i summon one kim

For a long time now I’ve removed the generator meta tag from all WordPress installations I’ve setup. Mentioning WordPress is just honey for the bees. Since I removed the meta tags the amount of spam has decreased remarkably. Posts about WordPress are targeted much sooner and for much longer than other posts.

Starting with WordPress 2.4 the generator information is inserted by the core code, as opposed to the theme. This means that the meta tag will reappear even if you have removed it from your theme. However, this is actually a good change, because now you can disable the tag not only from the HTML pages generated by the theme, but also from all other formats WordPress outputs. The information is created by a couple of functions centrally instead of scattered instances through the code.

I’ve created a plugin to accomplish this: No Generator works with the trunk code from svn, and will work with 2.4 once it is released.

WordPressin versio 2.2.3 on tietoturvapäivitys. Sen asentamista suositellaan välittömästi.

Lataa suomenkielinen WordPress 2.2.3

Lisätietoa englanniksi: korjatut bugit ja muuttuneet tiedostot.

I ran into a model symptom of lacking multicast support with IPv6: a system wouldn’t answer to IPv6 traffic it didn’t initiate. But unless you’ve run into the problem before and managed to diagnose it successfully, you might not realize it’s about multicast.

It was my second Debian Linux system with IPv6 connectivity that gave me a start. I built one more system and got the same results. I could have sworn the first one had worked fine without any tricks. I considered it, but decided I’d rather not abandon IPv6 on Linux. After all, I had it running on all the other platforms (NetBSD, Mac OS X, Windows). (more…)

What am I doing wrong? I’m using svk to mirror a public svn repository. I use a local copy of the mirror for committing my changes for testing on my own sites before proposing patches for upstream. When I want to merge in upstream changes, I end up losing all my local changes as well. This is not supposed to happen! (more…)

Suomenkielinen WordPress on taas ajan tasalla. Versiot 2.2.2 ja 2.0.11 julkaistiin 3 tuntia sitten englanniksi ja sisältävät tietoturvaan liittyviä korjauksia. Suomenkieliset versiot niistä voi nyt ladata suomenkielisen WordPressin kotisivulta:

http://kimmo.suominen.com/sw/wordpress-fi/

Itse törmäsin päivityksessä palvelimen oletusasetusten tuomaan yllättävään lisäongelmaan. (jatkuu…)

I never seem to be able to remember this, and somehow I end up with new Windows installations without this change:

netsh interface ipv6 set privacy state=disable

This will disable temporary IPv6 addresses. These are especially nasty on desktop systems, where the address will expire from under you. If you find yourself having to restart your SSH terminal connections every 14 hours to 6 days, this is why (as far as I can tell).

I really don’t buy the privacy aspect of generating random IP addresses. If you worry about eavesdropping, encrypt your traffic. If you worry about someone tracking your traffic patterns, stop browsing those questionable sites. :)

Jos olet ladannut (englanninkielisen) WordPress 2.1.1 -version käyttöösi, päivitä blogisi heti versioon 2.1.2. Yhdellä WordPress.orgin palvelimista version 2.1.1 jakelutiedosto oli vaihdettu muutettuun versioon.

Muutettu versio sallii PHP-koodin suorittamisen palvelimella verkon yli. Tarkempi kuvaus tapahtumista ja ongelmasta on WordPressin Developer Blogissa.

Tämä ongelma ei koske sivuillani jakelussa olevia suomenkielisiä WordPressin versioita.

Suomenkielisestä versiosta puheen ollen: pyrin saamaan version 2.0.9 jakeluun ensi viikonloppuun mennessä. Versio 2.1.2 joutuu vielä odottamaan, mutta on se jo kiivennyt tehtäväluettelossa ylemmäs.