Bikerscum - Patrick St. Jean

I upgraded the blog software today and while you may not notice anything different, I sure did. I've been reluctant to update the software because it's been a pain to do. I've had to customize some stuff, like the Adsense code, Google search, Google Analytics, and some HTML validation steps.

Well, it turns out that none of that is needed any more. The 2.1.x series has a generic HTML widget that you can drop just about anywhere. I just copied the HTML into widgets, put them where they needed to be, and was done. Now code updates don't require me to crank up vi and get dirty with PHP.

Link: http://www.village-idiot.org/archives/2005/01/28/b2evo-captcha-explained/

I've been getting slammed by more and more comment spam over the last few days and have finally had enough. I'm implementing the captcha solution from village-idiot.org. I know it's not perfect and that there is software out there to defeat them but it'll stop me from having to delete literally hundreds of porn spam comments from my posts while still leaving them open for people to post .

The directions are pretty good but I did make a couple changes to authimage.php and comment_post.php to clean up a few warnings generated when the spammers try to hit the page directly.

Basically, you need to change two blocks of code in authimage.php, both up near the top of the file. First, wrap the if/elseif block that checks to see if you're requesting a text or image with a test to see if $_GET['type'] is set. Then in checkAICode you'll need to change the if/then block at the beginning to make sure that $_SESSION['AI-code'] is set. Here's what the two blocks look like after being changed:

if (isset($_GET['type'])) {
  if ($_GET['type'] == "text") {
    createAICode("text");
    exit;
  }elseif ($_GET['type'] == "image") {
    createAICode("image");
    exit;
  }
}

and

if(!isset($_SESSION['AI-code'])) {
  $return = 0;
} else {
  if ($code == $_SESSION['AI-code']) {
    $return = 1;
  } else {
    $return = 0;
  }
}

And then in comment_post.php you'll need to wrap the captcha checking routine with this code:

if (isset($_POST['code'])){
...
} else {
  errors_add( T_('Error: Please don\'t try to bypass the access code.') );
}

I've reconfigured the b2evolution installation to accept posts via e-mail. This will make it a lot easier to post while I'm on the road since I'm not bringing a laptop. This is all going to be done via my Palm and phone.

Sorry about the poor performance, my poor server's getting the stuffing beaten out of it by one massive referrer spam run. I've got mod_rewrite passing out 301's to (hopefully) redirect the clients back to the site they're spamming for, but the router's still working hard enough that connection times are terrible. This has been going on since about 5:30 Central time on 3 May with no end in sight. I'll post updates as things develop.

I just finished patching b2evolution's code to support Google's approach to blocking comment spam (Google Blog entry). The info was taken from this forum thread.

Link: http://blogshares.com/?referer=24742

I just found a pretty cool blog related game called BlogShares. It's a virtual stockmarket based on blogs. I'm now listed and there are shares of this blog for sale.

One of the interesting blogs that I happened across while there is Farzad's Blog, so go take a look at it!

Grrr... I've wasted a good chunk of my time cleaning up a bunch of referrer spammers. They've now been banninated inside apache and won't be getting anything but a 403. In case anyone's interested, here's what I've used to ban them (I'm obvously changing the domain names so that they don't get any credit whatsoever).

RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http://www.foo.com/.* [OR]
RewriteCond %{HTTP_REFERER} ^http://www.bar.com/.*
RewriteRule .* - [F,L]


Edit it to suit your needs and then put it in your .htaccess or httpd.conf file.

So for the last few days I've been fighting a few sites that decided to put links to the bikerscum domains on their pages, one of which describes it as a porn site. It's obviously not, and so after a little mod_rewrite work visitors coming in from there are going elsewhere.

If you're going to link to me, fine. But let me know in advance if it's got the potential to generate lots of traffic. Which, by the way was how I noticed this. It's kind of funny to watch your traffic go up by a factor of 100.