Since I’m at WWDC, all the bugs I’m filing this week are Leopard bugs. That means that their contents are under NDA, so I can’t post them on the web. Thus, there will be no ABF this week.
ABF will return next week with at least two bugs! And yes, they will both be Tiger bugs.
I’ve reset the NTT counter at 26,445 spams. Once again, next month will bring another count of spams-per-month.
I think I’ll do this every month and establish a trend. Maybe find some free graphing software and plot a graph with the counts.
I just moved the blog feed over to FeedBurner. It’s a permanent redirect, so your reader should handle the move for you, but it doesn’t update in Vienna. Please make the change yourself (and if you’re using some other reader, make sure it updated)—otherwise, you’re just bouncing off my server every half hour for no reason. Thanks.
Simone Manganelli, on his blog Technological Supernova, which I apparently link to a lot (just kidding!), presents a breakdown of pages that link to his blog. So, always one to jump on a fun-looking bandwagon, here’s my implementation of the same thing…
As of r58, you can now tell Negative Turing Test to delete spam comments instead of marking them as spam. (This is in the NTT Options pane.)
I just turned this on here. It worked fine on the test post; we’ll see how well it works in real usage.
Oh, and in case you ever need to delete a comment from a WP plug-in: Use wp_set_comment_status. I thought for so long that WP had no programmatic way to delete comments—now I know that it does.
One of Negative Turing Test’s most recent features is a counter of how many spams it eats. I added this feature last month, and made a note to reveal today what it got up to.
The number of spams blocked by NTT from 2007-02-12 to 2007-03-12 is:
6,220
I should probably get around to making it delete those…
A different brand of weird this time:
Make up your mind?
Screenshot of Technorati:
Hmmm…
UPDATE 2007-01-25 00:08 PST: I just checked. It’s fixed now.
UPDATE 4:45: Ricardo Galli, the author of WP-Cache, has accepted my patches and released WP-Cache 2.0.20 incorporating them (along with one other fix).
I use the WP-Cache plug-in here on the blog in case that anything I post here should get dugg/linked-listed/reddited/etc. Over on Jeff Johnson’s blog, Scott Stevenson says:
… Vienna … seems to get confused on these:
- ⋮
- feed://boredzo.org/blog/feed/atom/
This prompted me to run my Atom feed through the Feed Validator. It mentioned that I was using the “copy” named entity reference and that that was undefined; that was easy enough to fix. It also mentioned that my feed was being sent as text/html.
Wait, what?
Sure enough, curl -D /dev/stdout -o /dev/null revealed that my feed was being sent as text/html; charset=utf-8. I looked in wp-atom.php (I use Jeff Johnson’s Atom 1.0 version, in case you’re wondering), and saw that it was indeed promising application/atom+xml. Funky.
I did something or other to wp-atom.php, then reloaded the Feed Validator. Imagine my surprise to discover that — in addition to still saying text/html — it still had the “copy”-entity-reference error!
Then I remembered that I use WP-Cache, so it was retrieving a cached copy of the feed. So I went to the WP-Cache Manager and dropped the cache. OK, curl says application/atom+xml now, so I went back to the Feed Validator.
Still text/html!
I tried curl again. Sure enough, it was back to text/html. WTF?
I also noticed this other symptom: When I loaded it freshly after dropping the cache, it had a bunch of headers like “Cache-Control” and “Expires”. I didn’t know those were there. When I loaded it again (from the cache), those headers — among others — were missing.
The verdict was clear at this point: WP-Cache was eating my headers.
Further investigation confirmed the diagnosis, and several hours of even further investigation revealed the nature of the bugs (plural) that resulted in it:
I have filed two tickets, each with a patch. I’m running with both patches now, and I provide the links to them so that you may run with them too. (The second patch fixes both of the problems above; the first patch is for an unrelated bug that I fixed while I was there.)
As work on the Negative Turing Test WordPress plug-in progresses — currently, the Options panel should work, though I haven’t had the opportunity to test it yet — I find myself wondering what would be a good challenge to which commenters must respond.
Here’s my current front-runner:
The eighth word in this sentence is wrong. Change it to be right.
Any other suggestions?
I’m going to be working on the comment spam problem today. Attempt #1 is adding a Turing test to the comment form; you might not be able to comment while I’m debugging it. I’ll update this post when it’s all working.
UPDATE 2006-12-16: I’ve decided to host the project for attempt #1 at Google Code. It’s called Negative Turing Test. You’ll be able to get the fruits of my labor when it’s done, and you can watch me work on it in the Subversion repo. (And yes, that means that I’m not debugging yet. You can still comment for now. ;)
As measured from 2006-11-14T12:33 to 2006-12-14T12:44. I now have the fun of deleting them all.
UPDATE 2006-12-15: As of the end of -12-14, it was 3,268.
And in case you’re wondering, not one spam made it to visibility, and not one legitimate comment was blocked. This is because I use the Comment Authorization plug-in for WordPress. Despite its disclaimers, it works just fine for me on WP 2.0.4. (And in case you’re wondering what happens if somebody doesn’t supply an email address: I get to approve it myself. It’s rare, though.)
UPDATE 2006-12-16: OK, not quite. I just got done scrolling through the moderation queue to double-check that there were no legitimate comments in it (in preparation to delete them all), and I did find exactly two real comments being held there. One had no real email address associated with it; I don’t yet know why the other one (the first comment on this post, in fact) wasn’t approved. It may simply be that Mike had not yet received the self-authorization email in the time that the 370 comment spams after it came in. I wasn’t looking at timestamps. ☺
Now I get to look into ways of stopping the spammers from even getting into the queue. I’m thinking of a JavaScript that dynamically changes the action of the form, or a reverse-CAPTCHA that makes you delete some text.
Any other suggestions before I start hacking?
This blog post about a corrupted Address Book came up on rentzsch’s del.icio.us. While I was there, I noticed this awesome archives view at the bottom:
![One row for every year, with every column being a number in the range [01–12].](/blog/wp-content/uploads/2006/12/archivesview.png)
I might adapt that for use on my own blog. I’m thinking maybe in my sidebar, with three-rows-of-four per year.
Way to go, Walt Dickinson.
Since -11-14, I’ve been intentionally letting the spam comments pile up to see just how many I’ll get in a month. I had over 500 in a week. I just looked, and currently I have:
By coincidence, this is 15 days — half a month — after I started. And yes, they are all spams; as most of you know, real people approve their own comments by email (I love that plug-in!).
-12-14, I’ll report my total and see about stopping the influx. My current prediction is that I will have around 2100.
And yes, that is the real UNICEF URL. I checked with a hex dump and a Google search.
This is not the way to get donations, UNICEF.
Anonymous comments are now off again. Too many spam messages get through when they don’t have to sign up for an account.
*sigh*
(Note: The above referred to the old Blogger blog.)
I found the problem that was preventing me from uploading things to my site at GeoCities. Turns out it was SurfRabbit, probably deleting some hidden input from the form.
Apologies to them for all the hate I’ve been putting on them lately. Soon I will be uploading the files that have been waiting for the problem to be resolved. This includes the attachments to several Radar reports.
Technorati tags: GeoCities.
So most of you probably know that I’m in the market for real hosting. I’ve identified two companies (a host and a domain registrar) that look suitable for my patronage.
If anybody has a better suggestion for either (or both) roles, please post in the comments. I need at least 100+ MiB of space (with room to grow, so call it at least 200) with Python and PHP support (I want to give self-hosted WordPress a try, and run some of my own things which will be written in Python).
Definitely do not recommend DreamHost. I’ve given up trying to get them to change their TOS.
UPDATE 2006-08-26 21:10 PDT: And it’s done. The blog is now on TextDrive+Active-Domain. ☺
Technorati tags: Hosting.
Most of you are used to me not capitalizing the first letter of sentences. I’ll still be this way on IRC, at least for a little while longer, but you should get used to seeing me capitalize. I’ve been doing this in the past couple days with my replies to emails sent to the Adium feedback list, and starting today I’ll be doing it with other emails and blog posts too. I’ll be doing it with everything eventually.
You know, I actually used to capitalize when I started on the internet. Guess I got lazy. Funny how things come full circle, huh?
you may remember that I have comment moderation turned on, to fight spam. when a comment comes in (as usually happens after a new post, because new posts appear on the front page and the spammers watch it), it gets sent to me by email, and if it’s spam, I reject it.
today, I got two moderation requests (for spam comments) in my email, followed by two email notices that those comments had been PUBLISHED!
take a look at Even More Hello Worlds. there they are. I deleted them, of course.
can anybody suggest a blog host other than Blogger or WordPress.com?