Archive for wordpress

upgraded to wordpress 2.2.2, with theme template messed up

August 12, 2007 at around evening time · Filed under site search, site_news, wordpress

I did a in-place upgrade to wordpress 2.2.2 for this blog ten minutes ago. It was a breeze as usual. I felt good that I finally could find time to catch up with security patches from Wordpress.org.

This site uses almost-springs-adsense-02 theme, with my own tweaks. One of the tweak, google search at the top of the side bar suddenly overgrew and shadowed the body of the blog. Here is a ugly screenshot. Read the rest of this entry »

Comments

to the Wordpress dev team : why not just sign it digitally?!

April 5, 2007 at around evening time · Filed under GnuPG, HIDS, IDS, digital signature, information security, intrusion detection system, wordpress

I was rather perplexed when I read the latest wordpress 2.1.3 release post. Therein, the dev team reported that they’ve taken the trouble reviewing the code base for security enhancements and whatnot. In an eh-by-the-way style P.S.,  an update was provided for the recent code tainting led by server account compromise. Read the rest of this entry »

Comments (6)

site upgraded minimally to wordpress 2.1.3 from 2.1.2

April 5, 2007 in the early evening · Filed under information security, live journal, site_news, wordpress

Finally got some time tonight to upgrade the wordpress server software powering this site to the latest release 2.1.3.  This is to take advantage of the security enhancements, except  those for xmlrpc.php. The latter had been removed from this site, as recommended by my articles (part I & part II) on how to secure a LAMP server such as a wordpress server. Read the rest of this entry »

Comments

how to use mod_rewrite to counter TrackBack spam-bot

March 19, 2007 at around evening time · Filed under apache, spam, wordpress

This blog (www.supportsmb.com) received a bunch of spam comments recently. The commenter’s URL looks normal. When you click on the URL, however, it redirects to a search engine to query for ’sex’. To counter comment spam, I initially  tried to install secureimage plugin and had trouble forcing it to behave. This stream of spam is difference, since it is by trackback.

When it first started, I changed the URL to some neutral URL such as www.google.com.  Once I realized that the commenter’s name itself is tainted & loaded as well, I ended up deleting or marking them as spams. This routine got old really quick. I took a look at the web server log and found a common pattern for these spam comments.

Read the rest of this entry »

Comments (196)

what’s the best way to write a live journal using wordpress?

March 6, 2007 in the late afternoon · Filed under live journal, wordpress

Earlier last month, I started to write a live journal about this “young” self-hosted wordpress blog. It started as a regular blog post. So far, I manually added new journal entries with a raw date stamp and edited the post body for updates. However, this routine got old pretty quick, since one has to manage/post/search/edit every time. Thinking aloud, I guess there are viable alternatives available.

A few options I can think of right now are listed below:

  1. a static page and manually update the page with journal entries. (Con: not interactive. no category) Read the rest of this entry »

Comments (13)

« Previous entries · Next entries »