Hiding from spammers

Written at lunch time in English • Tags: ,

For a long time now I’ve removed the generator meta tag from all WordPress installations I’ve setup. Mentioning WordPress is just honey for the bees. Since I removed the meta tags the amount of spam has decreased remarkably. Posts about WordPress are targeted much sooner and for much longer than other posts.

Starting with WordPress 2.4 the generator information is inserted by the core code, as opposed to the theme. This means that the meta tag will reappear even if you have removed it from your theme. However, this is actually a good change, because now you can disable the tag not only from the HTML pages generated by the theme, but also from all other formats WordPress outputs. The information is created by a couple of functions centrally instead of scattered instances through the code.

I’ve created a plugin to accomplish this: No Generator works with the trunk code from svn, and will work with 2.4 once it is released.

Suomenkielinen WordPress 2.2.3

Kirjoitettu puoliltapäivin suomeksi • Tägit:

WordPressin versio 2.2.3 on tietoturvapäivitys. Sen asentamista suositellaan välittömästi.

Lataa suomenkielinen WordPress 2.2.3

Lisätietoa englanniksi: korjatut bugit ja muuttuneet tiedostot.

The bridge kludge

Written late in the afternoon in English • Tags: , ,

I ran into a model symptom of lacking multicast support with IPv6: a system wouldn’t answer to IPv6 traffic it didn’t initiate. But unless you’ve run into the problem before and managed to diagnose it successfully, you might not realize it’s about multicast.

It was my second Debian Linux system with IPv6 connectivity that gave me a start. I built one more system and got the same results. I could have sworn the first one had worked fine without any tricks. I considered it, but decided I’d rather not abandon IPv6 on Linux. After all, I had it running on all the other platforms (NetBSD, Mac OS X, Windows). (more…)

Version non-control

Written early in the evening in English • Tags:

What am I doing wrong? I’m using svk to mirror a public svn repository. I use a local copy of the mirror for committing my changes for testing on my own sites before proposing patches for upstream. When I want to merge in upstream changes, I end up losing all my local changes as well. This is not supposed to happen! (more…)

WordPress 2.2.2 ja 2.0.11 suomeksi

Kirjoitettu puoliltapäivin suomeksi • Tägit:

Suomenkielinen WordPress on taas ajan tasalla. Versiot 2.2.2 ja 2.0.11 julkaistiin 3 tuntia sitten englanniksi ja sisältävät tietoturvaan liittyviä korjauksia. Suomenkieliset versiot niistä voi nyt ladata suomenkielisen WordPressin kotisivulta:


Itse törmäsin päivityksessä palvelimen oletusasetusten tuomaan yllättävään lisäongelmaan. (jatkuu…)

Version 3.0 of the DoFollow plugin can differentiate between comments left by registered users and other visitors. (more…) (4)
One of the recent posts has been showing up as new over and over again on feed readers. I narrowed the problem down to the email address obfuscation in Markdown & Extra. I just upgraded to a more recent version (two new versions had come out since the beginning of December), and one of the changes is that the obfuscation algorithm is now deterministic instead of random. So you should see that article pop up once more as new, if you are reading through the feed, and then never again.
I’ve just upgraded to WordPress 2.1.3-alpha on this site, and haven’t been around everywhere to fix things. Expectedly everything to do with links is broken, but there could be other things, too…

Disabling temporary IPv6 addresses

Written early in the evening in English • Tags: , ,

I never seem to be able to remember this, and somehow I end up with new Windows installations without this change:

netsh interface ipv6 set privacy state=disable

This will disable temporary IPv6 addresses. These are especially nasty on desktop systems, where the address will expire from under you. If you find yourself having to restart your SSH terminal connections every 14 hours to 6 days, this is why (as far as I can tell).

I really don’t buy the privacy aspect of generating random IP addresses. If you worry about eavesdropping, encrypt your traffic. If you worry about someone tracking your traffic patterns, stop browsing those questionable sites. :)

WordPress 2.1.1 on vaarallinen

Kirjoitettu aamulla suomeksi • Tägit:

Jos olet ladannut (englanninkielisen) WordPress 2.1.1 -version käyttöösi, päivitä blogisi heti versioon 2.1.2. Yhdellä WordPress.orgin palvelimista version 2.1.1 jakelutiedosto oli vaihdettu muutettuun versioon.

Muutettu versio sallii PHP-koodin suorittamisen palvelimella verkon yli. Tarkempi kuvaus tapahtumista ja ongelmasta on WordPressin Developer Blogissa.

Tämä ongelma ei koske sivuillani jakelussa olevia suomenkielisiä WordPressin versioita.

Suomenkielisestä versiosta puheen ollen: pyrin saamaan version 2.0.9 jakeluun ensi viikonloppuun mennessä. Versio 2.1.2 joutuu vielä odottamaan, mutta on se jo kiivennyt tehtäväluettelossa ylemmäs.