In my recent article on blocking proxy servers, I explain how to use HTAccess to deny site access to a wide range of proxy servers. The method works great, but some readers want to know how to allow access for specific proxy servers while denying access to as many other proxies as possible.
Fortunately, the solution is as simple as adding a few lines to my original proxy-blocking method. Specifically, we may allow any requests coming from our whitelist of proxy servers by testing Apache’s HTTP_REFERER variable, like so:
RewriteCond %{HTTP_REFERER} !(.*)allowed-proxy-01.domain.tld(.*)
RewriteCond %{HTTP_REFERER} !(.*)allowed-proxy-02.domain.tld(.*)
RewriteCond %{HTTP_REFERER} !(.*)allowed-proxy-03.domain.tld(.*)
Continue Reading
WordPress for Business Bloggers by Packt Publishing was a pleasure to read because it approaches many of the important aspects of WordPress from a slightly different perspective: that of the “business blogger”. The book is aimed at the aspiring business blogger who wants to use WordPress to run a successful business blog. The book claims to skip the basics and jump right into the meat of transforming WordPress into a lean, mean business blogging machine. While this may be true for the book’s target audience, the technical aspects of WordPress covered in the book are familiar ground to the seasoned WordPress user.
Digging into the book, readers will find the expected WordPress topics explored from a business-blogging point of view. The books moves along at a quick pace, and quickly makes the case for using WordPress to achieve their business blogging goals. The book then presents a case-study that serves as a working example throughout the remainder of the book. After a quick romp through some basic design and coding principles, the book covers the essentials on integrating image and video content into your blog. The following chapter emphasizes the importance of content in general, and provides some timeless advice on using WordPress to deliver superior content.
Continue Reading
![[ ~{*}~ ]](http://perishablepress.com/press/wp-content/images/2009/vertical-loops/triple-column-deco.gif)
Here at Perishable Press, the number of posts listed in my archives is rapidly approaching the 700 mark. While this is good news in general, displaying such a large number of posts in an effective, user-friendly fashion continues to prove challenging. Unfortunately, my current strategy of simply dumping all posts into an unordered list just isn’t working. I think it’s fair to say that archive lists containing more than like 50 or 100 post titles are effectively useless and nothing more than a usability nightmare. With growing numbers of blogs building up massive collections of posts, finding better ways to display vast quantities of archived material becomes increasingly important.
One solution that seems popular involves breaking the archives down into various categories, tags, and time periods. This provides meta-context to each list of titles and usually eliminates the need for any hideously long post listings. This solution works well, especially when the different category lists are displayed adjacently in multiple vertical columns. For example, a blog with three categories would do well to display each category’s archive listings in its own vertical column. Something like this:
Continue Reading
Canonical URLs are important for maintaining consistent linkage, reducing duplicate content issues, and increasing the overall integrity of your site. In addition to cleaning up trailing slashes and removing extraneous index.php and index.html strings, removing the www subdirectory prefix is an excellent way to shorten links and deliver consistent, canonical URLs.
Of course, an optimal way of removing (or adding) the www prefix is accomplished via HTAccess canonicalization:
Continue Reading
With the imminent release of the next series of (4G) blacklist articles here at Perishable Press, now is the perfect time to examine eight of the most commonly employed blacklisting methods achieved with Apache’s incredible rewrite module, mod_rewrite. In addition to facilitating site security, the techniques presented in this article will improve your understanding of the different rewrite methods available with mod_rewrite.
Blacklist via Request Method
![[ #1 ]](http://perishablepress.com/press/wp-content/images/2009/eight-blacklist/01.gif)
This first blacklisting method evaluates the client’s request method. Every time a client attempts to connect to your server, it sends a message indicating the type of connection it wishes to make. There are many different types of request methods recognized by Apache. The two most common methods are GET and POST requests, which are required for “getting” and “posting” data to and from the server. In most cases, these are the only request methods required to operate a dynamic website. Allowing more request methods than are necessary increases your site’s vulnerability. Thus, to restrict the types of request methods available to clients, we use this block of Apache directives:
Continue Reading
One of the oldest JavaScript tricks in the book involves providing a “print this!” link for visitors that enables them to summon their operating system’s default print dialogue box to facilitate quick and easy printing of whatever page they happen to be viewing. With the old way of pulling this little stunt, we write this in the markup comprising the target “print this!” link in question:
<a href="javascript:window.print()">Print This!</a>
Big yuck there, of course, due to the obtrusive nature of the JavaScript implementation. Adhering to the principles of proper Web Standards, it is better practice to separate behavior from structure by placing this amazing “print this!” function in its own location, either in the <head> of the document or even better in an external JavaScript file. So basically, we want markup that looks more like this:
<a href="http://domain.tld/target/" title="Print this page">Print This!</a>
Notice the new value for the href attribute. Rather than pointing illogically to the JavaScript function, it now points to an actual resource, which may be anything you desire. Previously, users without JavaScript would click the “print this!” link and blink while nothing happens. With the unobtrusive technique, you provide the location to which users without JavaScript shall go. Possibilities here include an explanation page or even just the page itself, depending on how lazy you wanna be.
Continue Reading