Tag: plugin

Posted on
by

I’ve put together a simple plugin for self-hosted WordPress blogs that adds a “Power Up” button to your posts for submission to Comicbook.com (a Digg-like site or comics-related news).

No configuration needed – just install it and activate it.

Yeah, I could have just pasted the code into my theme template, but I like to keep functional changes separate in case I ever decide to switch to another theme.

At present it will only show on individual posts. It won’t show on pages, or the front of the site, or any sort of archive page.

You can see it in action on Speed Force.

Download:
ktv_comicbook_powerup-0.1.zip

[Update:] The service no longer exists (the site is a blog now), so there’s no need for the plugin anymore.

Posted on
by

With the recent rash of Trackback spam, I finally bit the bullet and am now experimenting with Akismet in addition to Spam Karma. I’m not sure how well they work together, or, at this point, which plugin processes the comment first. Update: I’m trying Akismet on its own for now. Or, more precisely, Akismet as the sole second line of defense. Bad Behavior is still holding the front line.

Update (Feb 14): I’m now back to using Spam Karma 2, but with a plugin that uses Akismet as one of the score components. This seems to be working well, as SK is able to block the ridiculous stuff (100 porn links in one comment, etc.), and Akismet is able to catch the trackback spam that’s been passing SK2 by temporarily including an inbound link.

The big problem I had with Akismet was that aside from the age of the target post, the blocked comments weren’t sorted or filtered in the admin interface. I was having to look through ~30 comments a day for false positives. Spam Karma will show only the borderline comments by default, and uses a table structure that makes it easier to skim.

This way, though, I get the proverbial best of both worlds.

Posted on
by

Experimenting with the new Automattic Stats Plugin that uses the WordPress.com statistics infrastructure to track traffic. So far, so good… except for one problem. Titles and links are missing from all the “most visited” posts. They’re just listed as numeric IDs.

Update: Actually, today’s posts seem OK. The plugin seems to just send the blog ID and post ID. I’ve been trying to figure out how the central server is retrieving the permalink and title. It doesn’t look like Bad Behavior is blocking it. And it doesn’t seem to be using the RSS feed, since posts that are still on the front page (and presumably still in the feed) are also showing up as numbers. *grumble*

Update 2: I just noticed that all of the number-only posts show the same placeholder graph showing “Region A” vs. “Region B” for 2003-2005.

Update 3: It’s a problem with WordPress’ XMLRPC interface, and affects other uses (like connecting with Flock). I’ve got a workaround, though (see comments).

Update 4 (May 10): Thanks to the pingback below from dot unplanned, it’s confirmed to be a bug in PHP 5.2.2. With any luck, the workaround will cease to be necessary when the next PHP bugfix is released.

Posted on
by

I just got a complaint about the latest comment on Another One Bites the Dust. Apparently the previous commenter (who checked the “Subscribe to comments” box) either entered someone else’s email address or forgot visiting the site. It’s a name123@example.com-style address, so it could easily have been a typo.

Either way, the new comment notice went out, and the recipient sent me a spam complaint. I apologized and removed him from the update list, but it moves “accidental spam” from a theoretical risk to an observed problem. I’ve disabled the subscription plugin until I have a chance to figure this out.

The good news is that Subscribe to Comments 2.0 is out now, so I should be able to upgrade when I get a chance. The bad news is that it doesn’t seem to have added a confirmation step, meaning it’s still (effectively) opt-out. Sure, you have to opt-in to get it in the first place…but the fact is that anyone can opt you in just by giving your email address instead of their own.

Posted on
by

Aside from the occasional massive spam run, there’s been a fairly regular trickle of spam targeted at the comments on this blog. Dr. Dave’s excellent Spam Karma plugin takes care of nearly all of these using a combination of content filters, blacklists, form checks, signs of proxy use, and more.

On Tuesday I added IO Error’s Bad Behavior. This plugin looks at actual HTTP requests, identifies known spambots and looks for signs of cloaked bots—those that claim to be a browser like MSIE or Mozilla, but don’t act like it—and prevents them from even getting in the door. The advantage here is that you can save processing time and bandwidth on all kinds of bogus requests, not just comment spam, but address harvesting bots, referrer spam, and so on.

Maybe it’s coincidence, but Spam Karma hasn’t seen a single spam attempt since I installed Bad Behavior.

Of course, blocking bots won’t catch the occasional person who posts comment spam the old-fashioned way: by surfing to the page and filling in the form. And eventually bots will do a better job of imitating real visitors, just as phishing attacks have moved from crude, badly-spelled notes to sophisticated forgeries with real logos and disguised links. Spam Karma will still be needed for those.

But the combination looks very promising!