Since posting the Ultimate htaccess Blacklist and then the Ultimate htaccess Blacklist 2, I find myself dealing with a new breed of malicious attacks. It is no longer useful to simply block nefarious user agents because they are frequently faked. Likewise, blocking individual IP addresses is generally a waste of time because the attacks are coming from a decentralized network of zombie machines. Watching my error and access logs very closely, I have observed the following trends in current attacks: Continue reading »
Over the course of each year, I blacklist a considerable number of individual IP addresses. Every day, Perishable Press is hit with countless numbers of spammers, scrapers, crackers and all sorts of other hapless turds. Weekly examinations of my site’s error logs enable me to filter through the chaff and cherry-pick only the most heinous, nefarious attackers for blacklisting. Minor offenses are generally dismissed, but the evil bastards that insist on wasting resources running redundant automated scripts are immediately investigated […] Continue reading »
Recently, while dealing with the dreaded white screen of death, I found myself unable to login to the WordPress Admin area to manually disable all of the plugins used here at Perishable Press. In the past, I have dealt with this situation by simply deleting all plugin files from the server, however this time, time was of the essence — I had only a few minutes with which to troubleshoot, diagnose, and ultimately resolve the deadly white-screen syndrome. Fortunately, after […] Continue reading »
During my last redesign and site overhaul, I finally made the leap from WP 2.0 to 2.3. In the process of synchronizing data and removing unecessary plugins, I managed to replace several keyword- and meta-related plugins with the incredible All in One SEO Pack (AiOSEO). One of the plugins replaced by AiOSEO is Autometa, an otherwise very useful meta-keywords management tool. With AiOSEO installed, there is no need for Autometa. Over the course of a year or so, Autometa had […] Continue reading »
Welcome to the Perishable Press “Blacklist Candidate” series. In this post, we continue our new tradition of exposing, humiliating and banishing spammers, crackers and other worthless scumbags.. Like many bloggers, I like to spend a little quality time each week examining my site’s error logs. The data contained in Apache, 404, and even PHP error logs is always enlightening. In addition to suspicious behavior, spam nonsense, and cracker mischief, this site frequently endures automated and even manual attacks targeting various […] Continue reading »
How to streamline and maximize the effectiveness of your WordPress URLs by using htaccess to remove extraneous post-date information: years, months, and days.. Recently, there has been much discussion about whether or not to remove the post-date information from WordPress permalinks1. Way back during the WordPress 1.2/1.5 days, URL post-date inclusion had become very popular, in part due to reports of potential conflicts with post-name-only permalinks. Throw in the inevitable “monkey-see, monkey-do” mentality typical of many bloggers, and suddenly an […] Continue reading »
Recently, reader Luke Knowles asked how to customize the sort order of his posts in WordPress. Looking into a solution to this question proved quite enlightening. Within moments I was able to discern 4 methods for modifying post order, and then several days later I discovered 2 additional custom sorting techniques. After updating the reply to Luke’s comment, it seemed like some good information that other WordPressers may find useful. So, here are six ways to customize the sort order […] Continue reading »
Approximately 30 days ago, I completely uninstalled the Bad Behavior plugin from Perishable Press. As you may recall, many Bad Behavior users were unexpectedly locked out of their own sites and forced to either uninstall or upgrade in order to fix the problem. Of course, in my perpetual battle to optimize and streamline everything, I decided to drop Bad Behavior from the otherwise obligatory WordPress anti-spam trinity. 30 days later.. I am happy to report that Perishable Press has not […] Continue reading »
With the recent release of my latest WordPress plugin, Contact Coldform, I am also creating a series of free, “drop-in” CSS skins for easy, “plug-n-play” customization. These skins employ valid, optimized CSS code designed for the following browsers: Continue reading »
Welcome to the homepage for Contact Coldform, a secure, lightweight, flexible contact form with plenty of options and squeaky clean markup. Coldform blocks spam while making it easy for your visitors to contact you from your WordPress-powered website. The comprehensive Settings Page makes it easy to take full control with plenty of options and several built-in themes for styling the form. Coldform delivers everything you need and nothing you don’t — no frills, no gimmicks, just pure contact-form satisfaction. Now […] Continue reading »
Welcome to the Perishable Press “Blacklist Candidate” series! In this first post, we begin a new tradition of exposing, humiliating and banishing spammers, crackers and other worthless scumbags.. Every Wednesday, I take a little time to investigate my 404 error logs. In addition to spam, crack attacks, and other deliberate mischief, the 404 logs for Perishable Press contain errors due to missing resources, mistyped URLs, and the occasional bizarre or even suspicious behavior of the search-engine robots. Whenever possible, I […] Continue reading »
Recently, while attempting to optimize site performance, I found myself experimenting with various caching mechanisms currently available for WordPress. Specifically, I explored each of the following caching options: Continue reading »
In this article, my goal is to help you optimize WordPress by replacing a few common plugins with their correspondingly effective code equivalents. As we all know, WordPress can be a very resource-hungry piece of software, especially when running a million extraneous plugins. Often, many common plugins are designed to perform relatively simple tasks, such as redirect a feed, display a random image, query the database, etc. For those of us comfortable with editing PHP and htaccess code, there is […] Continue reading »
In this brief article I explain the atrocity that is UserCash and then provide the JavaScript needed to protect your site. Continue reading »
In this brief tutorial, we are going to enable users to access any file or directory of a site that is password-protected via htaccess. There are many reasons for wanting to employ this technique, including: Share public resources from an otherwise private site Enable visitors to access content during site maintenance Testing and formatting of layout and design during development As a webmaster, I have used this technique on several occasions. This trick works great for allowing access to any […] Continue reading »
“Oh no, not again!” It looks like another one of my non-existent bank accounts has been blocked at Bank of America. But that’s cool, because I like, totally graduated from third grade. Knowing best for all grammar and words in email. Let’s examine yet another idiotic phishing attempt, shall we? First, let’s have a look at the full-meal deal (sans bank logos, links, and other forged minutia): Continue reading »