PlanetJoel

Blog

  • How to Fix the WordPress Block Editor Returning Homepage HTML Instead of JSON (Cloudflare + FastCGI)

    I have been fighting a problem with WordPress. I was writing Posts in the tool and getting an error when I hit Save Draft,

    “The response is not a valid JSON response.”

    The issue is to do with the way NearlyFreeSpeech.net uses FastCGI and it breaks WordPress JSON queries.

    To diagnose if you have this problem open your browser’s Developer Tools, head to the Network tab, and inspect the failed /wp-json/wp/v2/posts/... request, you discover something bizarre. The server didn’t throw a 404 Not Found or a 500 Internal Server Error. Instead, it returned a 200 OK status code, but the response payload is the complete HTML of your site’s homepage.

    Because the block editor expects a clean JSON object back from the WordPress REST API, feeding it the raw HTML of your homepage causes it to panic.

    If you are running your site behind Cloudflare and hosting on a unique FastCGI/Proxy environment (like NearlyFreeSpeech), here is exactly why this happens and how to fix it.

    The Diagnostic Journey: Ruling Out the Usual Suspects

    When this error pops up, standard WordPress troubleshooting advice will tell you to deactivate your plugins, check your .htaccess rules, or flush your Cloudflare cache.

    While those are great starting points, you can quickly isolate the root cause with two diagnostic tests.

    Test 1: Check the Cloudflare Headers

    Open your browser DevTools, click the failed network request, and look at the response headers. If you see cf-cache-status: DYNAMIC, Cloudflare isn’t serving a cached page—it is passing the request straight through to your origin server. Cloudflare is innocent.

    Test 2: The Raw REST API Test

    WordPress has a fallback query parameter for environments where URL rewriting breaks. Paste this URL into your browser (replacing your domain):

    [https://yourdomain.com/?rest_route=/](https://yourdomain.com/?rest_route=/)

    • If it loads your homepage: Your WordPress installation or a plugin is actively broken.
    • If it returns a massive wall of raw text (JSON): Your REST API works perfectly, but your server is failing to route the “pretty” /wp-json/ URLs correctly.

    The Root Cause: FastCGI Clobbering the Request URI

    If Test 2 successfully returned JSON data, your database, permalink settings, and .htaccess file are likely pristine. The breakdown is happening at the server architecture level.

    Environments like NearlyFreeSpeech use a highly secure, high-performance combination of front-end reverse proxies and back-end FastCGI PHP processes. When you request a pretty URL like /wp-json/, Apache processes your .htaccess file and routes it internally to index.php.

    However, during this handshake, the FastCGI environment variables can get clobbered. Specifically, $_SERVER['REQUEST_URI'] gets overwritten and reset to just /index.php.

    By the time the request hits WordPress, the core application looks at the environment variables and thinks, “Ah, the user is just requesting the root index file. Let me serve them the homepage template.” Because it assumes you’re just browsing the site, it throws a standard 200 OK and renders your homepage, leaving the block editor completely stranded.

    The Solution: The wp-config.php Environment Patch

    To fix this, we need to instruct WordPress to check alternative environment variables where the server secretly backs up the original URL path before it gets stripped by FastCGI.

    1. Connect to your server via SSH or SFTP.
    2. Open your wp-config.php file located in your root directory.
    3. Scroll down right before the line that reads: /* That's all, stop editing! Happy publishing. */
    4. Paste the following environment normalization snippet:

    PHP

    /**
 * Advanced Environment Normalization for CGI/FastCGI Rewriting
 * Fixes pretty permalinks & REST API routing behind Cloudflare + Proxies
 */
if (empty($_SERVER['REQUEST_URI']) || $_SERVER['REQUEST_URI'] === '/index.php') {
    if (!empty($_SERVER['REDIRECT_URL'])) {
        $_SERVER['REQUEST_URI'] = $_SERVER['REDIRECT_URL'];
        if (!empty($_SERVER['REDIRECT_QUERY_STRING'])) {
            $_SERVER['REQUEST_URI'] .= '?' . $_SERVER['REDIRECT_QUERY_STRING'];
        }
    }
}

if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
    $_SERVER['HTTPS'] = 'on';
}

    What this code does:

    • Restores the URI: It checks if REQUEST_URI has been reduced to just /index.php. If it has, it grabs the original, intended path from REDIRECT_URL and hooks the query strings back onto it.
    • Fixes the SSL Handshake: The second block ensures that WordPress recognizes the request as securely encrypted over HTTPS via Cloudflare’s forwarding headers, preventing an internal HTTP/HTTPS mismatch.

    Save the file, refresh your WordPress editor, and try saving your draft again. The block editor will now seamlessly communicate with the REST API, and your “Not a valid JSON response” errors will be gone for good.

    This is probably not the best long-term fix so I will update if I find a better solution.

  • Win-AX206-Display: Python AX206 Lightweight Display Driver with System Stats

    Introducing win-ax206-display, a python utility to run a AX206 screen from Windows and display system performance information.

    These AX206 displays are cheap and make a great desktop addition with a nice way to monitor a gaming PC or servers stats. One problem is for Windows they generally require AIDA64 which is an expensive and quite heavy piece of software. This python script eliminates that requirement and gives the user full control.

    Features

    • Hardware sensors via LibreHardwareMonitor (CPU/GPU temperature, load, power) and psutil (RAM, disk, network)
    • YAML themes with text, bar, gauge and sparkline widgets, hot-reloaded when you save the file
    • System tray app with Pause/Resume, theme reload and quit
    • Survives unplugging the panel — reconnects automatically
    • Day/night backlight brightness schedule
    • Start-at-logon via Task Scheduler

    Screenshots

    Could also be used for

    It could be used as a photo display tool or second screen (although the refresh rate is slow, about 1 fps).

    Download

    Grab source code from: https://github.com/mechcow/win-ax206-display

  • International Meeting Planner Lightweight Web UI

    I really like tools like WorldTimeBuddy but I don’t like that they have limitations so I vibe-coded my own.

    Scheduling meetings across time zones is tedious. You end up checking multiple clocks, doing mental math, and hoping you haven’t accidentally booked someone at 3am their time.

    This tool helps with that. You add the cities where your team members are located, and it shows you a timeline of everyone’s working hours side by side. Green means they’re working, grey means they’re not.

    Features

    • Add any city in the world
    • Customize working hours per city (not everyone works 9-5)
    • Public holidays are automatically detected and marked as non-working
    • Navigate between days to plan ahead
    • Works on phones and tablets

    You can check it out here 

  • Introducing Steam Compatibility Analyzer

    TL;DR;

    I built a tool to tell you if you can run a videogame: Access it here

    Introduction

    I was stuck in an airport on the way home and I had a laptop that we use around the house and for portability with me, that is not super powerful. I was wondering, what games can it run from my steam library? I have over 200+ games and trying to go through them one by one was pain-staking so I thought a tool could help. On a whim I started vibe-coding an application to do this, and I’m now launching it as a tool.

    Introducing Game Compatibility Analyzer, an open-source tool that answers these questions definitively using real-world benchmark data.

    Game publishers list minimum and recommended specs, but these can be hard to interpret:

    • Vague hardware names — “Intel Core i5” could mean a decade-old processor or a modern powerhouse
    • No performance context — Meeting “minimum” specs might mean 15 FPS on low settings
    • Manual research required — Checking compatibility for each game in your library is tedious
    • Outdated comparisons — Your newer mid-range GPU might outperform an older flagship, but specs don’t reflect that

    Game Compatibility Analyzer takes a different approach. Instead of simple spec matching, it uses 377,000+ real-world hardware benchmarks from Blender Open Data to understand actual performance characteristics.

    Features:

    Real Performance Insights

    When you enter your hardware (or let the tool auto-detect it on Windows), the analyzer doesn’t just check if your GPU name matches the requirements. It compares actual benchmark scores to understand how your hardware truly stacks up.

    Five-Tier Compatibility Ratings

    No more binary “yes/no” answers. Get nuanced ratings:

    • Excellent — Optimal performance expected
    • Good — Should run smoothly on high settings
    • Playable — Expect reasonable performance with some adjustments
    • Minimum — Will run, but expect compromises
    • Incompatible — Hardware falls short of requirements

    Bulk Library Analysis

    Connect your Steam account and analyze your entire library with one click. The tool uses server-sent events for real-time progress updates as it processes hundreds of games, with smart caching to speed up future analyses.

    Detailed Breakdowns

    Understand exactly which component is the bottleneck. CPU barely meeting requirements while your GPU exceeds them? You’ll see that clearly, along with performance predictions for each component.

    How It Works

    1. Sign in with Steam to access your game library (or search for any game)
    2. Enter your hardware specs or auto-detect on Windows
    3. Get instant compatibility results with confidence scores (0-100)
    4. Explore details to understand component-by-component performance

    The backend matches your hardware against benchmark data, parses game requirements into structured specs, and calculates compatibility using era-based comparisons and fuzzy matching for hardware variants.

    Access it here

    Keen to hear your feedback. Let me know in the comments or in touch at game-compatibility-analyzer@planetjoel.com

  • Using Gemini to Analyse Gaming PC Cooling Performance

    I was watching (the excellent) Gamers Nexus channel on YouTube and I loved the way they loaded the PC and plotted the PC load, fans and cooling all on one graph. What this allows you to see is not just that the cooling is working at full load, but you can see in realtime how it is reacting as the PC is loading up. I recently made changes to my gaming PC so I thought this was something to try out.

    The way I acheived it was turning on performance monitoring using AIDA64, the monitoring software I use (available in File > Preferences > Hardware Monitoring > Logging). This started producing a CSV file showing what the PC was doing, and I selected all metrics to do with CPU or GPU temperature, CPU or GPU load and fan speed. Finally I started the benchmark program I am using PerformanceTest by PCMark which runs through a series of tests looking at all aspects of the computer performance – CPU tests, 2d test, 3d tests, memory test and storage tests.

    Then I told Google Gemini what I was doing (to prime it), then gave it all the data. I wasn’t sure what would happen next given the data itself is quite messy. The AI came back with this:

    After a deep dive into your AIDA64 sensor logs, I’ve analyzed the data and can share some interesting findings about your PC’s performance during the test period. The logs show a clear picture of a system undergoing a stress test, and I’ve generated several graphs to visualize what happened.

    Here is a summary of the events, which appear to have started about 80 seconds into the log:

    Key Observations

    1. Primary GPU Stress Test: The data strongly suggests a GPU-focused stress test was initiated. As seen in the performance chart, your GPU utilization (the dotted aqua line) shoots up to 100% and stays there for several minutes, while CPU utilization (the dashed orange line) has only minor spikes.
    2. Excellent Thermal Response: Your cooling system appears to be working very effectively.
      • As shown in the temperatures graph, your GPU Hotspot temperature (the dashed red line) rises sharply when the test starts, peaking at around 85°C before stabilizing. This is a safe and expected temperature for a GPU under full load.
      • Your CPU Package temperature (the solid cyan line) saw a corresponding, but much smaller, increase to a peak of about 88°C.
    3. Responsive Fan Control: The fan speed graph shows your CPU and GPU fans responding exactly as they should.
      • The GPU fans (light green and light blue lines) ramped up significantly from idle to over 1600 RPM to dissipate the heat from the graphics card.
      • The CPU fan (yellow line) also increased its speed to over 1100 RPM to handle the increased ambient case temperature and the minor CPU load, helping to keep the processor cool.
    4. Stable CPU Performance: Your AMD Ryzen 7 9800X3D maintained its high clock speeds throughout the test, indicating that there was no thermal throttling. The CPU had the headroom to boost its clock speed (lime green line) whenever there were small spikes in CPU utilization.

    In Summary

    The logs show a healthy and well-cooled gaming PC. You ran a GPU-intensive load, and your system’s cooling responded perfectly by increasing fan speeds to manage the temperatures, keeping both the GPU and CPU well within their safe operating limits. There are no signs of overheating or performance throttling.

    This is a great snapshot of your system performing as expected under heavy gaming-like conditions.

    I was impressed by this response for a few reasons:

    1. Gemini parsed some very messy tabular data and was able to make sense of it
    2. The graphs are a bit hard to read but are generally the right data plotted. It’s the three lens in three different graphs – fan speed, load, and temperatures. Plotting them right next to each other like this makes comparison easy
    3. Being able to understand the meaning of the data, the heat limits of the components and and match that to the fan speed is impressive.

    There are a few things I don’t like about this response:

    1. Gemini is still extremely sycophantic. I want to explore how I can turn this off and just get more neutral responses
    2. There is often just way too many words. Maybe this didn’t really need an introduction and a summary – it doesn’t necessarily make it easier to read. A punchy bullet point list maybe would have sufficed
    3. I’m not sure the PCMark test does a great job of loading the system, and Gemini maybe doesn’t realise this. A more critical analysis would have thought about this and the purpose of the test.

    For me to build these graphs and analyse this data myself would have likely taken a few hours. Overall, this is impressive performance from Gemini.

  • Three great books I read recently on Innovation, Governance, AI and Moonshot Projects

    In an era defined by grand challenges it’s easy to feel overwhelmed. Yet, amidst the complexity, there’s a compelling narrative emerging: humanity’s capacity for audacious ambition, innovative problem-solving, and the sheer tenacity to achieve what once seemed impossible. I’ve recently delved into three remarkable books that, when read together, paint a powerful picture of this future, offering both a wake-up call and a blueprint for hope.

    Abundance by Ezra Klein and Derek Thompson

    Ezra Klein and Derek Thompson’s Abundance struck a profound chord with me, crystallising long-held thoughts about effective governance in our modern world. Their central premise is both stark and optimistic: climate change presents an existential threat, but by confronting it head-on, we have the opportunity to emerge stronger and happier. This isn’t about incremental tweaks; it’s about a fundamental shift in how we approach large-scale, green projects like high-speed rail or solar farms.

    The book challenges the entrenched dogmas of both the political right and left. Small government, they argue, falters when central resource allocation is critical, while traditional big government often becomes bloated and slow. What we need, they propose, is a newer, more efficient form of "big government" – one that can move with speed and agility, yet remain ethically grounded. This resonated deeply, not just from a political standpoint, but also from my experience working in large organisations, where the parallels to the challenges of bureaucracy and efficiency are strikingly clear. Abundance makes a compelling case that we’ve achieved this kind of rapid, ethical progress before, and we can do it again.

    What it means to me personally: I have seen how good governance can be the key to unlocking the creative potential of humans, and but more governance is bad than good. This book helped me to think about what good governance looks like in practice.

    The Coming Wave by Mustafa Suleyman

    From the organisational "how" to the technological "what," Mustafa Suleyman’s The Coming Wave offers an essential perspective on artificial intelligence. This book is a triple threat: a stark wake-up call for AI skeptics, a siren from an industry insider on its inherent risks, and an inspiring vision of AI’s moonshot potential for humanity.

    What makes Suleyman’s work so compelling is his intimate familiarity with the subject matter. As a co-founder of DeepMind and Inflection AI, he speaks with authority, yet maintains a measured tone even as he explores concepts that border on the fantastical. Whether you view AI with excitement, trepidation, or a mix of both, this book is a must-read for anyone seeking to understand the profound and multifaceted impact AI will have on our species. It underscores that while technology offers incredible solutions, it demands equally incredible foresight and governance.

    What it means to me personally: Artificial Intelligence is likely to define the next 10 to 20 years of humanity whether we like it or not. I’m trying to think macro and act local, adopting the learnings and applying the thinking to my professional career and to supporting my children.

    Moonshot by Albert Bourla

    Bringing these abstract ideas into sharp, inspiring focus is Albert Bourla’s Moonshot, which chronicles Pfizer’s extraordinary race to tackle COVID-19. This book serves as a powerful, real-world example of humanity achieving a true "moonshot" project under immense pressure.

    The story of mRNA technology, previously somewhat obscure and never used in humans at scale, suddenly becoming the linchpin for saving millions of lives, is nothing short of breathtaking. Bourla highlights not just the tenacity and relentless effort, but also the serendipitous moments that often accompany groundbreaking innovation. The early acquisition of BioNTech, founded by the Turkish-German scientists Ugur Sahin and Ozlem Tureci, initially seemed a promising but uncertain venture. Yet, it became the very heart of humanity’s most critical project in recent memory. Moonshot is an invaluable read for anyone seeking to understand how innovation truly works in practice – a blend of strategic vision, scientific daring, and a healthy dose of good fortune.

    What it means for me personally: Moonshot shows how leader can run teams that achieve the impossible. It also shows that whilst you will need capable team members and capable leadership, the team can collectively do amazing things together when organised and motivated properly.

    Weaving the Narrative: Humanity’s Capacity for the Impossible

    Together, these books argue that humanity possesses the ingenuity, the tools, and the organisational capacity to face its greatest challenges head-on. They inspire us to think bigger, to act faster, and to believe in our collective ability to achieve truly transformative "moonshots" for a better future. These books helped me to think about innovation as a more personal and active practice, and helped me to think about the future in practical terms.

  • Uptime Kuma – Simple yet powerful open source monitoring tool

    I have historically used nagios for home monitoring which, whilst a powerful and Enterprise Grade tool in some respects, is also an overkill and quite annoying to setup in a home environment setup. I really just want something basic I can look at and can see the status of all my services, get notified when things go down and see the history of services (whether they are flapping or going down at specific times). Enter Uptime Kuma.

    Installing Uptime Kuma was a breeze using Home Assistant. I loosely followed this guide from smarthomescene.com which walks you through the process of installing the Home Assistant add-on, which runs Uptime Kuma itself on Home Assistant, and then using the Uptime Kuma Custom Component from HACS which allows all the Uptime Kuma sensors to be pulled into Home Assistant itself.

    I setup a series of basic monitors for all of the services, mostly HTTP or TCP port queries. One gotcha was some services don’t like serving pages or are serving a redirect (which it won’t follow through to completion, because it’s not really a web browser). The simplest fix for the services that do this is to setup Uptime Kuma so it allows the expected redirect to be considered a successful response, because after all if you are getting to this point the service is likely up (I’m not looking to do some kind of complex deep healthcheck here).

    For notification monitoring I setup Pushover which allows for straightforward push notifications to Android. This was very quick to setup. It is technically a paid app but its reasonably priced and so far I’m still using the free tier whilst I evaluate this option, but I expect I will pay for it as the service appears to work well and as intended.

    Final step was configuring of a nice status page including all the monitors, and setting up home assistant to have a dashboard displaying the status. This way the Uptime Kuma results can be shared on an overall dashboard with all IoT integrations out of Home Assistant.

    Overall whilst the same outcome as nagios it’s so much easier to work with something that is web configurable, looks really nice and is generally simple to use. Uptime Kuma is a fantastic service, check it out if you are looking for a monitoring tool.

  • Linux freezing running on older Ryzen processors

    I was having a consistent problem with my Linux machine running on an older Ryzen processor (I’m using an old Ryzen 5 1600) where every 24 hours or so the machine would freeze. Strangely it would still respond to ping, and sometimes entire services would keep running. Other services would stop, an inevitably both SSH and local console stopped functioning. There was nothing in the logs.

    After a little bit of Copiloting / Googling, I found this is a common problem. The fix turned out to be remarkably simple, adding this line to the grub.conf

     

    GRUB_CMDLINE_LINUX_DEFAULT="processor.max_cstate=1"

     

    This instructs the CPU effectively not to go to sleep. Unfortunately this will use more power and will, potentially, reduce the lifetime of the CPU – but it immediately prevented the crashes. It seems the CPU can go to sleep and pull in less power, but this seems to cause it to go into an unrecoverable state in Linux. Some people seem to have speculated the CPU is undervolted so much in this state it effectively crashes.

    In the end this simple fix resolved by freezing issues.

  • Good Guy Cloudflare

    I recently put Cloudflare over the top of this website to protect it and improve performance, on the free plan (I have no affiliation with Cloudflare). The entire process to onboard was an incredibly easy and out of the box you get an insane list of features:

    • DNS
    • DDoS Protection
    • CDN
    • SSL
    • WAF
    • Basic bot mitigation

    The fact that Cloudflare makes such capabilities available to the internet for free is incredible and simply – it’s something every web property should do by default. It also means should you need to upgrade features for some reason it’s all there and ready to switch on. Well done to Cloudflare on making such a seamless process to enable the product.

    While we are talking about amazing Cloudflare free offerings you should also check out 1.1.1.1. It’s a free DNS service that will give you:

    • Improved Browsing Speed
    • Enhanced Privacy
    • Increased Security

    How it works is that you change either your computer or your router (I changed my home router) to use this DNS service, then it will automatically look up Cloudflare for DNS queries. This will bypass your ISP. It also supports all the cool stuff if your router does such as DoT (DNS over TLS), and DNS over HTTP (DoH). ISP DNS’s are notorious for being unreliable, slow, logging user queries and monetising this and sometimes for government interference. This reduces your risk of these types of issues.

    A short disclaimer – nothing is of course free, and Cloudflare is still using both of the above services to make money. For their CDN service, they likely monetize it by making it frictionless to move into their paid plans (freemium business model), and to steal marker share from Akamai which focuses on the Enterprise end of the market. For the 1.1.1.1 service it would lead to brand awareness, aggregate data would be sold (I believe) and it’s a freemium model that can be upgraded to a paid service. If you use either service, you protect yourself but you need to trust Cloudflare as a company. For me the tradeoff was worth it.

  • Compelling Tech Companies to bypass encryption is a bad idea

    In a recent statement, ASIO head, Mike Burgess, expressed his intent to potentially use his powers to compel tech companies to cooperate with warrants and decrypt encrypted chats to aid in national security investigations. While the intention behind this move may be noble—ensuring national security—it raises serious concerns about privacy and the fundamental principles of security.

    Compelling tech companies to break encryption for one entity—even a government agency—essentially opens a Pandora’s box, creating a potential pathway for other entities, including malicious actors, to exploit the same weakness. This is a backdoor and Mike Burgess, and his advisors, know this. The problem with backdoors is that they cannot be exclusively accessed by one party; once a backdoor exists, it can be discovered and exploited by anyone, including hackers, other nations, or even criminal organizations. Mike Burgess argument that it should be a solvable problem is misleading as he is framing it as an intellectual challenge. The problem isn’t that it has yet been solved technically – it is simply not possible to create a backdoor that is used by “good guys” and not by “bad guys”, because one person’s good guy is another person’s bad guys.

    The right to privacy is considered a fundamental human right by many national and international organizations. Although Mr. Burgess argues that breaking the law or being a threat to security forfeits this right, it’s important to note that encryption exists precisely to protect this right. The proposition to make tech companies “respond to the lawful requests” raises questions about the potential for misuse and violations of privacy. There is no “balancing all parties interests here”. In accepting privacy, we must accept security of all consumers and this means you cannot break their encryption. If you can break it, they are not free.

    Additionally, the broad application of such a rule could lead to violations of innocent citizens’ privacy. While Mr. Burgess clarified that ASIO is not seeking mass surveillance, the targeted access to chat rooms hosted on encrypted platforms could inadvertently capture conversations of innocent people. It is nearly impossible to ensure that only “bad actors” are targeted in such a sweeping operation. To be clear this is not about ASIO as an actor or their reputation. The point is broader, no individual, organisation or entity should have the authority or powers to break encryption en masse if we want to live in a free society.

    This move also risks damaging the tech industry and users’ trust in these companies. If tech companies are known to break their own encryption for government agencies, users—especially those concerned about their privacy—might lose trust in these platforms and seek alternatives. Intelligence defense agencies play a crucial role in protecting citizens’ rights and digital freedoms. Using that power to infringe upon those digital freedoms is contradictory to their mission.

    The AFP conducted one of the most elaborate and complex stings in history with their fake secure phone AN0M, which netted in 224 arrests in Australia. Whilst this operation was highly successful, it also eroded the public’s trust in both the law enforcement institutions and in encryption, driving people to more secure means such as Signal for communications. Depending on your perspective this is either a good thing or a challenge – clearly, citizens using encryption is a net good for society, however it is equally a problem for law enforcement.

    The intent to protect national security is commendable. However, forcing tech companies to create backdoors and provide access to encrypted chats could lead to potential security breaches, privacy violations, and loss of trust. While ASIO’s challenges are acknowledged, compelling companies to create Australian-specific backdoors is a precarious path. Instead, ASIO should encourage lawful use of robust encryption that protects citizens against foreign nation states and international threat actors. There is no magic solution for the ubiquity of such encryption, but it’s a challenge we must face head-on instead of resorting to outdated power approaches.