Tag Archives: plugin

Spam Switch

Posted on February 7, 2008 by Kelson

With the recent rash of Trackback spam, I finally bit the bullet and am now experimenting with Akismet in addition to Spam Karma. I’m not sure how well they work together, or, at this point, which plugin processes the comment first. Update: I’m trying Akismet on its own for now. Or, more precisely, Akismet as the sole second line of defense. Bad Behavior is still holding the front line.

Update (Feb 14): I’m now back to using Spam Karma 2, but with a plugin that uses Akismet as one of the score components. This seems to be working well, as SK is able to block the ridiculous stuff (100 porn links in one comment, etc.), and Akismet is able to catch the trackback spam that’s been passing SK2 by temporarily including an inbound link.

The big problem I had with Akismet was that aside from the age of the target post, the blocked comments weren’t sorted or filtered in the admin interface. I was having to look through ~30 comments a day for false positives. Spam Karma will show only the borderline comments by default, and uses a table structure that makes it easier to skim.

This way, though, I get the proverbial best of both worlds.

Posted in Site Updates | Tagged , | 1 Comment

Automattic Stats, or PHP 5.2.2 vs. WordPress XMLRPC

Posted on May 7, 2007 by Kelson

Experimenting with the new Automattic Stats Plugin that uses the WordPress.com statistics infrastructure to track traffic. So far, so good… except for one problem. Titles and links are missing from all the “most visited” posts. They’re just listed as numeric IDs.

Update: Actually, today’s posts seem OK. The plugin seems to just send the blog ID and post ID. I’ve been trying to figure out how the central server is retrieving the permalink and title. It doesn’t look like Bad Behavior is blocking it. And it doesn’t seem to be using the RSS feed, since posts that are still on the front page (and presumably still in the feed) are also showing up as numbers. *grumble*

Update 2: I just noticed that all of the number-only posts show the same placeholder graph showing “Region A” vs. “Region B” for 2003-2005.

Update 3: It’s a problem with WordPress’ XMLRPC interface, and affects other uses (like connecting with Flock). I’ve got a workaround, though (see comments).

Update 4 (May 10): Thanks to the pingback below from dot unplanned, it’s confirmed to be a bug in PHP 5.2.2. With any luck, the workaround will cease to be necessary when the next PHP bugfix is released.

Posted in Site Updates, Troubleshooting | Tagged , , , , , | 12 Comments

Bunny’s Technorati Tags and WordPress 2.0

Posted on December 30, 2005 by Kelson

Solved! To make Bunny’s Technorati Tags fully compatible with WordPress 2.0 you need to change two lines in the add_tags_textinput() function.

Just replace this:

function add_tags_textinput() {
	global $postdata;
	$tags = get_post_meta($postdata->ID, 'tags', true);

with this:

function add_tags_textinput() {
	global $post_ID;
	$tags = get_post_meta($post_ID, 'tags', true);

The problem is that it will show existing tags, or let you add a new tag, but it will lose tags when you edit a post. It’s not able to retrieve the tags to fill in the form field, apparently because $postdata isn’t returning the ID it expects.

I’ve submitted the fix to wp-plugins.org, so if the author is keeping track of tickets there, the fix should show up in the next version of the plugin.

Update Jan. 3: The plugin author has released version 0.5 with a slightly different fix (plus a few other improvements), and it’s now compatible with WordPress 2.0.

Posted in Site Updates, Troubleshooting | Tagged , , , , | Leave a comment

Accidental Blogspam

Posted on June 14, 2005 by Kelson

I just got a complaint about the latest comment on Another One Bites the Dust. Apparently the previous commenter (who checked the “Subscribe to comments” box) either entered someone else’s email address or forgot visiting the site. It’s a name123@example.com-style address, so it could easily have been a typo.

Either way, the new comment notice went out, and the recipient sent me a spam complaint. I apologized and removed him from the update list, but it moves “accidental spam” from a theoretical risk to an observed problem. I’ve disabled the subscription plugin until I have a chance to figure this out.

The good news is that Subscribe to Comments 2.0 is out now, so I should be able to upgrade when I get a chance. The bad news is that it doesn’t seem to have added a confirmation step, meaning it’s still (effectively) opt-out. Sure, you have to opt-in to get it in the first place…but the fact is that anyone can opt you in just by giving your email address instead of their own.

Posted in Site Updates, Spam | Tagged , , , , | 1 Comment

Where’d the spam go?

Posted on May 26, 2005 by Kelson

Aside from the occasional massive spam run, there’s been a fairly regular trickle of spam targeted at the comments on this blog. Dr. Dave’s excellent Spam Karma plugin takes care of nearly all of these using a combination of content filters, blacklists, form checks, signs of proxy use, and more.

On Tuesday I added IO Error’s Bad Behavior. This plugin looks at actual HTTP requests, identifies known spambots and looks for signs of cloaked bots—those that claim to be a browser like MSIE or Mozilla, but don’t act like it—and prevents them from even getting in the door. The advantage here is that you can save processing time and bandwidth on all kinds of bogus requests, not just comment spam, but address harvesting bots, referrer spam, and so on.

Maybe it’s coincidence, but Spam Karma hasn’t seen a single spam attempt since I installed Bad Behavior.

Of course, blocking bots won’t catch the occasional person who posts comment spam the old-fashioned way: by surfing to the page and filling in the form. And eventually bots will do a better job of imitating real visitors, just as phishing attacks have moved from crude, badly-spelled notes to sophisticated forgeries with real logos and disguised links. Spam Karma will still be needed for those.

But the combination looks very promising!

Posted in Site Updates, Spam | Tagged , , , , | Leave a comment

Open Letter to WordPress Plugin Authors

Posted on May 25, 2005 by Kelson

Please, when developing your plugins, be sure to always use the full opening tag for PHP:

<?php code goes here ?>

On some servers—maybe even your own—you can shorten this to just the opening <?. The following line in php.ini will disable this “feature,” and many web server administrators do so to simplify things like generating XML with PHP:

short_open_tag = Off

When this option is set, PHP will ignore <? and assume it’s simply part of the template… along with all the code following it. If you’re lucky, it means a bunch of PHP code gets sent to the web browser. If you’re not lucky, it results in invalid syntax, and PHP grinds to a halt, spitting out a blank page and a PHP Parse Error.

So please make sure you always use the full opening tag so that your plugin will be compatible with everyone’s system. If you run your own server, set that option in php.ini so that if you miss one, you can catch it before you post it.

Posted in Computers/Internet | Tagged , , , , | Leave a comment

Plugin Experiments

Posted on July 8, 2004 by Kelson

I decided to try out a few WordPress plugins. Here’s the status:

  • WayPath for WordPress: List related posts on other blogs. Nice, but cluttered and slows things down. If we keep this, we’ll need to get caching to work. Active, seeking comments.
  • Spell Check: Only for posts so far. Unfortunately, it doesn’t seem to actually work. Disabled.
  • Link Relationships: Adds next/previous post elements for search engines and browsers that support them. Painless to install, simple and elegant. Active.
  • Staticize Reloaded: Cache each page so that the server doesn’t have to regenerate it every single time. Very nice, but unfortunately isn’t compatible with HTTP compression right now. Disabled.
  • Live Preview: Add an instant preview to comments. A bit of tweaking to install, though I managed to modify it to play nicer with WP’s plugin API, but very cool! Active.
  • Random Posts: Add a list of random posts to the sidebar. Simple and possibly interesting. Active.
  • SameCat: List posts in the same category as the current one. Combined with the Related Entries plugin, this provides a good set of links to similar posts. Active.

Other ideas I’m looking at (some of which I’ve seen plugins for):

  • Comment threading (Katie suggested this, but the last time I looked for plugins the only one I found required serious database changes)
  • Email notifications
  • Polls
  • Category and author icons
  • True-a-Day sidebar

So, any opinions on the new features? Any suggestions for others? In particular, any thoughts on the WayPath feature? I’m not sure whether it’s worth keeping around or not.

Posted in Site Updates | Tagged , | 4 Comments