Archive for the ‘Minor Details’ Category
An additional consideration is that I know my boss reads this blog (hi, Steve!), so I’m not completely comfortable with some of the more cutting remarks I might make about the office, even though the chance of negative repercussions is probably not high. But then, sometimes I just feel that perhaps this blog has run its course, that there’s no more steam left in the boiler. I don’t know. We’ll see.
A perceptive fellow on the Google Webmasters forum noticed the following bit of fun in my source code that looked like this: Thinking it was a result of an injection exploit like this person found, I went over all my WP files (plus my theme directory) with a fine-toothed comb, but found nothing. A further bit of digging turned up other Wordpress users who were encountering the exact same problem. The iframe code was inserted directly into posts, but by what means, nobody seems to be sure. I will—shamefully—admit that both my WordPress admin and FTP passwords were pretty weak, and could have been brute-forced pretty easily. They’re much stronger now, and I’ve updated to WordPress 2.8, and the three posts here that contained the offending code have been cleaned. I haven’t seen any new malicious insertions since taking those steps, but I remain suspicious. If you see anything even remotely weird in the next couple of weeks here, let me know.
A cursory scan of hit logs indicates nobody has used the form in a while, but if you used the contact form to send me a message recently and got no response, your message was lost, and will have to be resent. I apologize for any inconvenience.
Today’s bot registered with a name of jacob73kolp and an e-mail address of jacobkolp@gmail.com. This brings the total of known bots to five:
It looks like I also found a CAPTCHA plugin that will work better than Skullbit’s, which worked only briefly on the test server and then simply refused to function properly thereafter. Hopefully this new one’ll be enough to keep the bots out. |
Wow. I really don’t update this thing much these days. I blame two things: general business at home and Facebook. It’s interesting, in a way, how Facebook has sapped the “will to blog” by providing a channel to constantly emit little bits of opinion here and there, acting much like a pressure cooker regulator- and lessening the perceived need to publish larger amounts here.
I’m not dead, and neither is this blog. Honest. Cross my heart. This summer has just been proving to be a lot busier than I ever expected it to be. It also didn’t help that I forgot my recently-changed admin password to Wordpress. D’oh.
For the last few weeks I’ve been baffled by Safari complaining that this site was a malware host. The most puzzling aspect of the whole ordeal was that the Safari/Google malware warning referenced the IP address 74.222.134.170, and not 208.97.175.192, where it actually resides. A direct
I know I haven’t been posting nearly as prolifically as I once did, and certainly these last three weeks or so have been something of a particular nadir (thanks to house renovations, the dojo, and the thrice-cursed vortex of time men know as Facebook), but this week it will sink to an all-time low of zero posts; I’ve got the week off and am heading out with the family to Disneyland. Catch you all on the flip side, at which time I promise to be a little more verbose.
It appears that the site’s 
My posts about WordPress spambot registration have generated a surprising amount of traffic to this site. While few, if any, of those visitors are actually hanging around after the fact, I’m getting enough hits that I figure I’m doing the WP community some tiny bit of good by raising what alarm I can.