wordpress – Page 3 – Moby Files: Blog

Sa-kur-atee!

I’ve noticed a huge upswing in attempts to crack the admin account for my blog lately. Way more than usual. Its no secret I monitor my log-in records. Its an easy way to spot people up to no good. I use a legacy hack from an old version of WP. It records your key strokes at log-in, your IP, how many times you fail to log in, etc. If I notice someone with too may attempts they get a friendly email (if I recognize them) or their IP blocked (If I don’t).

I can’t help but wonder if my last post might have spurred them on. hehehe I keep a pretty good password on my admin account already. Plus, you only get 5 tries before the system blocks you anyway. ^[1]courtesy of a little plugin called User Locker If you can crack it in 5 or less tries, I probably deserve to be hacked.

As an extra precaution, I switched over to a different user account. You probably won’t notice anything different on your end. I figured one extra layer of protection wouldn’t hurt. The administrator account with WordPress comes with a default administrator account and you can’t delete it. That said, there is no reason you have to use it either. You can simply set the password to something incredibly complex and create your own account with admin privileges. Tip: If you use the same plugin mentioned above (or a similar one), incorrectly log into your default admin account until it locks up. Now its permanently locked until you reset your password by email or change it from your newer admin account. Most savvy bloggers do this already. ^[2]Or they should! I confess after I switched over to my new database last year I never got around to it. I know, BAD MOBY! lol

References[+]

References
↑1	courtesy of a little plugin called User Locker
↑2	Or they should!

Deleted II

I deleted over 100 user accounts from my blog today. Most were sp*mmers. On the odd chance I deleted a legitimate account in error, you can just re-register. I only block IP’s for known baddies. This is becoming a chore so if things continue on this vein, I’ll have to remove the 3rd-party log-in plugin. I had to adjust the security controls in wordpress for it work properly and now I’m getting a weekly hit of fake accounts.

I’m also taking suggestions/recommendations for a new sp*m blocker plug-in. My beloved SK2 is no longer supported. Its held up for over a year of newer and newer versions of WP with no problems but lately, cracks are showing. The WP code is changing so much I think its time to move on. I have akismet loaded but no running. I’ve read good reviews but I’d love to find another plug-in as good or better than SK2. Suggestions?

Third-Party Logins

Trying to get on the easy log-in bandwagon, I finally found a plug-in that allows (and actually works) users to log in using 3rd party accounts like Google, Yahoo, Openid, Blogger, etc. You’ll notice on the right side of the page a new section called 3rd party log-ins. I tested it and found it to be functional with a few caveats. If you are already a registered user, your log-in will still function from the sidebar or the log-in page.

Caveat #1

If for some reason leaving a comment invokes the captcha test, you will see the captcha but you’ll see some funny code regarding my header failing to load. Don’t fret, after you pass the captcha just reload my blog page and you’ll see your comment. This was already happening as I use a hack to rotate my header images.

Caveat #2

Sadly,I could not get the Facebook login to work. I tried very hard but it was beyond my understanding and I didn’t have the time or patience to sort thru it. I may revisit it later, but I have removed that option for now. Anyone familiar w/Facebook’s API’s and/or the RPX plugin I’m using, feel free to help a brother out. :p ***Update – I got it working, you can log-in using Facebook. It will not currently post activity to your wall but its a start. ***

Caveat #3

And lastly, none of the social log-ins will allow you access to hidden content on my blog. Gasp! I know. lol I can’t change that at current. There is no hand-off built in to allow private content on WordPress. Not that it really matters as I haven’t really been adding much of anything in that arena lately.

If you have any trouble, please email me directly at my email link, bottom right of page.

Work Around

Not being a PHP guru, I have given up trying to figure out why the import/export function of WP didn’t work correctly. After an exhaustive search of the forums, it seems to be a bug. It could also be related to the very reason I decided to start a fresh install of WP. In my first attempt, I was able to import 2005-2007. This is exactly where I encountered problems a couple years ago (and ever since) with upgrading WP versions.

Luckily, the old archive page was rendered with the full links so I was able to just copy/paste into a new page here. This neatly solves the problem w/o a whole lot of fuss!

New and Improved?

It looks like my reasons for starting with a fresh install were justified. When I imported last night, I got all of the posts thru 2007 but nothing beyond that. Obviously, that wasn’t gonna work so I deleted them from the new installation. I’m still tinkering with ways to import so they may come back into this installation.

There was a point during one upgrade around that time something funky happened. I think my DB got corrupted somehow. Every upgrade on my old blog since has had problems. The irony is all my old categories came thru onto this one. ^[1]Remember, my last upgrade lost a ton of categories WordPress as a blogging platform has matured signficantly since then so I’m happy with the newest version.

Never fear the old blog is still active under blog.mobius.name (or the long url of www.mobius.name/blog/) and will remain so. I’ll probably come up with a way to pull the archive into this blog. After reading the support forum files there were some serious issues w/the export/import option for larger blogs like mine. I knew that going into it so no surprise there.

Anyway, it is a new year and a new blog. This template is only temporary until I settle on one I really like. Things will be missing or odd for a couple weeks till I get settled probably.

I also plan to manage the user list more closely in this one. The last group got so weildy as to be a mess. There will still be content restricted to registered users but that will be a few weeks. lol

Wish me luck?

References[+]

References
↑1	Remember, my last upgrade lost a ton of categories

Hiya World v2.0

Well, if you have arrived at this post, you have either correctly updated your links to my blog or you bounced over from the old blog. Either way, welcome back!

Never fear, I plan to import all of the old stuff. The old blog archive can be found here.

Things may look a little funny for a few day. Give a boy time for christ’s sake! lol

Update Request

If you link here in any fashion, please take a moment to update your link for me if you haven’t already done so. I have decided to fold my main domain and my blog into one site. I will keep the old .name link active but only as an archive in the event the export/import of my existing posts fails. Once I switch over completely, no new entries will show under the old domain(s).

The new link is http://www.sfmoby.us

While I’m at it, I am working with a fresh installation of WordPress. My current DB has become quite cluttered with old tables left behind by deleted and unused plug-ins. With the advent of v2.7, this will become obsolete as they are incorporating an option to “uninstall” a plug-in vs just deleting its operating files.

I will attempt to import all of my existing database however, if that doesn’t work I will simply keep the old link alive as an archive. ^[1]I’ve also made a backup just in case all hell breaks loose. heehee

References[+]

References
↑1	I’ve also made a backup just in case all hell breaks loose. heehee

Update Request

The new link is http://www.sfmoby.us

I will attempt to import all of my existing database however, if that doesn’t work I will simply keep the old link alive as an archive. ¹

I’ve also made a backup just in case all hell breaks loose. heehee

New Look?

I’m tinkering with a new theme. Whaddya think? Yes, I know the links on the side are dead at the moment. If I can add the header images back and update the sidepage tabs I might just keep it.

OH, and if you use an openid login, please try it and see if it works.

*update – people seem to be having trouble with the comments AND the design so back to the old one for now.*

Finally!

I finally finished back categorizing all my posts. ^[1]Well 1 or 2 might have slipped thru but I can’t be bothered to worry. I didn’t actually lose as many as I had thought in the last upgrade. I also discovered a few posts were saved but never published. If you are a subscriber and get weird emails from me for posts from years ago, feel free to ignore.

I think I figured out the problem w/my categories. Somehow I had not one but two database tables for categories. *closed eyes* I nixed one. *peeking thru one eye* So far so good.

So far I’m liking the newer version of WordPress. The user interface seems a tad faster. The layout is a bit different but overall nice. It does takes a little getting used to. After the drama I went thru during my last upgraded, I decided to wait a while before I trying again. I’d never had any trouble before and to be honest I think the error was on my part. Regardless, I’m back up to par.

I guess I get to keep my geek card now.

References[+]

References
↑1	Well 1 or 2 might have slipped thru but I can’t be bothered to worry.