February 25th, 2009 by Elliott Back
I hate nothing more than showing up on a forum article by Turkish spammers about how to get backlinks. Clearly they’re well behind the times, as not only are all my blogs nofollow, but also I delete spam with vigour. The article in question (run through Google translate) says roughly:
5 ** 6 ** 6 PR 2 PR 10 Backlink PR4 and More
Foreign blogs and comment areas banclink hear or see her friends are and I did some research for you own emegimdir from anywhere you can quote me degildir.azc?k ingilizce is complete and the site name, e-mail them your name, and then thanks to write your thank you is enough
Spam Plugin for WP Hashcash by Wordpress Plugins -> pr6
Subscribe to Comments 2.1 Tempus fugit -> pr6
Better Comments Manager – Wordpress Plugin release -> PR5
Subscribe to Comments 2.1 Tempus fugit -> PR5
Yeah, no. Saying “thanks” and spamming your link is not enough you morons. Stop spamming. For those interested, the signatures in the logs vary, it’s not particularly easy to block this kind of spam, since human are submitting it manually. You could slowly start banning referrers from known sites:
220.127.116.11 – - [25/Feb/2009:16:49:20 -0500] “GET /hashcash/ HTTP/1.1″ 200 11459 “http://www.r10.net/dmoz-ve-diger-dizinler/298686-2-page-ranking-6-6-page-ranking-5-10-pr4-ve-daha-fazla-backlink.html” “Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:18.104.22.168) Gecko/2009011913 Firefox/3.0.6 GTB5″
22.214.171.124 – - [25/Feb/2009:16:49:21 -0500] “GET /wp-includes/js/comment-reply.js?ver=20081210 HTTP/1.1″ 200 864 “http://wordpress-plugins.feifei.us/hashcash/” “Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:126.96.36.199) Gecko/2009011913 Firefox/3.0.6 GTB5″
188.8.131.52 – - [25/Feb/2009:16:49:21 -0500] “GET /wp-content/themes/db/style.css HTTP/1.1″ 200 2491 “http://wordpress-plugins.feifei.us/hashcash/” “Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:184.108.40.206) Gecko/2009011913 Firefox/3.0.6 GTB5″
It’s too bad that Wordpress plugin and theme authors appear to be specifically targeted, as we’re generally a very spam-hating crowd.
Posted in Spam | 8 Comments »
December 4th, 2008 by Elliott Back
It all started several years ago when Wordpress 1.5 automatically decided to add the “nofollow” attribute to all commenter’s links. Suddenly, the interlinked blog community became much less powerful, as Google no longer would treat comments as counting towards its rankings. Naturally, this upset bloggers, who retaliated by removing this new feature from Wordpress with no nofollow, or dofollow, plugins.
The dofollow plugin from i summon one kim is simple; it removes the nofollow attribute from comments left on your blog. It is configurable to allow thresholds before the nofollow is removed, and/or apply different rules for logged in or registered users. Another popular alternative is Lucia’s Link Love.
DoFollow Blog Lists
Now it’s all in vogue to present massive lists of blogs and websites which you can coerce to give you a link without the hated nofollow tag. Several examples of which include:
The Ultimate List
Blogs that Follow
List of Blogs
More than 250 such
List of dofollow forums
DoFollow Search engine
There are even custom Google search appliances which both (a) return revenue to their creators when we use them, and (b) point us to targeted dofollow posts. I’m not sure how Google will combat this, except to migrate everyone onto nofollow… at which point it will have become a useless tag, because every link is using it.
It would be ironic if I used the above to find dofollow posts about dofollow to promote this post.
I actually tried out Fast Blog Finder; it’s a pretty slick product. It lets you scrape a number of search engine results for queries you enter, and returns you a list of classified (follow, nofollow) blogs for you to comment on. You can even leave comments from inside the software–it has a built in IE component. Here’s a tutorial post on how it works.
Posted in Blogging, SEO | 5 Comments »
June 7th, 2008 by Elliott Back
So this is a cute comment I got, a trackback spam that’s also a SQL injection exploit for Wordpress. Check it out:
Website: ‘ AND 1=0) UNION SELECT 1 FROM wp_users WHERE user_login=’admin’ and substring(reverse(lpad(conv(substring(user_pass,8,1), 16, 2),4,’0′)),4,1)=’1′ /* (IP: 220.127.116.11 , svservers.com)
It appears to be a known-cryptotext or weak-hash exploit against Wordpress looking for an admin password with an obvious signature. Cute.
Posted in Spam | 10 Comments »
May 10th, 2008 by Elliott Back
Darren recently mentioned that he has been receiving a pointless kind of spam in the last couple days he is calling GUID Spam:
I’ve been getting a new species of comment spam. They’re meaningless strings of numbers and letters, often without links. I’ve been calling it GUID (globally unique identifiers) spam because that’s what they most resemble.
I’ve been seeing it too:
Website: 5d0813b34159 (IP: 18.104.22.168 , gw1.ovh.net)
URI : 5d0813b34159.us
Website: 68c95c8a9410 (IP: 22.214.171.124 , srv.anony-mous.info)
URI : 68c95c8a9410.us
Website: 853bf2b234ad (IP: 126.96.36.199 , 188.8.131.52)
URI : 853bf2b234ad.us
Website: 087f722478aa (IP: 184.108.40.206 , TE01.techentrance.com)
URI : 087f722478aa.us
Website: 655dec378813 (IP: 220.127.116.11 , corsica.websitewelcome.com)
URI : 655dec378813.us
This kind of spam looks like a partial md5 sum of the URL, or it could just be random. Perhaps the spammer is using compromised hosts to drop these tags, and then coming back over time to see when they are removed, or if they stay up forever. That would give him a list of possible sites to spam in the future.
Posted in Spam | 1 Comment »
March 28th, 2008 by Elliott Back
I had the pleasure of getting a spam comment from a manual Russian spammer:
I completely agree with all that here is told
You can see that this is actually a human from the log:
18.104.22.168 – - [28/Mar/2008:09:12:42 -0400] “GET /hashcash HTTP/1.1″ 200 7439 “-” “Opera/9.26 (Windows NT 5.1; U; ru)”
22.214.171.124 – - [28/Mar/2008:09:12:44 -0400] “GET /wp-content/themes/db/style.css HTTP/1.1″ 200 2646 “http://wordpress-plugins.feifei.us/hashcash” “Opera/9.26 (Windows NT 5.1; U; ru)”
126.96.36.199 – - [28/Mar/2008:09:12:46 -0400] “GET /wp-content/uploads/2008/01/hashcash.png HTTP/1.1″ 200 59975 “http://wordpress-plugins.feifei.us/hashcash” “Opera/9.26 (Windows NT 5.1; U; ru)”
188.8.131.52 – - [28/Mar/2008:09:14:58 -0400] “GET /favicon.ico HTTP/1.1″ 200 1330 “http://wordpress-plugins.feifei.us/hashcash” “Opera/9.26 (Windows NT 5.1; U; ru)”
I highly doubt an efficient bot network would GET requests on my favicon, theme stylesheet, and images. My second spammer sent me this:
Author: penis enlargement
Natural herbal health care medicines, Articles, informations and daily updated health concerns issues and their solutions for better health and better life. www.naturalherbalz.com
If you look at their logs, it is incredibly clear what is happening here:
184.108.40.206 – - [28/Mar/2008:10:02:46 -0400] “GET /hashcash/ HTTP/1.0″ 200 7511 “http://www.google.com.pk/search?q=powered by wordpress blogs comments add url” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:220.127.116.11) Gecko/20080311 Firefox/18.104.22.168″
22.214.171.124 – - [28/Mar/2008:10:02:50 -0400] “GET /wp-content/themes/db/style.css HTTP/1.0″ 200 2646 “http://wordpress-plugins.feifei.us/hashcash/” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:126.96.36.199) Gecko/20080311 Firefox/188.8.131.52″
184.108.40.206 – - [28/Mar/2008:10:02:51 -0400] “GET /wp-content/themes/db/img/bg.jpg HTTP/1.0″ 200 8203 “http://wordpress-plugins.feifei.us/wp-content/themes/db/style.css” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:220.127.116.11) Gecko/20080311 Firefox/18.104.22.168″
This manual spammer searched for “powered By Wordpress blogs comments add url,” came to my site, and submitted his spam comment. So spammers are targeting Wordpress as a platform with cheap labour in foreign countries to post spam comments.
Posted in Spam | 40 Comments »
July 28th, 2007 by Elliott Back
I came across this list of dofollow blogs today and was, well, frankly astonished. The point of the nofollow attribute on links was to reduce comment spam by removing the search engine optimization incentive of improving your ranking by getting a free link. Of course, those who didn’t support the standard argued that it stifled conversations on the blogosphere by penalizing regular comments and spammers alike.
This list of blogs (and other like it) could help introduce you to a sector of the blogosphere which you feel more comfortable working in if you want credit for your comments. It could, but that’s probably not it’s primary purpose.
No, yet again, the great wheel of spam continues to roll as people looking for a few easy links are picking out sites in their niche they know have either do-followed their comments or are running really old blogging software.
Posted in Spam | 27 Comments »
May 27th, 2007 by Elliott Back
The theme that I’m using for this site includes the following amusing snippet in its license.txt file:
This template is licensed under a Creative Commons Attribution 2.5 License. This means that you are free to use and modify it for any purpose, but you must include the provided link back to my website. I have agreed to let users remove the link for a fee of $20. Removing the link (not paid for) is the same as breaking the law and action can be taken against you.
This of course, flies in the face of the GPL license that Wordpress itself ships with:
You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.
If that wasn’t clear enough, GNU explains that “modules [that] are designed to run linked together” constitute combined code. So, any theme, plugin, extension, or hack currently existing that I know about which uses the Wordpress API falls under the GPL license. The key point for this is that Wordpress does not include a special exception for themes. Matt Mullenweg (the creator of WP) hit the nail on the head in a forum thread:
Themes link and use lots of internal WordPress functions, which make them linked under the GPL and subject to being a GPL-compatible license.
If a theme (or a plugin) used no internal WP functions or APIs, then it could probably be considered independent, but that would be really really hard for a theme.
For more about Sponsored Links and Wordpress Themes, check out:
In a new post on the Wordpress blog, Themes are GPL, too, Matt Mullenweg speaks out to clarify the themes as GPL discussion:
Specifically, the CSS files and material contained in the images directory of the “default” theme are works separate from the WordPress code. On the other hand, the PHP and HTML code that is intermingled with and operated on by PHP the code derives from the WordPress code.
Posted in Wordpress Proper | 24 Comments »
May 25th, 2007 by Elliott Back
Some of you might know me from my other blog, Elliott Back dot COM, but for those of you who don’t, I’m just another blogger who writes plugins for WP when he’s bored. Unfortunately, the ones on my main blog are either (a) out of date or (b) not maintained. They’re also impossible to find, since they’re not categorized into their own little group.
That’s where WP Plugins (this site) comes in. We’re a place to aggregate, test, and maintain all the Wordpress plugins you love.
As I migrate and upgrade each of my old plugins, they will inherit a unique site url, so they’re always in the same place. No more version 0, 1, 2, 3 in five different posts with an emergency patch on the sixth. One plugin, one location.
To get you guys started, here’s a brand-new treat: WP Pingdom. Pingdom watches your site by periodically downloading a page and recording how long it took to access, whether the page is up, etc. Most people use it for downtime, so we wrote a Widget that will let you display your up/down time live on your blog. Check it out, it’s in our sidebar!
Posted in Site News | No Comments »