Fall Sale! Save 25% on WordPress books with coupon code: FALL2017 Shop Books »
Tag Archive

2010 IP Blacklist

Update: Check out the new and improved 2013 IP Blacklist! Over the course of each year, I blacklist a considerable number of individual IP addresses. Every day, Perishable Press is hit with countless numbers of spammers, scrapers, crackers and all sorts of other hapless turds. Weekly examinations of my site’s error logs enable me to filter through the chaff and cherry-pick only the most heinous, nefarious attackers for blacklisting. Minor offenses are generally dismissed, but the evil bastards that insist on wasting resources running redundant automated scripts are immediately investigated via IP lookup and denied access via simple htaccess directive: […] Read more »

A Few Steps Back

I have been doing some non-design-related work recently and have not been saturated with anything even computer-related for the past several weeks. Mostly I have been just enjoying life, but also drawing quite a bit and going around taking photos of old, decrepit homesteads and factories. Needless to say, it’s been a much-needed respite from the usual crunch and grind. Taking a few steps back like this from the Web — even for such a short period of time — is remarkably refreshing, and has given me time to contemplate all this web-stuff that keeps us all so busy. When […] Read more »

Should We Support Old Versions of Good Browsers?

I mean, basically anything except for Internet Explorer, which is a debate in and of itself. Here I’m referring to old versions of good browsers, like Firefox 2, Safari 2, Opera 8, and so on. It seems that older versions of these browsers are not as common as older versions of IE, so should we bother supporting them when designing our websites? Most agree that we shouldn’t support old versions of crappy browsers like IE, but what about older versions of good browsers like Firefox, Opera, and Safari? Backwards Compatibility One of the cool things about adhering to Web Standards […] Read more »

Tell Google to Not Index Certain Parts of Your Page

There are several ways to instruct Google to stay away from various pages in your site: Robots.txt directives Nofollow attributes on links Meta noindex/nofollow directives X-Robots noindex/nofollow directives ..and so on. These directives all function in different ways, but they all serve the same basic purpose: control how Google crawls the various pages on your site. For example, you can use meta noindex to instruct Google not to index your sitemap, RSS feed, or any other page you wish. This level of control over which pages are crawled and indexed is helpful, but what if you need to control how […] Read more »

Another Boring Personal Update

It’s been awhile since I have taken some time to just blog a little bit about what’s been happening in this crazy little world of mine. Normally, I like to keep my articles focused on web design, social media, and other online topics, but every now and then I like to take some time out and share some personal news. Needless to say, lots of awesome stuff has been happening both online and in my personal life, so here’s a brief summary for the sake of prosperity. I’ll start with the personal drama and then hit the online/design and project-related […] Read more »

Find a Diamond in the Rough

Getting the best possible web hosting is for obvious reasons something that all website owners aim to do. However, you might know what type of web hosting you are looking to get but still do not know what provider to partner up with. Many of the web hosting top lists you find on the web today look the same as they all take the same things into account. These guides usually take into account similar factors and cost usually is weighted highly. While many people do simply look for the cheapest host with decent reviews, there are others who seek […] Read more »

Digging Into WordPress

Our recent quest to find a publisher has finally paid off. After spending a few weeks checking out different publishers and myriad publishing options, Chris Coyier and I have decided to go the DIY-route and publish the book ourselves as a PDF. The book is titled “Digging into WordPress,” and is due out late Summer or early Fall of this year. It’s going to be packed full of juicy WordPress goodness and I hope that you check it out when it’s released. In the meantime, while we are busy working behind the scenes to make the book the best it […] Read more »

Best Practices for Error Monitoring

Given my propensity to discuss matters involving error log data (e.g., monitoring malicious behavior, setting up error logs, and creating extensive blacklists), I am often asked about the best way to go about monitoring 404 and other types of server errors. While I consider myself to be a novice in this arena (there are far brighter people with much greater experience), I do spend a lot of time digging through log entries and analyzing data. So, when asked recently about my error monitoring practices, I decided to share my response here at Perishable Press, and hopefully get some good feedback […] Read more »

4G Series: The Ultimate Referrer Blacklist, Featuring Over 8000 Banned Referrers

You have seen user-agent blacklists, IP blacklists, 4G Blacklists, and everything in between. Now, in this article, for your sheer and utter amusement, I present a collection of over 8000 blacklisted referrers. For the uninitiated, in teh language of teh Web, a referrer is the online resource from whence a visitor happened to arrive at your site. For example, if Johnny the Wonder Parrot was visiting the Mainstream Media website and happened to follow a link to your site (of all places), you would look at your access logs, notice Johnny’s visit, and speak out loud (slowly): “hmmm.. it looks […] Read more »

4G Series: The Ultimate User-Agent Blacklist, Featuring Over 1200 Bad Bots

As discussed in my recent article, Eight Ways to Blacklist with Apache’s mod_rewrite, one method of stopping spammers, scrapers, email harvesters, and malicious bots is to blacklist their associated user agents. Apache enables us to target bad user agents by testing the user-agent string against a predefined blacklist of unwanted visitors. Any bot identifying itself as one of the blacklisted agents is immediately and quietly denied access. While this certainly isn’t the most effective method of securing your site against malicious behavior, it may certainly provide another layer of protection. Even so, there are several things to consider before choosing […] Read more »

The Perishable Press 4G Blacklist

Update: Check out the new and improved 6G Firewall 2016! At last! After many months of collecting data, crafting directives, and testing results, I am thrilled to announce the release of the 4G Blacklist! The 4G Blacklist is a next-generation protective firewall that secures your website against a wide range of malicious activity. Like its 3G predecessor, the 4G Blacklist is designed for use on Apache servers and is easily implemented via HTAccess or the httpd.conf configuration file. In order to function properly, the 4G Blacklist requires two specific Apache modules, mod_rewrite and mod_alias. As with the third generation of […] Read more »

Yahoo! Slurp too Stupid to be a Robot

I really hate bad robots. When a web crawler, spider, bot — or whatever you want to call it — behaves in a way that is contrary to expected and/or accepted protocols, we say that the bot is acting suspiciously, behaving badly, or just acting stupid in general. Unfortunately, there are thousands — if not hundreds of thousands — of nefarious bots violating our websites every minute of the day. For the most part, there are effective methods available enabling us to protect our sites against the endless hordes of irrelevant and mischievous bots. Such evil is easily blocked with […] Read more »

Building the Perishable Press 4G Blacklist

Last year, after much research and discussion, I built a concise, lightweight security strategy for Apache-powered websites. Prior to the development of this strategy, I relied on several extensive blacklists to protect my sites against malicious user agents and IP addresses. Unfortunately, these mega-lists eventually became unmanageable and ineffective. As increasing numbers of attacks hit my server, I began developing new techniques for defending against external threats. This work soon culminated in the release of a “next-generation” blacklist that works by targeting common elements of decentralized server attacks. Consisting of a mere 37 lines, this “2G” Blacklist provided enough protection […] Read more »

The Halving Method of Identifying Problematic Code

Working a great deal with blacklists, I am frequently trying to isolate and identify problematic code. For example, a blacklist implementation may suddenly prevent a certain type of page from loading. In order to resolve the issue, the blacklist is immediately removed and tested for the offending directive(s). This situation is common to other coding languages as well, especially when dealing with CSS. Identifying problem code is more of an art form than a science, but fortunately, there are a few ways to improve your overall code-sleuthing strategy. Read more »

Year-End Rambling, Boring Personal Stuff, Etc.

Sometimes I just need to type. To get it out. Small ideas, news, and other mental slices of personal relevance. If this just “ain’t your thing,” by all means, please move on to the next item in your reader. Otherwise, if I may ramble on for a moment with the privileged luxury of your gracious attention, I will attempt to elaborate a few of the recent mysteries swirling throughout the rushing vortex that is my life. First of all, the site is doing great. I am honored that you have found Perishable Press worthy of your consideration, consumption, and contemplation. […] Read more »

Feedburner Alternative: Homegrown Feed Statistics for Your Blog

If, for whatever reason, you don’t want to use Feedburner to track your feed statistics, this article describes a relatively simple, “roll-your-own” alternative. Instead of redirecting your feed traffic through Feedburner, keep your original feed URLs and place the following code into a file named “feed_stats.php” (or whatever) and upload to your server: Read more »

Latest Tweets New video tutorials for USP Pro! Over 3 hours of practical, hands-on techniques and tips. 31 videos in HD format :)… twitter.com/i/web/status/91928…