spam

Yesterday a new client approached me about problems with his WordPress blog. He wasn’t particularly explicit:

My Wordpress site is starting to do strange things, Pages dropping off. Can’t post etc.

So off I went to have a look. The biggest problem was a sudden inability to post new items or to edit existing Posts or Pages. I could open an existing post, make changes and click Save, Save and Continue Editing or Publish — each with the same result: a completely and utterly blank Admin page, and a failure to have actually changed anything.

The hidden porn

My next step of course was intensive and extensive troubleshooting and investigation. I did a hundred things, including much Googling and searching WordPress forums, but one of the first things I did was to View Source on my client’s blog Home Page.

There I discovered two particularly interesting things:

1. A link to ‘prepaid phone cards’ above the content. This isn’t the kind of link my client would include. Suspicious.
2. Approximately 170 hidden links to porn sites. This is definitely not content my client would deliberately include in his blog. About 120 links went to one domain, the rest to another.

Had the blog been hacked?

It was looking as though my client’s blog had been hacked. But first, a bit more about those hidden links.

For starters they were hidden: visitors to the page couldn’t see them, but View Source made them all visible, and they were evident in the RSS feed.

At first I thought they were some kind of comment or trackback, but I eventually found them attached in the body of the most recently published post. They were prefaced with this interesting HTML that effectively hid them from view:

<font style="position: absolute; overflow-x: hidden; overflow-y: hidden; height: 0px; width: 0px"><!--4848-->

Somehow a spammer had accessed my client’s blog and added these links to one post. And maybe a spammer had added the cellphone spammy link to his theme. I downloaded a fresh copy of the theme he was using and checked. That spammy link was not in the original theme. The spam link was also hidden via embedded CSS:

<div style="display: none" id="ads">

The Visual Editor hides all

My client has the Visual Rich Editor turned on, and probably uses the Visual view to write posts. Guess what! Those porn links are invisible in that view. He wouldn’t have known they were there! I knew, because I clicked on the Code tab, as I always do. In Code view they were immediately obvious.

I deleted the porn, clicked Save, and struck the bug my client had originally complained of: an inability to edit posts. It wasn’t going to be that easy to get rid of the porn. So next I had to solve his Save problem.

But that took me the next day, so I’ll write about it in another post.

And finally, here’s what Daniel Jalkut, the developer of my favourite, MarsEdit says about WYSIWYG (what you get with the Visual Editor):

There are a list of classic things that are wrong with WYSIWYG editors. They over-promise and under-deliver. They’re not actually that easy to use. They mess up your HTML, and often outright eliminate content. I don’t want to make any of those mistakes. That’s what makes the feature hard, and that’s the reason users haven’t seen it yet in MarsEdit.

[Via : The Daniel Jalkut Interview.]

The moral of this story: even if you like the Visual editor, at least look at the Code view — you may be surprised at what you find.

Popularity: 24% [?]

For someone just trying to get on with sending and receiving a few legitimate emails, here are some tips for coping with spam.

Are you bothered by Spam? Does it fill your email In Box? It’s a big problem for everyone at the moment, with some estimates that spam contributes about 80% of all email traffic.

For someone just trying to get on with sending and receiving a few legitimate emails, here are some tips for coping with spam.

The Stop Spam website

Visit www.stopspam.net.nz. This free web resource, provided by InternetNZ, aims to help you understand and minimise the impact of spam.

It describes what spam is and how it works, offers some ideas for individuals and businesses to reduce their spam burden and provides an overview of the current legal situation. It also offers a set of golden rules to follow when dealing with spam.

Spam filters

Your ISP should be able to provide some spam filters for you. Check with their Helpdesk to find out how to turn these on.

Check your email software for its spam-fighting features. In many email programs you can turn on a spam or junk filter. Turn it on and then train it by marking spams as junk, rather than just deleting them.

In Gmail use the Report Spam button.

Never reply to spam, even to unsubscribe

Don’t email spammers to tell them to go away. Don’t use their unsubscribe links, and never, ever send them money (for products, services, or anything).

Instead use your email software’s facility to mark the email as spam or junk (so that it better trains the filters), and then just delete the spam.

If a message is particularly offensive then you can try keeping it and contacting your ISP who may ask you to send it through to them. Most ISPs though are utterly overloaded with the torrent of spam and are unlikely to be very interested in any one message.

Get rid of the ‘catchall’

If you have a domain name you may find that all wrongly addressed email is sent to a ‘catchall’ address. This is handy if people make typos when sending email, for example they send to infromation@community.net.nz by mistake (see the ‘from‘ instead of ‘form‘?), but it’s an open invitation to spammers.

It’s a common spammer technique to blast emails to invented addresses. If you leave the ‘catchall’ address open these will be redirected to you.

The good news is that if you shut down that ‘catchall’ address you can dramatically reduce the amount of spam you receive. You may miss a couple of legitimate emails, but that’s the trade-off.

Written for and reproduced from CommunityNet Aotearoa Panui, April 2007. This article may have been modified from the original.

Popularity: 13% [?]