Save 40% on Pro WordPress plugins with discount code: BLACKFRIDAY21
Web Dev + WordPress + Security

Building the 3G Blacklist, Part 1: Improving Security by Exploiting Server Attack Patterns

[ 3G Stormtroopers (Blue Dream) ]

In this series of five articles, I share insights and discoveries concerning website security and protecting against malicious attacks. In this first article of the series, I examine the process of identifying attack trends and using them to immunize against future attacks. Subsequent articles will focus on key blacklist strategies designed to protect your site transparently, effectively, and efficiently. At the conclusion of the series, the five articles will culminate in the release of the next generation 3G Blacklist. Improving […] Continue reading »

Blacklist Candidate Number 2008-04-27

[ Photo: Bob Barker Snarls at Rod Roddy ]

Welcome to the Perishable Press “Blacklist Candidate” series. In this post, we continue our new tradition of exposing, humiliating and banishing spammers, crackers and other worthless scumbags.. Since the implementation of my 2G Blacklist, I have enjoyed a significant decrease in the overall number and variety of site attacks. In fact, I had to time-travel back to March 1st just to find a candidate worthy of this month’s blacklist spotlight. I felt like Rod Roddy looking over the Price-is-Right audience […] Continue reading »

How to Block Proxy Servers via htaccess

Not too long ago, a reader going by the name of bjarbj78 asked about how to block proxy servers from accessing her website. Apparently, bjarbj78 had taken the time to compile a proxy blacklist of over 9,000 domains, only to discover afterwards that the formulated htaccess blacklisting strategy didn’t work as expected. Here is the ineffective htaccess directive that was used: Deny from proxydomain.com proxydomain2.com Blacklisting proxy servers by blocking individual domains seems like a futile exercise. Although there are […] Continue reading »

Three Unsolved WordPress Mysteries

After several years of using WordPress, I have at least three unanswered questions: What’s up with the WordPress PHP Memory Error? Why do certain phrases trigger 403 “Forbidden” errors when saving or publishing posts? What happened to the Plugin Pages in the WordPress Codex? Let’s have a look at each one of these baffling mysteries.. Continue reading »

WordPress Tip: Careful with that Autosave, Eugene

[ Screenshot: WordPress Autosave Message (Saved at 2:34:02.) ]

After upgrading WordPress from version 2.0.5 to 2.3.3, I did some experimenting with the “post autosave” feature. The autosave feature uses some crafty ajax to automagically save your post every 2 minutes (120 seconds by default). Below the post-editing field, you will notice a line of text that displays the time of the most recent autosave, similar to the following: Continue reading »

WordPress Tip: Remove Spam from the Comment Subscription Manager

[ Image: Jonny Quest (Inverted) ]

After investigating some unusual 404 errors the other day, I found myself digging through the WordPress Admin Area trying to locate the “Subscribe to Comments” options panel. As it turns out, administrative options for the Subscribe to Comments plugin are split into two different areas. First, the S2C plugin provides configuration options under the WordPress General Settings > “Subscribe to Comments”, which enables users to tweak everything from subscription messages to custom CSS styles. New to me was the other […] Continue reading »

What is My WordPress Feed URL?

[ WordPress RSS Feed ]

For future reference, this article covers each of the many ways to access your WordPress-generated feeds1. Several different URL formats are available for the various types of WordPress feeds — posts, comments, and categories — for both permalink and default URL structures. For each example, replace “http://example.com/” with the URL of your blog. Note: even though your blog’s main feed is accessible through many different URLs, there are clear benefits to using a single, consistent feed URL throughout your site. […] Continue reading »

Blacklist Candidate Number 2008-03-09

[ Photo: Bob Barker Pointing at You ]

Welcome to the Perishable Press “Blacklist Candidate” series. In this post, we continue our new tradition of exposing, humiliating and banishing spammers, crackers and other worthless scumbags.. Imagine, if you will, an overly caffeinated Bob Barker, hunched over his favorite laptop, feverishly scanning his server access files. Like some underpaid factory worker pruning defective bobble heads from a Taiwanese assembly line, Bob rapidly identifies and isolates suspicious log entries with laser focus. Upon further investigation, affirmed spammers, scrapers and crackers […] Continue reading »

WordPress Discussion Management: Enable or Disable Comments and Pingbacks via SQL

Continuing my quest to stop comment spam without using plugins, I have decided to disable comments on “old” posts. In my experience, over 90% of comment, trackback and pingback spam occurs on posts that have been online for over a month or so, just long enough to be indexed by the search engines and picked up by spammers. Especially for older posts that have managed to acquire a little page rank, the frequency of spam attempts is far greater than […] Continue reading »

Improve Site Performance by Increasing PHP Memory for WordPress

During the recent ASO server debacle, I raced frantically to restore functionality to Perishable Press. Along the way, one of the many tricks that I tried while trying to fix the dreaded “white screen of death” syndrome involved increasing the amount of PHP memory available to WordPress. This fix worked for me, but may not prove effective on every installation of WordPress. If you are unsure as to whether or not you need to increase your PHP memory, consult with […] Continue reading »

Quickly Disable or Enable All WordPress Plugins via the Database

[ The Flash ]

Recently, while dealing with the dreaded white screen of death, I found myself unable to login to the WordPress Admin area to manually disable all of the plugins used here at Perishable Press. In the past, I have dealt with this situation by simply deleting all plugin files from the server, however this time, time was of the essence — I had only a few minutes with which to troubleshoot, diagnose, and ultimately resolve the deadly white-screen syndrome. Fortunately, after […] Continue reading »

Transfer Autometa Data to All in One SEO

During my last redesign and site overhaul, I finally made the leap from WP 2.0 to 2.3. In the process of synchronizing data and removing unecessary plugins, I managed to replace several keyword- and meta-related plugins with the incredible All in One SEO Pack (AiOSEO). One of the plugins replaced by AiOSEO is Autometa, an otherwise very useful meta-keywords management tool. With AiOSEO installed, there is no need for Autometa. Over the course of a year or so, Autometa had […] Continue reading »

Perishable Press Upgraded to WordPress 2.3.3

Just a note to announce a site upgrade to WordPress 2.3.3. The upgrade went well, but overall server performance continues to suffer. I am aware that some people are experiencing difficulties leaving comments and even accessing the site in general. Rest assured, I am working with my hosting company, A Small Orange, to get everything back on track and running smooth. In the meantime, I appreciate your patience as we work to resolve the issues, restore full functionality, and return […] Continue reading »

Blacklist Candidate Number 2008-02-10

[ Photo: Bob Barker points a finger ]

Welcome to the Perishable Press “Blacklist Candidate” series. In this post, we continue our new tradition of exposing, humiliating and banishing spammers, crackers and other worthless scumbags.. Like many bloggers, I like to spend a little quality time each week examining my site’s error logs. The data contained in Apache, 404, and even PHP error logs is always enlightening. In addition to suspicious behavior, spam nonsense, and cracker mischief, this site frequently endures automated and even manual attacks targeting various […] Continue reading »

Blacklist Candidate Number 2008-01-02

[ Photo: Bob Barker Pointing ]

Welcome to the Perishable Press “Blacklist Candidate” series! In this first post, we begin a new tradition of exposing, humiliating and banishing spammers, crackers and other worthless scumbags.. Every Wednesday, I take a little time to investigate my 404 error logs. In addition to spam, crack attacks, and other deliberate mischief, the 404 logs for Perishable Press contain errors due to missing resources, mistyped URLs, and the occasional bizarre or even suspicious behavior of the search-engine robots. Whenever possible, I […] Continue reading »

WordPress Tip: Reduce the Size of the WP-ShortStat Database Table

[ Screenshot: showing the relatively immense size of the WP-ShortStat table ]

In this article, I present a simple method for dramatically decreasing the size of your WordPress database by partially emptying old data from the WP-ShortStat table via the following SQL command: DELETE FROM `wp_ss_stats` ORDER BY `id` ASC LIMIT n That is the point of this entire article, which dips into just about everything one might need to know before employing such strategy. If you are familiar with SQL and understand the purpose and functionality of this command, feel free […] Continue reading »

Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
Blackhole Pro: Trap bad bots in a virtual black hole.
Thoughts
Making great strides on my new book. Planned release in December :)
To organize my life, I keep it simple. online: plain text files, offline: sticky notes.
Official list of Googlebot IP addresses.
Lot of 1s in today’s date 20211111.
Working on a new book :)
I enjoy listening to original Star Trek and NG episodes while working online. After a while it feels like I’m working on the ship as part of the crew, going on adventures.
New version (2.6) of my shapeSpace starter theme now available! Always free & open source for everyone :)
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.