$1.579

Why have I been so silent of late? Well, aside from fighting the spambombers — and I’m having fun with that! — I’ve been redesigning some things on the site.

Obviously, there’s a few formatting changes on the front page, but the biggest part of the redesign is the photos section. Go ahead — click on my photo album link, and see the changes.

There’ll be more changes to come — nothing too earthshattering — but I’m getting very interested in the design of the site, and how to make it nicer, and show off some of my photography.

Enjoy!

Well, my efforts to be a kinder, gentler blogger have failed, and now, I have the fantastic opportunity to completely blacklist a whole domain: Everyone’s Internet. These guys are apparently a hosting service with tens of thousands of servers, and based on what I’ve seen, there’s nothing good brewing in Houston, where the company is based. So, to paraphrase Psycho in Stripes, they’ve just “made the list.”

What’s humorous to me is that EV1 is one of the few companies who have succumbed to SCO’s pressure to get Linux users to license Linux from them. I guess who get who you sleep with…. or something like that! 🙂

As I did my searches on this company, I discovered Josh Woodward and his fight against the company. His solution is, shall we say, unique, although I question how long it would work. However, I bet he sleeps well at night knowing he’s maybe irritating the hosting company of a least a few blogspambombers.

This morning’s entry into Phydeaux’ Spam Hall of Fame is an outfit trying to sell me cheap cigarettes….. from Isreal! Really, I have to assume that the shipping would kill you, if the cigarettes didn’t.

What really bites is that the spammers decided to put one of their little comments on the entry for Dad’s burial. Given the root cause of his death — 40+ years of cigarettes — this just opens the seam on those emotions a bit more again. I have no use for, and, in my immediate family, no tolerance for that habit. It’s cost me way too much, and I can’t…. or don’t want to… go through another senseless, preventable ordeal like Dad’s.

Spam words, specifically.

Starting yesterday, a spammer has started hitting my site with increasing frequency. While the level of hits weren’t huge, it was inconvenient, and I set about tonight stemming the flow before it got any worse. There were a few links that proved to be valuable in providing pieces to help solve this little puzzle.

This link from the WordPress support area spoke to a blacklist plugin that looks very promising.

This link, also from the support area detailed a pretty good multi-pronged defense against the spambots.

I also found some nice theory at The Developer’s Corner concerning the creation, care and feeding of spider traps.

The meat for the spider trap, though, came from Strange, Geometrical Hinges. This is good stuff!

There’s even more goodies here to combat comment spam in a variety of ways.

Am I telling what I’ve done and how? Nope. That’d make it too easy. Now, I expect that anyone who is just running scripts to infiltrate my comment-base won’t care and wouldn’t read it anyway — that’s just too much effort. But, I’d hate to tip my hand either.

Of course, in a war like this, where my bandwidth and readers (both of ’em! 🙂 ) are assaulted by porn-mongers and casino riff-raff, the stakes will only get higher. Thanks to all those out there who are helping fight the fight and bringing benefit to those of us who are a bit more casual in our attentiveness!

I picked this little jewel up this weekend, after poking around trying to find some kind of NAS that would be live when the laptop is on the move. It’s tough to be tethered to the USB drives when I wanna be on the back deck editing photos! 🙂

The dings on the device are (from other’s reports) that it is tough to get a drive to format, and that the formatted drive is not Windows-compatible. The format isn’t of concern to me, as the drive(s) hanging off the NAS will be just that… NAS!

However, the format thing has been a bear. I finally got my USB drive to format using the built-in, web-based Linksys utility…… but, the message I got from the unit indicated that the format failed. For now, it seems to be working, but I don’t yet trust it.

So far, the device has been functional from the Windows side — easy to use. From the linux side, though, the story is different. I am having trouble mounting the filesystem to the linux box with permissions where non-root accounts can write to it. I could do everything as root, but that’s really not my preference.

There’s a ton of folks hacking on this little box, too. There’s a great deal of info coming out of batbox.org. Using some suggestions from there, I was able to turn on telnet on the unit (went to http://localdevice-IP/Managemenet/telnet.cgi and turned it on), which allowed me to login with ourtelnetrescueuser (using welcome as the password). I can see that the directories being created by the NSLU2 on the USB drive are correctly chmod’d, so my difficulty has to be somewhere in the mount process.

More tinkering to do……

UPDATE: I discovered the problem with my mount command. The correct command is
smbmount //NAS-IP/filesystem /mnt/nas-dir -o guest,rw,uid=guest,gid=everyone,fmask=777,dmask=777
That solved it!

Last night and tonight, I began working through an installation of Coppermine, and I have discovered it will do bitmaps!

I’m starting to get the Family Photos scooted over there, and then will work on the main photo gallery, if that makes sense to do. It looks like all the things I wanted out of a JAlbum/Gallery frankenstein are able to be supplied by Coppermine.

One thing I’ve learned in looking at the support boards for Coppermine is that the folks supporting the code have a short fuse, and little tolerance for anyone who hasn’t completely done their homework. Fortunately, I do a ton of searches before asking questions!

Tonight, I’ve installed awstats, which is a neat little apache log analyzer. When I was investigating who/what proxad.net was, I found someone using this tool, and it looks like just the kind of beasty I’ve been looking for to analyze what’s happening on the web server. The biggest pain so far has been combining all the apache logs from the various incarnations of the server over the last two years, and getting that log sorted chronologically so awstats would process it correctly. With any luck, the reporting will be done soon, and we’ll all be able to see what’s going on with the server’s stats. I expect it’ll show up in the menu to the right in the next day or so.

Today’s bit of web-weirdness comes to me from a goofy client (allegedly) in France and using the proxad.net network. From what I can gather, proxad may be an ISP, and they may provide free/cheap internet to folks in France.

However, this goofy little client that’s hitting me has been doing it since 5am, and appears to be walking through everything on the site in a more or less methodical fashion. I’m assuming it’s a ‘bot, as I see it request my robots.txt file occassionally. They’ve only slurped about 25Mb today — there’s only about 4Gb of content available here, so that oughta take ’em until March of next year! 🙂

No big deal to me at this point. It’s not killing anything, but it is making for weird stuff in the logs!

After spending a fair amount of time getting the family photos arranged for publication, I believe I have discovered that Gallery will not handle bmp files. Bummer.

Why bmps? Well, everything I scan, I prefer to store that way, rather than in jpg or png. Not a big deal, I suppose, and it takes more filespace, but that’s the path I chose.

I really want to use JAlbum. It’s been a faithful companion in my publishing endeavors, but it won’t handle bmp files either. It looks like the author is thinking about enhancing it to handle other file formats — including bmps — but that’s a ways off.

So, I am left with a few paths.

I could convert all bmps to jpgs. This takes time (not a huge amount), uses extra filespace (not a huge amount either).

I could work on my skin for JAlbum, and have it do something when it encounters a bmp file. That something could be convert to jpg (temporarily — probably using ImageMagick), and let JAlbum process the newly created jpg.

And, once I get the bmps handled, I still have functionality missing with JAlbum that exists in Gallery, and that is user feedback on photos. For the family photos section, I really want to have the facility for folks to tell me who people in photos are, and preserve some of their memories along the way.

JAlbum doesn’t have this. Gallery does. Neither support bmps from what I can tell.

I keep hearing about Coppermine…. I guess that’s the next one to check into. I really don’t wanna write a lot of code to bend something to my needs, or create something from scratch. At this point, I just wanna be an appliance operator and get the data out there.

$1.579

So, how did I get the porn spammer to leave me alone? The best answer would be to make a change at the firewall, denying the suspect IP addresses any access to my network. So far, I haven’t gone to that drastic a step.

The first thing I did was change the rules for comments in WordPress. I haven’t changed things to the point that all comments need approval, but if there are “magic words” or suspect IPs in the comment or fields, then that comment is quarantined until I can look at it. Strike one.

The next thing I did was make a change to my WordPress code to reflect a “site down” message if the request comes from suspect IPs. Strike two.

< ?php
$blocked_ip = array();
$blocked_ip[] = '1.2.3.4'
foreach($blocked_ip as $blocked) {
   $ip = $_SERVER['REMOTE_ADDR'];
   if($ip == $blocked) {
      echo "Site is down for maintenance.";
      exit();
   }
}
?>

The final thing I changed was in Apache’s configuration to deny serving any web pages to suspect IPs. Strike three.

Order Allow,Deny
Deny from 1.2.3.4
Allow from all

Now, that’s probably not a complete solution, but it seems to be working pretty well. The obvious maintenance is in adding suspect IPs in three places, but I suspect I can script that to make it pretty easy. Even if a suspect IP leaves an unwelcome message (presumably with some of the “magic words” in it), WordPress will supress it until I get a chance to take a peek.

There’s still a fair amount of manual labor to keep things safe — and I’m sure I should be flattered that the spam mongers have found my little site. Every one of these incursions, though, is a learning opportunity for me! 🙂