Website Offline after DoS Attack
Now we Get Auto Hyperlinks – Bad News
Text gets turned into hyperlinks automatically. I just discovered this annoying thing that’s part of the latest version of WordPress used by WordPress.com – WordPress 3.5. Type the text for a URL and the darn thing turns into a hyperlink when published. That’s right, you don’t have to click on the link function in the editor, so no options to add target info and title… No options not to create the hyperlink… Arrgghhh!
Maybe it’s handy for the terminally lazy, but it’s bad news for SEO. And what about the bloggers who write about malware and bad websites, and want to tell readers about these bad addresses? They don’t want visitors to click a hyperlink, just want to inform people about the bad address. With auto-hyperlinks the information becomes an active link!
For example, this hacker information “Exploit attempt on WordPress GD Star Rating plugin”
Banning the Bad Hosts
I’m a no-compromise banner. It doesn’t take much effort to get an IP banned from my websites. A single bad event will normally be enough to block access to my sites from an IP address. Several attempts from a range of IP’s with a common service provider will get the entire IP range banned, the hostname or domain banned.
Currently there are about 700 entries in the banned list – representing millions of IPs, and the list gets longer daily. I cannot recall a day this year when at least one new bad IP was not added to the list.
Sharing the Bad IP Info
Mostly these IP’s were simply denied access, and no record was kept about the reason for the ban. At one time I started keeping a record, then lost interest and lacked time to continue. So I decided to start again, this time publishing the info where I can get to it, and other bloggers can also find the details. So now it’s published as a page on this blog…
Stop Timthumb Attacks Before WordPress
All owners of busy, and not so busy, self-hosted WordPress sites and blogs will know all about timthumb scripting attacks on their site. If the site has the latest up to date version of the vulnerable files, that’s as far as the attack will go.
But constant timthumb attacks are still annoying and use up resources with 404 page not found responses.
Stop Timthumb Attacks at Front Door
Here’s a way to stop these annoying attacks at the front door, before they even get to WordPress. The following script shown below added to your website or blog .htaccess file will prevent nearly all timthumb RFI attacks from wasting server resources.
Hacker Bot FreeWebMonitoring SiteChecker/0.1 Pays a Visit
Bad bot “FreeWebMonitoring SiteChecker/0.1 (+http://www.freewebmonitoring.com)” paid a visit to one of my websites yesterday from IP address 184.108.40.206 which belongs to Canadian service provider: Canada Montreal Thst Golf Inc.
The full range of IP’s owned by Canada Montreal Thst Golf Inc. is 220.127.116.11 - 18.104.22.168
This bot is not the bot used by freewebmonitoring.com. Their bot is “FreeWebMonitoring SiteChecker/0.2 (+http://www.freewebmonitoring.com/bot.html)”
Googlebot Error with WPOnlineStore Plugin
Googlebot triggers a PHP Fatal Error ‘function.require‘ error causing the bot to receive a “500″ internal server error when trying to crawl the pages created by the WordPress WPOnlineStore plugin. In my previous post I mentioned this ongoing problem. Today I can provide some additional information.
The problem is not unique to my shop site; initial searches of the internet found only a few references to this problem. for the past two days the hosting company server engineers have been looking into the problem, unfortunately without any success. After disabling Apache mod_secure settings, which appeared to be causing the error, Googlebot still triggered this error. As previously mentioned in Googlebot has Problems with WPOnlineStore, it is only Googlebot – and there lies the first clue.
Panasonic Recorder Driver Downloads are Malware
Drivers are simply not available online for most of the range of Panasonic digital audio recorders with model numbers rr-US***. Included are Panasonic rr-US430, Panasonic rr-US450 and Panasonic rr-US500.
Although a quick Google for Panasonic driver rr-US450 or any of the models numbers mentioned will produce hundreds of search results, NONE of the links will lead the searcher to a driver file for this range of products. “Downloads for Panasonic DVC USB Driver” will produce the same negative result.
All of the links will eventually take you to one of a small handful of “download” sites. The majority will send you to Driver Guide (www.driverguide.com) and several mirror type sites that look the same and do the same.
Driverguide.com Fake Driver Software
Driver Guide (www.driverguide.com) packages are fakes and a way of spreading Babylon software. They do not have the required Panasonic Recorder driver in their packages, or even in their library. Claiming they do is false advertising. Driverguide.com should be blacklisted for distributing rubbish software under the guise of drivers for well-known products.
Phishing Scam Targets WordPress Plugin Developers
What may be the first phishing scam specifically targeting WordPress Plugin authors has been discovered. The scam comes in the form of an e-mail claiming the developers plugin has been removed from the WordPress Repository, and tells the plugin author to use the link in the mail to login and change their password.
The e-mail uses the Subject line “[WordPress.org Plugins] Urgent: Your Plugin Has Been Removed” and has this message content
Dear WordPress Plugin Developer,
Unfortunately, a plugin you are hosting has been temporarily removed from the WordPress repository. We are going to manually review your plugin because it has been reported for violating our Terms of Service. If your plugin does not get approved then it will be permanently removed from the WordPress repository.
You can check if your plugin has been approved or rejected at…
This is not an official WordPress email!
Microsoft Security Essentials Under Microscope
A look at Microsoft Security Essentials, the free anti-virus application from Microsoft. Is Microsoft Security Essentials any good? Will it protect a Windows PC from most common threats? Can MSE compete with commercial security applications?
Over the next few months we will see.
Annoyed with Commercial AV Software.
I have become increasingly annoyed with commercial anti-virus applications. They have become overpriced, use too much system resources, interfere with other applications, or slow down internet access. Worse still, none of the apps are able to detect every virus or malware… An example is Trojan Generic 24, which seems to be only detected by AVG (but doesn’t stop or remove it). Trend Micro Titanium and Norton AV don’t find all versions of this dangerous trojan.