JaBbA's Hut

I've upgraded the blog software to v0.9 of Serendipity - www.s9y.org if you haven't checked it out. I'm a very small contributor to the code - I've done some English translation, worked on the RSS feeds and fixed some category stuff.

It's getting very close to a 1.0 release - this should be the last major pre-1.0 release. I'll be playing with some of the new capabilities and plugins over the next few weeks.

The referrer SPAM has just gotten worse and worse. I see thousands of hits on my blog from zombies with references to various {xanax|cialis|viagra|phentenermine}, casino and porn websites.

I finally tooka little time and put in a blocking mechanism which seems to effectively stop them at the door - it's going to be like a SPAM filter, in that I'll need to keep tweaking it, but so far so good. If you need my solution, contact me. (I'm obviously not going to publicly comment on my actual solution).

But here's the somewhat scary part. Many of the refererring domains are subdomains of names that seem completely unrelated. That's not unusual - somehow I doubt that Jackie Zhao really runs a "blackfilmmakermag.com" website. (He doesn't. It's a gambling advertising domain). But at least one of them seems to be a legitimate site - did they sell access to their domain name, or has their DNS been hacked?

Registrant:
Mike Di Sabatino
*** deleted ****
Camarillo, CA 93011
United States

Registrar: DOTSTER
Domain Name: SUPERBIKECLUB.COM
Created on: 15-MAR-00
Expires on: 15-MAR-06
Last Updated on: 13-MAR-05

Administrative Contact:
DiSabatino, Michael ******deleted*******
**** deleted ******
Camarillo, CA 93011
US
****deleted****
****deleted****

Domain servers in listed order:
NS1.SJ1.NORTHSKY.COM
NS2.SJ1.NORTHSKY.COM

Northsky.com, check your servers! Michael, do you really want to be associated with buy-hydrocodone-online.superbikeclub.com ??????

BEEP BEEP *BEEP*

There's a serious vulnerability in the PEAR XML-RPC code. Serendipity uses this code, so a Update is available.

Blogs on this server have been updated. You know who you are.

We now return you to your regularly scheduled program.

A few months ago, I split my blog into political and non-political content, since I was spending a lot of time on the political stuff and some people wanted to see just my other stuff.

Well, I'm posting less often now, and I definitely am not going to be posting on the political blog at the rate I was last year. So I decided to focus just on JaBbA's Hut. But I didn't want to completely stop the other stuff, and I wanted to maintain all the data.

So I wrote a script that takes the contents of one S9y-based blog and pours it into another. I haven't run in on my production blog quite yet (I'm running it through more tests) but I think it's all set.

The script is here, you're welcome to do with it as you see fit.

UPDATE The bug I thought I had turned out to be in my old 0.7-version template. So I've run it through and all postings from both blogs are now here.

Greg Beaver has made the switch to Serendipity.

The Trackback SPAMmers are still trying. After their blast didn't work, they tried a trickle this morning - just one attempt every few minutes. Still didn't work, trackback moderation is on.

So just a couple minutes ago, I get the following moderation message:


I dunno - were they thinking that if they hid the poker reference in a random sentence I'd allow the trackback?

Serendipity is wonderful.

This morning I woke up to more than 100 messages from my blog that trackbacks had been created. And the developers list confirmed - all the blogs had been hit by the same spammer.

A Spammer had figured out the Trackback API, and an online casino had paid to be advertised.

The good news? We use Serendipity. And the spammer is going to have to refund the casino's money.

Not a single trackback actually appeared on my blog. It took me about 4 minutes to go through and delete all the trackbacks using the backend administration, and another minute to delete all the emails.

There's a lot of talk about how to solve this. My feeling, though, is that they didn't get any advertisement. It took just a couple minutes - and I have some idea for some small interface tweaks that could make cleaning up after this even faster. So right now, I'm happy with the solution in place.

Kristian, Christian, Sebastian and Tom also blogged about this, and Kristian implemented a patch that would stop at least the most common of these.

Movable Type's non-solution to Comment Spam is causing problems at many web hosting companies.

Comment spam attacks on Movable Type weblogs are straining servers at web hosting companies, leading some providers to disable comments on the popular blogging tool. The issues are caused by bugs in MT, forcing publisher Six Apart to recommend configuration changes while it prepares fixes.

Try Serendipity. Comment Spam is no longer a problem with our Anti-Spam configuration.

I've upgraded this blog to Serendipity 0.8 alpha code. After the successful launch of 0.7, 0.8 is looking to new features such as:

- sticky posts (like this one)
- New administration
- Smarty template engine
- caching, optimizations.

Firefox 1.0 was released today. According to the BBC:

Firefox, which was originally called Firebird, also has a growing number of vocal net-based fans.

A campaign co-ordinated by the Spread Firefox website attempted to raise the $50,000 needed for a full page advert in the New York Times.

The campaign set itself a target of recruiting 10,000 volunteers. Ten days in to the campaign 25,000 people had signed up and now about $250,000 has been raised.

That's an impressive amount of loyalty and buzz. I've been using Firefox almost exclusively now for about 9 months, and I've found even the betas to be fast, stable and compatible. And I can't live without tabbed browsing now!


Also, version 0.7 of the Serendipity Weblog system has been released. This is the software that runs this website, and 0.7 is a major update - the biggest feature is the anti-spam stuff and nested/multiple categories, but there's a nice list on Evan's blog.

Well, implementing Spamblocking using Captcha, so far so good.

I've caught at least one comment spammer per day with the new technology, and haven't had to delete a single SPAM since then. Before that, I was getting 10-20 SPAMs that I had to delete per day.

No real people are submitting comments, but hey, I'm just talking to myself here

I've updated to the latest CVS and implemented 'captcha' for comment spam.

That's the technology that makes you look at an image and type the string, to make sure comment bots can't hit. Although you haven't seen any spam comments, I still get more than a dozen a day, but since they're moderated they never get displayed.

Of course, one day in August I got 380 comments spams.

So try it out and let me know if you see any problems.

I'm purposely not moderating comments on this entry. If you put in more than 1 link, however, it gets auto-moderated. Let's see how it works.

I just got hit with Blog SPAM.

Not just a couple. TWO HUNDERED comments about 2am today. Luckily, the CVS version of S9y I'm using allows me to moderate comments, so I'm turning that on.

Damn fake drug vendors. Scourge of the earth, I tell you.

A little thing I was just having some fun with - the Top Ten Search Engine Queries for the last 7 days, as reported by Analog. It appears in the right sidebar, and will be updated every night at Midnight.

And yes, I know that 'P a n t y P o o p i n g' appears in there. It's that damn referrer spam.

I've added a new feature to the blog. "Karma".

Basically, a way for you to quickly tell me what's interesting to you, and what sucks, without having to take the time to leave a comment.

Click on '++' if the article was interesting and relevant, and you'd come back for more like it.
Click on '+' for articles that you find good, although it wouldn't make the site a must-read.
Click on '0' for articles that you just dont feel one way or the other about.
Click on '-' for articles that you find uninteresting, boring.
Click on '--' for articles that you think I should absolutely avoid posting in the future.

I may or may not pay attention. But the more people who vote, the more likely I am to pay attention.

Go ahead...vote (Use the Karma on this post to tell me if you think the karma plugin itself is at all useful).