I. Background Recent attacks against the WordPress Content Management System have prompted reminders of the recommendation that you should make sure you are running the newest version of the WordPress system. When you download WordPress, you can also download the WordPress MD5 signature so that you can double check that the downloaded file has not […]
Archive of posts filed under the Technology category.
What Is This? A WordPress Attack Using “PLM”
One of my sites had this very odd entry in it’s log from overnight: (actual URL changed) http://www.example.com/2005/06/24/title-in-here/%2B%25255bPLM=0%25255d%2BGET%2Bhttp:///2005/06/24/title-in-here/%2B%25255b0,16925,26735%25255d%2B-%25253e%2B%25255bN%25255d%2BPOST%2Bhttp:/wp-comments-post.php%2B%25255b0,0,349%25255d If you do the hexadecimal recoding a couple times you end up with: http://www.example.com/2005/06/24/title-in-here/+[PLM=0]+GET+http:///2005/06/24/title-in-here/+[0,16925,26735]+->+[N]+POST+http:/wp-comments-post.php+[0,0,349] And if you assume the plus marks are actually spaces: http://www.example.com/2005/06/24/title-in-here/ [PLM=0] GET http:///2005/06/24/title-in-here/ [0,16925,26735] -> [N] POST http:/wp-comments-post.php [0,0,349] What is this […]
TV Converter Box Coupon
I still watch TV using regular old rabbit ears. We have two TVs in the house, one in the living room, and one in the basement. They work fine, and are each over 15 years old. So a couple months ago when the U.S. Department of Commerce allowed people to apply for up to two […]
Setting the WordPress 2.5 Secret Key
I’ve been exploring the WordPress 2.5 Release Candidate 1. I found a few bugs that are probably related to AJAX or javascript under Safari 3.04. I made a few suggestions and comments for part of the new design aspect of the Administrative section. But one interesting thing I haven’t seen mentioned anywhere is WP 2.5’s […]
ShaBlastBot Spider Considered Abusive
While perusing my apache logs, I ran across a lot of requests from a bot with the user-agent of “ShablastBot 1.0” and all came from the IP address of 67.228.100.141. Reverse IP shows that 67.228.100.138 67.228.100.139 67.228.100.140 and 67.228.100.142 also resolve to shablast.com. One significant problem appears to be it doesn’t correctly parse out feed: […]
MS Office Discussion Bar
I’ve started watching my web server logs more closely, and found several requests for /_vti_bin/owssvr.dll and /MSOffice/cltreq.asp. Examples: /_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=6551&STRMVER=4&CAPREQ=0 /MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=6551&STRMVER=4&CAPREQ=0 Apparently, these requests are caused by someone using IE with the Discussion Bar turned on. I wonder why IE isn’t smart enough to read the headers to see that I’m not running a Microsoft web […]
WordPress TimeZone Handling is Ridiculous
This is 2008. Why in the world does WordPress not know how to shift it’s internal clock when Daylight Savings Time starts or ends? If the server itself can do it, why can’t WordPress? Heck, my VCR can even automagically adjust by an hour twice a year. I was going to write a plugin to […]
Verizon’s New Terms of Service
Verizon emailed me on the 29th letting me know about their new terms of service for my DSL connection. The new terms go into effect on Tuesday, March the 4th. They can be found at http://www2.verizon.net/policies. I hope no one wants to contribute to any adult sections of the Internet, you can’t do that according […]
To Fight or Not To Fight a CyberSquatter
I recently discovered that one of my active web sites’ domain names has attracted the attention of a cybersquatter. I emailed the address on the page, which bounced. So I poked around a bit and found another email address. I emailed that address and got a polite note back. I asked if I could purchase […]
Comment Spam Increase This Week
Has anyone else noticed a large increase in the amount of comment spam that Akismet is missing this week? I’ve tagged and deleted more comment spam in the past week than I have in the past 6 months. I would guess across all of my WordPress sites, I’m manually tagging 10 messages a day. That […]