
session.name = NEWSESSID
  • Restart Apache server. Open a Terminal and enter the following :
sudo service apache2 restart

10. Restrict Apache Information Leakage.

  • Edit the Apache2 configuration security file :
sudo vi /etc/apache2/conf-available/security.conf
  • Add or edit the following lines and save :
ServerTokens Prod
ServerSignature Off
TraceEnable Off
Header unset ETag
Header always unset X-Powered-By
FileETag None
  • Restart Apache server. Open a Terminal and enter the following :
sudo service apache2 restart

11. Web Application Firewall – ModSecurity.

12. Protect from DDOS (Denial of Service) attacks – ModEvasive

13. Scan logs and ban suspicious hosts – DenyHosts and Fail2Ban.

  • DenyHosts is a python program that automatically blocks SSH attacks by adding entries to /etc/hosts.deny. DenyHosts will also inform Linux administrators about offending hosts, attacked users and suspicious logins.
  • Open a Terminal and enter the following :
sudo apt-get install denyhosts
  • After installation edit the configuration file /etc/denyhosts.conf  and change the email, and other settings as required.
  • To edit the admin email settings open a terminal window and enter:
sudo vi /etc/denyhosts.conf
  • Change the following values as required on your server :
ADMIN_EMAIL = root@localhost
SMTP_HOST = localhost
SMTP_FROM = DenyHosts nobody@localhost
  • Fail2ban is more advanced than DenyHosts as it extends the log monitoring to other services including SSH, Apache, Courier, FTP, and more.
  • Fail2ban scans log files and bans IPs that show the malicious signs — too many password failures, seeking for exploits, etc.
  • Generally Fail2Ban then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action could also be configured.
  • Out of the box Fail2Ban comes with filters for various services (apache, courier, ftp, ssh, etc).
  • Open a Terminal and enter the following :
sudo apt-get install fail2ban
  • After installation edit the configuration file /etc/fail2ban/jail.local  and create the filter rules as required.
  • To edit the settings open a terminal window and enter:
sudo vi /etc/fail2ban/jail.conf
  • Activate all the services you would like fail2ban to monitor by changing enabled = false to enabled = true
  • For example if you would like to enable the SSH monitoring and banning jail, find the line below and change enabled from false to true. Thats it.

enabled  = true
port     = ssh
filter   = sshd
logpath  = /var/log/auth.log
maxretry = 3
  • If you have selected a non-standard SSH port in step 3 then you need to change the port setting in fail2ban from ssh which by default is port 22, to your new port number, for example if you have chosen 1234 then port = 1234

enabled  = true
filter   = sshd
logpath  = /var/log/auth.log
maxretry = 3
  • If you would like to receive emails from Fail2Ban if hosts are banned change the following line to your email address.
destemail = root@localhost
  • and change the following line from :
action = %(action_)s
  • to:
action = %(action_mwl)s
  • You can also create rule filters for the various services that you would like fail2ban to monitor that is not supplied by default.
sudo vi /etc/fail2ban/jail.local
  • Good instructions on how to configure fail2ban and create the various filters can be found on HowtoForge – click here for an example
  • When done with the configuration of Fail2Ban restart the service with :
sudo service fail2ban restart
  • You can also check the status with.
sudo fail2ban-client status

14. Intrusion Detection – PSAD.

  • Cipherdyne PSAD is a collection of three lightweight system daemons that run on Linux machines and analyze iptables log messages to detect port scans and other suspicious traffic.
  • To install the latest version from the source files follow these instruction : How to install PSAD Intrusion Detection on Ubuntu 12.04 LTS server
  • OR install the older version from the Ubuntu software repositories, open a Terminal and enter the following :
sudo apt-get install psad

15. Check for rootkits – RKHunter and CHKRootKit.

  • Both RKHunter and CHKRootkit basically do the same thing – check your system for rootkits. No harm in using both.
  • Open a Terminal and enter the following :
sudo apt-get install rkhunter chkrootkit
  • To run chkrootkit open a terminal window and enter :
sudo chkrootkit
  • To update and run RKHunter. Open a Terminal and enter the following :
sudo rkhunter --update
sudo rkhunter --propupd
sudo rkhunter --check

16. Scan open ports – Nmap.

  • Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing.
  • Open a Terminal and enter the following :
sudo apt-get install nmap
  • Scan your system for open ports with :
nmap -v -sT localhost
  • SYN scanning with the following :
sudo nmap -v -sS localhost

17. Analyse system LOG files – LogWatch.

  • Logwatch is a customizable log analysis system. Logwatch parses through your system’s logs and creates a report analyzing areas that you specify. Logwatch is easy to use and will work right out of the package on most systems.
  • Open a Terminal and enter the following :
sudo apt-get install logwatch libdate-manip-perl
  • To view logwatch output use less :
sudo logwatch | less
  • To email a logwatch report for the past 7 days to an email address, enter the following and replace mail@domain.com with the required email. :
sudo logwatch --mailto mail@domain.com --output mail --format html --range 'between -7 days and today' 

18. Apparmor – Application Armor.

sudo apt-get install apparmor apparmor-profiles
  • Check to see if things are running :
sudo apparmor_status

19. Audit your system security – Tiger and Tripwire.

  • Tiger is a security tool that can be use both as a security audit and intrusion detection system.
  • Tripwire is a host-based intrusion detection system (HIDS) that checks file and folder integrity.
  • Open a Terminal and enter the following :
sudo apt-get install tiger tripwire
  • To setup Tripwire good installation guides can be found on Digital Ocean here and on Unixmen here
  • To run tiger enter :
sudo tiger
  • All Tiger output can be found in the /var/log/tiger
  • To view the tiger security reports, open a Terminal and enter the following :
sudo less /var/log/tiger/security.report.*



This is a jQuery component that let you play a Youtube® movie in a chromeless player.
You can even use a movie as background of your HTML page.

Important notice!

  • The plug in works only if used under a web server. It doesn’t work if you run the HTML page as file (file://…).
    If you want to run it locally on your computer you need a web server installed (for ex: MAMP for Mac, XAMP for Windows, LAMP for linux) and reach the file from http://localhost… or whatever you mapped in the Host file as localhost.
  • This player doesn’t work as background for devices due to the restriction policy adopted by all on managing multimedia files via javascript. It fallsback to the default Youtube player if used as player (not applied to the body).

head inclusions:

<link href="css/YTPlayer.css" media="all" rel="stylesheet" type="text/css">

<script src="http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js"></script>
<script src="inc/jquery.mb.YTPlayer.js"></script>

JS call:


HTML constructor:

<div id="bgndVideo" class="player" data-property="{videoURL:'http://youtu.be/BsekcY04xvQ',containment:'body',autoPlay:true, mute:true, startAt:0, opacity:1}">My video</div>


data-property is an attribute of the TAG where you can pass the options of the player as an Object. Any of the below parameter can also be passed as option within the initialize function. The one defined as attribute of the TAG wins.

  • mute: true (boolean) mute the audio;
  • showControls: true (boolean) show or hide the player controls;
  • mobileFallbackImage: absolute/path/to/image (string) The path to the fallback image in case of background video on mobile devices;
  • ratio: ‘4/3’, ‘16/9’ or ‘auto’ (string) to set the aspect ratio of the movie; if ‘auto’ the aspect ratio will be retreived form the getDataFromFeed method.
  • quality: ‘default’ or ‘small’, ‘medium’, ‘large’, ‘hd720’, ‘hd1080’, ‘highres’.
  • opacity: 0 to 1 (number) define the opacity of the video.
  • containment: (string) the CSS selector of the DOM element where you want the video background; if not specified it takes the “body”; if set to “self” the player will be instanced on that element.
  • optimizeDisplay: true (boolean) will fit the video size into the window size optimizing the view.
  • loop: false (boolean) or a number rapresenting how many times the video should loops once ended.
  • vol: 1 to 100 (number) set the volume level of the video.
  • startAt: 20 (number) Set the seconds the video should start at.
  • stopAt: 20 (number) Set the seconds the video should stop at. If 0 is ignored.
  • remember_last_time: true (boolean) if true living the page and getting back the video will start where it was left.
  • autoPlay: true (boolean) or false play the video once ready.
  • showYTLogo: true (boolean) Show or hide the YT logo and the link to the original video URL.
  • addRaster: false (boolean) Show or hide a raster image over the video.
  • mask: ‘path/to/mask’ or object {0:‘path/to/mask1’, 20:‘path/to/mask2’, …} or false. From version 3.0. Add a mask to the player or a map of masks for each time specified.
  • realfullscreen: true (boolean) activate the new HTML5 full screen behavior.
  • stopMovieOnBlur: true (boolean) activate the pause behavior when the window loose focus.
  • gaTrack: true (boolean) activate the Google Analytics event tracker for that player.
  • anchor: ‘ceter,center’ (string) From version 3.0.3. Define how the video will behave once the window is resized; possible value are: ‘top,bottom,left,right,center’; it accept a pair of value comma separated (ex: ‘top,right’ or ‘bottom,left’).
  • showAnnotations: false (boolean) Define if the player should or not show annotations.
  • onReady: (function) You can pass a function that will be fired once the player is ready; it will pass the YTPlayer object as parameter.
  • onError: (function) You can pass a function that will be fired if there’s an error loading the video; it will pass the YTPlayer object and the error as parameter.

Using jquery.mb.YTPlayer:

To initialize a YTPlayer as simple player:

<div id="P1" class="player" 

To initialize a YTPlayer as background:

<div id="bgndVideo" class="player" 
     data-property="{videoURL:'http://youtu.be/BsekcY04xvQ',containment:'body',autoPlay:true, mute:true, startAt:0, opacity:1}">

To initialize a YTPlayer as element background (from v. 1.2.1):

<div id="P1" class="player" 

What you can pass to the “videoURL” paramenter:

To retrive the video from YouTube you can use any of the following string:

  • The URL of the page containing the video
    videoURL: ‘https://www.youtube.com/watch?v=V2rifmjZuKQ’.
  • The short URL available fron the YouTube share panel
    videoURL: ‘http://youtu.be/V2rifmjZuKQ’.
  • The video ID
    videoURL: ‘V2rifmjZuKQ’.

Play a list of videos (from v. 2.5.0)

jQuery.fn.YTPlaylist(videos, shuffle, callback)

  • Define an array of objects containing the properties for each video:
var videos = [
            {videoURL:"VuaJAgx0x_4",containment:'body',autoPlay:true, mute:false, startAt:0,opacity:1, loop:false, ratio:"4/3", addRaster:true},
            {videoURL: "3ovA7zeviRo",containment:'body',autoPlay:true, mute:true, startAt:0,opacity:1, loop:false, ratio:"4/3", addRaster:false},
            {videoURL: "u9k1FaMIYTs",containment:'body',autoPlay:true, mute:false, startAt:0,opacity:1, loop:false, ratio:"4/3", addRaster:true}
  • Initialize the player using the “jQuery.fn.YTPlaylist(videos, shuffle, callback)” method:

   jQuery("#[playerID]").YTPlaylist(videos, true);

This method accepts 3 parameters:

  1. videos: (array) the array of objects describing each video.
  2. shuffle: (boolean) setting this to true you can have a random sequence of videos.
  3. callback: (function) A callback function fired on each video change. it accept the actual “video” as parameter. The “video” element passed to the function contains all the information retrieved using the Youtube API and stored in the videoData (video.videoData).

    jQuery("#myPlayerID").YTPlaylist(videos, false, function(video){

Check the examples here

External methods

This method let you change the video of the specified player.
It accept an Object as parameter containing all the data-property (see above) you need for the video; the only required is the videoURL parameter that can contain either the complete URL or the short URL provided by Youtube or the video ID.
For example:

<button onclick="jQuery('#[playerID]').YTPChangeMovie({videoURL:'http://youtu.be/3ovA7zeviRo',ratio:'4/3'})"> Dan Graham - Body Press, 1972 </button>

Let you play the video.
For example:

<button onclick="jQuery('#[playerID]').YTPPlay()">play</button>

Let you pause the video.
For example:

<button onclick="jQuery('#[playerID]').YTPPause()">pause</button>

Let you stop the video.
For example:

<button onclick="jQuery('#[playerID]').YTPStop()">stop</button>

Let you switch video from background to front.
For example:

<button onclick="jQuery('#[playerID]').YTPFullscreen()">bring to front / send to back</button>

Let you change the video volume.
For example:

<button onclick="jQuery('#[playerID]').YTPSetVolume(20)">change volume</button>

Let you mute the audio.
For example:

<button onclick="jQuery('#[playerID]').YTPMute()">mute</button>

Let you unmute the audio.
For example:

<button onclick="jQuery('#[playerID]').YTPUnmute()">unmute</button>

Let you switch from mute to unmute.
For example:

<button onclick="jQuery('#[playerID]').YTPToggleVolume()">unmute/unmute</button>

Let you retrive the original player returned by the YouTube API. You can then apply all the methods available on the API itself.
For example:

<button onclick="alert(jQuery('#[playerID]').YTPGetPlayer().getPlayerState())">get state</button>

Returns the info data of the current video as JSON.
This method works only if the API key has been passed as option.

For example:

<button onclick="console.log(jQuery('#[playerID]').YTPGetVideoData())">video info</button>

Available only if you are playing a video list; goes to the next video in the play list.
For example:

<button onclick="jQuery('#[playerID]').YTPPlayNext()">play next</button>

Available only if you are playing a video list; goes to the previous video in the play list.
For example:

<button onclick="jQuery('#[playerID]').YTPPlayPrev()">play previous</button>

Available only if you are playing a video list; goes to a specific video in the play list based on the index.
For example:

<button onclick="jQuery('#[playerID]').YTPPlayIndex(2)">play the second video in the list</button>

Define how the video will behave once the window is resized; possible value are: ‘top,bottom,left,right,center’; it accept a pair of value comma separated (ex: ‘top,right’ or ‘bottom,left’)
For example:

<button onclick="jQuery('#[playerID]').YTPSetAlign('top,right')">Top/Right</button>

Return the alignment of the actual video.
For example:

<button onclick="alert(jQuery('#[playerID]').YTPGetAlign())">Get Align</button>

Check the examples here


From version 2.8.5 you can apply css filters to the video (Except for IE that will not render CSS filters).

The available filters are:

  • grayscale : 1-100,
  • hue_rotate: 1-360,
  • invert : 1-100,
  • opacity : 1-100,
  • saturate : 1-400,
  • sepia : 1-100,
  • brightness: 1-400,
  • contrast : 1-400,
  • blur : 1-100

Below you can find the list of available methods to manage filters; all those methods can be called after the YTPlayer has been initialized.

jQuery.fn.YTPApplyFilter(filter, value)
Apply a css filter to the player; accept the name of the filter and the value.
For example:

<button onclick="jQuery('#[playerID]').YTPApplyFilter('sepia', 50)">apply sepia effect</button>

Apply multiple css filter to the player; accept an object rapresenting the list of filters to be applied as key: value.
For example:

var filters = {
  sepia: 50,
  hue_rotate : 220

jQuery.fn.YTPtoggleFilter(filter, value)
Toggles the filter from the passed value to 0 and viceversa; accept the name of the filter and the value.
For example:

<button onclick="jQuery('#bgndVideo').YTPtoggleFilter('sepia', 50)">toggle sepia effect</button>

Toggles all the filters; accept a callback function.
For example:

<button onclick="jQuery('#[playerID]').YTPToggleFilters(function(val){alert('filters are enabled: ' + val)})">toggle all filters</button>

jQuery.fn.YTPRemoveFilter(filter, callback)
Removes the specified filter; accept the name of the filter and a callback function.
For example:

<button onclick="jQuery('#[playerID]').YTPRemoveFilter('sepia', function(filter){alert(filter)})">remove sepia effect</button>

Disables all the appied filters.
For example:

<button onclick="jQuery('#[playerID]').YTPDisableFilters()">disable all filters</button>

Enables all the appied filters.
For example:

<button onclick="jQuery('#[playerID]').YTPEnableFilters()">enable all filters</button>

Check the examples here


From version 3.0 you can apply a mask to the video. A mask is a png file that will overlay the video.

Below you can find the list of available methods to manage mask; all those methods can be called after the YTPlayer has been initialized.

Add a mask to the target video player. If you call the YTPAddMask method while a mask has been already applied the previous mask will be replaced.
For example:

<button onclick="jQuery('#[playerID]').YTPAddMask('assets/mask-1.png')">Add Mask</button>

Remove the previously applied mask from the target video player.
For example:

<button onclick="jQuery('#[playerID]').YTPRemoveMask()">Remove Mask</button>

toggle actual mask on and off.
For example:

<button onclick="jQuery('#[playerID]').YTPToggleMask()">Toggle Mask</button>

You can also use those method within the “YTPTime” event trigger to display a specific mask at a specific time during the video play.
For example:

       var myPlayer = jQuery('#[playerID]').YTPlayer();
       myPlayer.on("YTPTime", function (e) {
            var currentTime = e.time;
            switch (currentTime) {
                case 1:
                case 10:
                case 15:
                case 20:
                    myPlayer.YTPAddMask('assets/mask-4.png' );

You can also define the mask via the options:

       //Single mask
       var myPlayer = jQuery("#[playerID]").YTPlayer({mask:'assets/mask-1.png'});


       //Multiple masks time:mask
       var myPlayer = jQuery("#[playerID]").YTPlayer({
                0:'assets/mask-1.png',  // at the beginning
                30: false,

Check the examples here


The player triggers a specific event for each state:

  • YTPUnstarted: Before the video start playing (time is passed on the event object)
  • YTPBuffering: When video is buffering (time is passed on the event object)
  • YTPReady: When the video is ready to start playing
  • YTPStart: When the video start playing (time is passed on the event object)
  • YTPPlay: Each time the video change from paused to play.
  • YTPPause: When the video pause (time is passed on the event object)
  • YTPEnd: When video end; you can retrieve the time on the event object.
  • YTPFullScreenStart: When video goes full screen modality
  • YTPFullScreenEnd: When video exit full screen modality
  • YTPMuted: When video is muted
  • YTPUnmuted: When video is unmuted
  • YTPTime: Fired every seconds (time is passed on the event object: e.time)
  • YTPData: Fired on feed data retrieved (prop are passed on the event object: e.prop)

You can use these events to fire functions on a specific event as follow:

   var currentTime = e.time;
   //your code goes here

   var currentTime = e.time;
   if(currentTime == 20) //if the player is at the 20th second
      //do something

YTPData event

This event let you get informations on the video you are playing. To activate this option you need a Youtube API key that you can pass to the component as an option just before initializing it:

jQuery.mbYTPlayer.apiKey = "xxxxxx_xxxxxxxxxxxxxxxxxxxx";
var myVideo = jQuery('#[playerID]').YTPlayer();
myVideo.on("YTPData", function(e){
    console.debug(e.prop.description.replace(/\n/g, "<br/>"));

You can also refer to the data directly from the YTPlayer instance once the data are available:

jQuery.mbYTPlayer.apiKey = "xxxxxx_xxxxxxxxxxxxxxxxxxxx";
var myPlayer = jQuery(".player").YTPlayer();
jQuery("#myButton").on("click", function(){
   if(myPlayer && myPlayer.YTPGetVideoData()){

Below the available video properties:

video.videoData properties:

  • videoData.id
  • videoData.channelTitle
  • videoData.title
  • videoData.description
  • videoData.thumb_max
  • videoData.thumb_high
  • videoData.thumb_medium

how to obtain a Youtube API key

Google Analytics

If you are tracking your site with Google Analytics each player included into a page will generate a ga_event to get statistics for that video under the “Behavior > Events” Google Analytics tab.

Remove ADs

If you doesn’t want ADs on your background video and you are the owner of it you can disable advertisings on your Youtube channel as explained here.

7-Day Diet Weight Loss Soup (Wonder Soup)

Recipe type: Soup


  • ½ head of cabbage, chopped
  • 1 cup celery, diced
  • 1 cup white or yellow onion, diced
  • 1 cup carrots, diced
  • 1 green bell pepper, diced
  • 2-3 cloves garlic, minced
  • 4 cups chicken broth
  • 14 oz can basil, oregano, garlic diced tomatoes
  • 1 teaspoon oregano
  • 1 teaspoon basil
  • ½ teaspoon red pepper flakes
  • few shakes of black pepper
  • ½ teaspoon salt (optional)


  1. Instructions
  2. Heat 2 tablespoons of olive oil in a large pot over medium heat.
  3. Add celery, onions, bell peppers, and carrots.
  4. Saute until slightly tender.
  5. Stir in garlic.
  6. Pour in chicken broth.
  7. Stir in tomatoes and cabbage.
  8. Bring to a boil and then reduce heat.
  9. Cook until cabbage is tender.
  10. Stir in oregano, basil, red pepper flakes, black pepper and salt (if using)
  11. Taste broth and adjust seasoning if needed.
  12. Serve and enjoy!


Jazz it up by adding lots of spices, herbs and a variety of veggies.
This makes enough for about 3 days.
Keeps well in the fridge for about 3 day.


Homemade Seitan

Homemade Seitan
Makes approximately 5 pounds

5 cups whole wheat flour
5 cups bread flour
1 cup vital wheat gluten
1 1/2 teaspoon salt
5 cups water

4 cups vegetable broth
6 cups water
2 inch piece kombu (Seaweed)
1 inch piece ginger, peeled
1/2 cup tamari
2 tablespoon Vegan Worcestershire Sauce
5 -6 cloves garlic, smashed
1 teaspoon mixed peppercorns
3 bay leaves
1 cube no-beef bouillon cube, dissolved in water

  1. In a large mixing bowl, combine whole wheat flour, bread flour, vital wheat gluten and salt. Add water, about 1 cup at a time, until a knead-able dough forms. {Ripe Tip: If you over do it with the water,  making the dough too sticky to knead, you can add more flour to “dry” it out.}
  2. Knead dough for 10 – 15 minutes until dough is very stiff (and your arms hurt). {Ripe Tip: The kneading in this step is very important as this is what helps forms the protein structure (gluten), which will be seitan at the end of this process, so don’t cut the kneading short.}
  3. Cover dough with enough cold water to submerged for at least 1 hour. {Ripe Tip: Overnight or 8 hours is best, as letting the dough will continue to develop the gluten.}
  4. Once dough has rested, transfer to a colander in the sink, and rinse under running water, for several minutes. In this step you are rinsing off the starch and bran components of the flour and leaving behind the gluten. {Ripe Tip: I find it easier to work the dough is smaller chunks (batches) to ensure thorough rinsing.} Once the water is running almost clear, and the dough looks like a giant soggy spider’s web {Ripe Tip: See picture}, set aside.
  5. In a large stock pot, combine remaining ingredients (only 1/4 cup of tamari at this time) and bring to a boil.
  6. To cook seitan, either place in stock-water mixture, divided into fourths formed into large ball or divide in half, rolling each half into a log wrapped in cheesecloth with ends tied. The first method will create uneven shaped seitan, whereas the second method will create uniform logs {Ripe Tip: This is an aesthetic decision, and depending on what you plan to do with your seitan it may make more sense to choose one versus the other.}
  7. Cook seitan for 2 hours. At 1 1/2 hours of cooking I recommend tasting your seitan. The inside should be firm, with the outside a little slimy still. Add the additional 1/4 cup of tamari per your preference at this time.
  8. Once the seitan is firm and cooked through, let cool in the stock as this will continue to firm seitan and develop a better texture and flavor.
  9. Store seitan in broth in the refrigerator for  1 week or wrapped in plastic wrap in the freezer for 3 months.
When making seitan, it starts out looking like bread dough

CakePHP 2 Custom Error Screens / Custom Exception Render

This will fire when needed, or you can trigger it within your controller/model logic:

throw new NotFoundException();


Exception render need to set as an AppExceptionRender. Example:

Configure::write('Exception', array(
        'handler' => 'ErrorHandler::handleException',
        'renderer' => 'AppExceptionRenderer',
        'log' => true


class ErrorsController extends AppController {
    public $name = 'Errors';

    public function beforeFilter() {

    public function error404() {
        //$this->layout = 'default';


App::uses('ExceptionRenderer', 'Error');

class AppExceptionRenderer extends ExceptionRenderer {

    public function notFound($error) {
        $this->controller->redirect(array('controller' => 'errors', 'action' => 'error404'));
        public function missing_controller(){ 
         $this->controller->redirect(array('controller' => 'errors', 'action' => 'error404'))
<div class="inner404">
    <h2>404 Error - Page Not Found</h2>