WordPress There has been an error cropping your image

GD Graphics Library

I was updating my theme with the pretty amazing Twenty Seventeen from WordPress. Attempting to add a site icon it was just… failing. The blue select button in the Media Library would just go grey. When I tried a picture larger than 512×512 pixels I got a step further with the cropping dialogue, but then I’d get…

There was an error cropping your image.

It turns out WordPress needs the php-gd library for image manipulation.

First work out what php version you are running with

php -v

On Ubuntu/Debian hosts with php 5.x run

sudo apt-get install php5-gd

On RedHat/CentOS hosts with php 5.x run

sudo yum install php-gd

You may need to install specific packages like php56-gd for php 5.6. For php 7.x you will need to install php7.0-gd

Finally restart your web server

/etc/init.d/httpd restart

As an aside: I’m regretting my commitment to add an image to every post. What image makes sense with this post? The official logo for GD is 300×230 pixels.

Don’t self host your website

Gesture 2 by Sanja Gjenero, Zagreb, Croatia

Last updated on March 24th, 2017 at 02:27 am

Gesture 2 by Sanja Gjenero, Zagreb, Croatia
Gesture 2 by Sanja Gjenero, Zagreb, Croatia

Should you use a free website from Tumblr or WordPress or Wix for the early days of ?your indie film? You should register on those free services to grab your brand name. But I wouldn?t go live with that for anything other than a teaser or short.

What about getting your own hosting account and running something like WordPress self-hosting? Things have changed, don?t host your own software or blog.

If your film is a short you can select the free hosting from Tumblr, WordPress, Wix or any of those free top level domains. However if you are going to make more than one short film or a bigger project, you should get a top level domain at least in your production company name. So if your making ?My Edgy Short? for the ProdCo Philberts Phantastic Philms you should register a domain name PhilbertsPhantasticPhilms (.com or whatever).

For a feature film or series you should register the brand name you are promoting MyEdgyIndieFilm (.com or whatever).

Until now the best advice was to then get a hosting provider for up to $10 per month and self host your website on that. WordPress was probably the easiest software to self host with and most hosting providers will install it for you. However I no longer recommend doing that.

Instead you should should pay WordPress.com or Tumblr.com or Wix to remove the ads and point your domain to their hosted solutions. Why? Automatic security updates! When you self-host software someone has to make sure it?s constantly up to date, because bad-guys are always looking for insecure sites to hack or worse to host their phishing scams from. Even if you are a competent sysadmin or website admin you have better things to do with your life than checking for updates all the time. No it?s not hard to do, but every minute you spend not making your movie, promoting your movie or aggregating your audience is time wasted.

So don?t buy plain generic or typical web-hosting to run your website. You wouldn?t set up your own web-server, so why would you run your own software? Pay a big player and point your own domain to their infrastructure. It will handle attacks better as well as scale sudden popularity.

Another solution is search on ?Managed WordPress Hosting?. Read about the companies that?specialise?in that space.

Photo credit Gesture 2 by Sanja Gjenero, Zagreb, Croatia

WordPress Bad Behavior Plugin Conflicts

Last updated on July 5th, 2015 at 04:06 pm

The Bad Behavior plugin for WordPress is great, it denies spambots even seeing your blog before they try to spam you. But there are four specific issues to be aware of with Bad Behavior 2.0.43.

4 conflicts when using the Bad Behavior plugin

1) On WordPress with WP-Super Cache plugin

Bad Behavior must be enabled in WP-Super Cache?s configuration in order to protect PHP Cached or Legacy Cached pages. Bad Behavior cannot protect mod_rewrite cached (Super Cached) pages.

mod-rewrite is the fastest and most efficient way to cache the pages. So if you Super Cache your pages make sure you?ve configured everything correctly or don?t bother using BB. Alternatively if you want both WPSC and BB you must select Advanced options to use PHP or Legacy caching. Then you must configure the WP Super Cache plugins options too.

2) On WordPress with Spam Karma 2 plugin

From the readme When using Bad Behavior in conjunction with SK2, you may see PHP warnings when Spam Karma 2 displays its internally generated CAPTCHA. This is a design problem in Spam Karma 2.

SK2 is old but will updated ?real soon now? by people who?ve taken over its development. The new version is called Spam Karma but ignore this advice if the new SK is not in http://WordPress.org/extend/plugins by Sep 2011. SK2 is still the #1 spam killer I?ve found. If I have to chose between SK and BB, SK2 wins.


Whitelisting is done in a bad-behavios/whitelist.inc.php file that gets overwritten on upgrades. Whitelists should be either in the database or in an upgrade-proof config file. So if you need to whitelist something, copy the file to a backup like whitelist.inc.backup.php immediately.

4) Commission Junction users

I?ve read Commission Junction still needs to be white listed. The bot is failing the header test that?s trying to verify advertising banners.

400 Header ?Referer? is corrupt (45b35e30)
CJNetworkQuality; http://www.cj.com/networkquality

Bad Behavior?s Developer Michael Hampton?s response is ?that?s a problem with CJ?s bot; you need to report it to them? which I agree with. But if you have choose between CJ and BB, CJ wins. Hopefully CJ has fixed their bot

Upgraded to WordPress 2.6

Last updated on July 6th, 2015 at 03:12 pm

Update:21 July 2008 Don’t upgrade to 2.6! wait until 2.6.1 as there are permalink, login and posting problems. Of course this is the first time in years I haven’t taken complete backups before upgrading 🙁

I thought I should mention that I’ve upgraded this blog to WordPress 2.6.

In this day and age of fast moving security updates it is important that webmasters keep their software current. I’ve had a few old and ignored test sites hacked in the past that were not running WP, but the fact remains that security flaws are ofter found in ancient versions of software.

The World Wide Web is littered with the bones of abandoned and inactive sites. Often these then get hacked.

Now I’ve got to update my theme as I’m tired of it’s look, but as it is quite heavily customised it is not a simple job.

Backup your blog

Last updated on July 3rd, 2015 at 08:26 pm

Frequently Asked Questions over at WordPress.com has a brilliant piece on backups for bloggers.

Several years ago I had to reconstruct?WealthEsteem.org after catastrophic hardware failure. Luckily Google had begun indexing it so I didn?t lose any posts. But rebuilding the comments proved too hard.

Switched On: photo by Clinton cardozo Doha, Qatar http://creativelock.blogspot.com/ sxc.hu 488716
Switched On: photo by Clinton cardozo Doha, Qatar http://creativelock.blogspot.com/ sxc.hu 488716

Matt and his team offer the brilliant advice of subscribing to the RSS feeds of your own site as a way of maintaining backups. Subscribe both the posts and the comments feed via either a web- or desktop-based aggregator. I already subscribe to my blogs to keep an eye on how it looks to my syndicated readers, now I have another reason.

Thanks for this brilliant but overlooked tip.