Honour Nelson Mandela with a Website Ribbon
Honour Nelson Mandela with a remembrance ribbon on your WordPress blog. When I heard the sad news today I wanted to show my condolences on my WordPress sites, so knocked up a couple of plugins to put a ribbon in the top right corner of the sites.
Download Your Mandela Ribbon Plugin
There are 2 versions of the ribbon. One shows an English message, while the other is in Mandela’s home language – Xhosa (plugin code is in English)
JQuery DataTables with WordPress and Drupal
DataTables works with most popular CMS and web based CRM systems with plugins available out-of-the-box for many of these, including WordPress, Drupal and Joomla.
I’ve recently been using the DataTables JQuery scripts for a couple of tables on a WordPress and a Drupal site, so I’m taking the opportunity to briefly discuss the plugins I’m using, and the differences using DataTables with these 2 content management systems.
Checks.Panopta.com – nuisance bot
Panopta.com calls itself “Uptime Management Software for Hosting Providers, SaaS Providers, IT Managers, and Website Owners”. Well, there’s nothing wrong with the idea. If your website is critical to your business it’s not a bad thing to get alerted if or when your site is offline.
But Did You Subscribe to Panopta.com?
Panopta.com monitoring service allows other people to monitor your website! That’s right, you don’t have to sign up for their service for your domain to be monitored. This means a business competitor can monitor your website status without your permission!
Are We Seeing an End to Timthumb Attacks on WordPress?
Lately we have seen a decline in the number of TimThumb RFI attacks against our WordPress sites. A year ago this was the most common hacking probe logged for every WordPress site we manage. Back then we’d see a lot; from 10 to 50, sometimes more, different sources a day. Hardly a day would go by without at least one hacker looking for the vulnerability.
Over the last 6 months, the number of witnessed attempts has declined. Sometimes we don’t see a single probe looking for the old, vulnerable, timthumb.php / thumb.php script for several days.
GIMP Download Moved from Sourceforge to Gimp.org
The GIMP Windows installer package download was removed from Sourceforge by the developers of the software. Citing the recent changes made by Sourceforge where their own so-called “installer” package is pushed in visitors faces, GIMP announced they could not expose GIMP users to this practice.
The GIMP is available directly from www.gimp.org and this is the only download anyone looking the application should use now.
Taking Spam Control to an Extreme Level
We took spam control to a ridiculous level. As an exercise in discovering just how effectively spam can be blocked with WordPress it’s been an interesting exercise. We looked at the 4 main types of spam one is likely to see on their blog; comment spam and trackback spam, spam registrations and finally e-mail spam from contact forms.
The site chosen was our WordPress information site. A few months back a plugin support forum was added to the site, and public registrations allowed. Almost immediately there was a spate of spam registrations – “visitors” registering an account. Most were bots. How do we know? Well, the only link to the registration form is from forum pages, and only a few registration attempts came from one of these referrer pages – the others all arrived at the form directly, without visiting the site at all.
Massive Number of Hacked USA Websites Participate in WordPress Botnet Attack
For the past couple of days we’ve been watching a customers WordPress site being attacked by a botnet of websites trying to access site admin with user name “admin” and a variety of simple passwords.
Most of these attacks are coming from USA based web hosting services. One particular top level service provider, Provo Unified Layer, stands out above the rest as the most hacked network. Many 2nd tier providers use Provo Unified Layer infrastructure including Bluehost and Hostmonster. Of the hosts using Provo Unified Layer infrastructure, Bluehost is ahead of the pack in having hosted sites participating in the botnet. (Read more about Bluehost and the Botnet).
WordPress Image Manager Freezes – Ajax Problem
I’m finding lately the WordPress image manager overlay often freezes when used to insert images in posts or pages. It’s annoying as the only way to get back to the article is to refresh the page – usually losing anything written since the last auto save or manual save.
It seems like an Ajax bug – at least from the number of Ajax errors in the logs. It’s recent as well – I don’t remember this ever happening before the WordPress 3.6 update. I’m getting this on most of the WordPress sites I edit, and have client’s reporting the same problem.
This isn’t a plugin conflict – how can I be so sure. Well, it also happens on WordPress.com – this blog too… And as we all know, we don’t add plugins here, and everything is supposedly tested to work before being rolled out on the platform.
International Web Hosting Server Down
The USA based VPS hosting our international client’s and our own site is offline while the engineers attend to the problem.
Problem First Noticed After Midday 9 October 2013
We first noticed a developing problem at around 12h00 GMT when the server become progressively slower to respond to requests.
Later afternoon the VPS was taken offline for the engineers at the GNAX Atlanta data centre to work on the problem.