Jan 142009
Part of the Wonderful WordPress Wednesdays Series - Previous in series         

Welcome to the twelfth installment of my Wonderful WordPress Wednesday series.

With more than 20 blogs to watch over, comment spam has become quite the annoying time killer of late.  With more than 200 Akismet entries to sort through each day it became clear that something else had to be done, so I had a quick consult with friends who do managed IT services in Calgary and headed into the ether to find a solution.

My first stop was, of course, the WordPress plugin directory.  Unfortunately, searching on “spam” returns 117 of the 3,870 plugins currently listed there.  Not exactly a bullseye solution to the problem.  So I headed into the WordPress Codex ehere I found their Combating Comment Spam page with the following suggestions-

  • Akismet – Akismet was already keeping the majority o fthe spam off my blog, but I was still forced to sort through it in search of false positive.
  • Settings > Discussion –
    • Here there are multiple options to automatically detect spam: number of links, spam keywords, blacklist.  Alas, when detected, it was just dumped into the Akismet area for me to sort through later.
    • Moderate All Comments – This would create even more work for me, essentially labeling everything as spam.  Not exactly a timesaver and not really user friendly, either, IMO.
    • Pre-approve only “old” commenters- Since I don’t have many ‘regular’ commenters this would still require far too much moderation time.
    • Restrict Comments To Registered Users – not only user-unfriendly, but I really have no desire to have dozens or even hundreds of people with user accounts on my blog(s).
  • Delete wp-comments-post.php and/or wp-trackback.php -Again, not exactly user friendly.  I’m trying to encourage more comments, not remove them all.  Besides isn’t this just giving in to the spammers?  I’d rather let them run rampant than shut out my actual readers.
  • Use rel=”nofollow” – this has never actually been effective in stopping comment spam.  The bots simply don’t care.
  • Deny access with .htaccess – Now that seems interesting!
    • Deny Access to Spammer IPs/Referrer Spammers – Again, too labor intensive what with the need to collate and enter individual IP addresses and referrers.
    • Deny Access to No Referrer Requests – I think we have a winner!

Here’s the relevant section of The Codex-

When your readers comment, the wp-comments-post.php file is accessed, does its thing, and creates the post. The user’s browser will send a “referral” line about this.

When a spam-bot comes in, it hits the file directly and usually does not leave a referrer. This allows for some nifty detection and action direct from the server. If you are not familiar with Apache directives, then write the following in your root directory .htaccess file::

RewriteEngine On
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourdomain.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

This will:
1. Detect when a POST is being made
2. Check to see if the post is on wp-comments-post.php
3. Check if the referrer is in your domain or if no referrer
4. Send the spam-bot BACK to its originating server’s IP address.

After reading that over it seemed to make perfect sense to me.  A simple but elegant solution t ospambots.  Five minutes later I had added the relevant code to my .htaccess file and expected to never hear from comment spammers again.

However, the next morning, my Akismet spam queue was full of over 100 messages again.  The only thing different was that not a single one of them was a false positive or even questionable.  Every single one of them had been left by a spambot.  Clearly this simple but elegant solution wasn’t working.  So I headed off to find another solution.  The worst part, however, was something I didn’t realize until a full two days later: the .htaccess changes were blocking regular comments!  I think this was because I don’t use the normal comments.php, instead using a custom one from a comment plugin, but regardless, it wasn’t helping block the spambots anyway, so I just wiped it clean out and immediately was able to receive comments again.

My next “great find” was Yet Another WordPress Anti Spam Plugin (YAWASP).  Unlike the vast majority of anti-spam plugins out there, YAWASP did not require Javascript or cookies (which many of my visitors have disabled) or a CAPTCHA (which I and many of my visitors hate), but instead, was entirely transparent to the regular user.  Its primary means of spam detecting is to add a “hidden” field that the bots will see (and complete) but is invisible to the human eye on the rendered page.  I use this same type of anti-apam system to keep spammers from registering on the various forums I’ve over the years and it works great.  So I was exited to see it available for WordPress as well. Unfortunately, i couldn’t get it to work.  No matter what I did it kept insisting that every comment was spam because it’s author had somehow entered data into the “hidden” field.  Exceedingly frustrated at this point I removed it and took a nice long break.

Finally I decided to see what other long term bloggers were doing and with a little poking aruond in Google Blog Search I finally came across several positive article about the Bad Behavior WordPress Plugin.  Like Akismet and YAWASP, Bad Behavior is transparent to my actual readers.  However, unlike them it was as simple as install and activate.  I haven’t received a spambot comment since!  Regular comments still seem to be getting through and spam that is manually left still shows up (though it tends to get caught by Akismet).  Best of all, in the last 24 hours I’ve only had to clear less than a dozen comments from my various Akismet queues.  Now that is protection.

Yeah, I know that was a long way to go for what could have been a simple single paragraph post.  But I wanted y’all to understand that I share your frustrations.  Now, hopefully, you can avoid all of my pitfalls and wasted time and simply install Bad behavior to begin with.  The only question remaining is why is Akismet distributed with WordPress when Bad Behavior is not?

Reblog this post [with Zemanta]
Part of the Wonderful WordPress Wednesdays Series - Previous in series        
Jan 072009
Part of the Wonderful WordPress Wednesdays Series - Previous in series         Next in series

Welcome to the eleventh installment of my Wonderful WordPress Wednesday series. Today’s lesson is a quick little hack for one of my favorite plugins: WP-PostRatings (by the irrepressible Lester ‘GaMerZ’ Chan) which adds an AJAX rating system for your WordPress blog’s posts.  I don’t use it here on Philaahzophy, but it’s a vital part of several other blogs that I manage.

My problem occurred on my amusement park and roller coaster video blog where I also use a plugin (that I previously wrote about) to schedule posts for future dates.  You see, I’ve noticed that people are far more likely to actually rate a post if others have already done so.  Therefore I was visiting each post after it was published and rating it myself.  This can become bothersome since I schedule posts on that blog days or even weeks in advance.  What I needed was for the WP-PostRatings plugin to add a default rating score to every post as it was published.  Luckily, with a little poking around and some help from more PHP-knowledgeable friends I was able to come up with a solution.

Simply navigate to Plugins > Editor > WP-PostRatings in your WordPress admin area and scroll down to lines 763-766 which read as follows:

add_post_meta($post_ID, 'ratings_users', 0, true);
add_post_meta($post_ID, 'ratings_score', 0, true);
add_post_meta($post_ID, 'ratings_average', 0, true);

Now, change the values in each variable to reflect your default ratings. For example, to have each post be published with a single rating and a score of 4 you would change the code to appear as follows-

add_post_meta($post_ID, 'ratings_users', 1, true);
add_post_meta($post_ID, 'ratings_score', 4, true);
add_post_meta($post_ID, 'ratings_average', 4, true);

You can set whatever default ratings you like, but make sure that your math works out or you’re likely to get some type of error.

  • ratings_users refers to the number of different people that have entered their rating
  • ratings_score is the total value of all the ratings thus far added together
  • ratings_average is the current score of the post

So you’ll want to make sure that ratings_score divided by ratings_users is equal to ratings_average.  If you’re worried about the math, just use the values in the example above and all of your posts will publish with a rating of 4 granted by a single user (you do think all of your posts are worthy of at least 4 out of 5 stars, don’t you?).

As always, if you have any difficulty with this tip, questions about using WordPress more effectively, suggestions for future articles in this series, or just want to say ‘Hi’ or ‘Thanks’, comments are always very much appreciated!  And if you found this post useful or informative, please consider adding it to your choice  social bookmarking sites (StumbleUpon, Digg, Reddit, etc).

Part of the Wonderful WordPress Wednesdays Series - Previous in series        Next in series
Dec 242008
Part of the Wonderful WordPress Wednesdays Series - Previous in series         Next in series

Welcome to the tenth installment of my Wonderful WordPress Wednesday series. Oh, and Merry Christmas Eve to all those celebrating today!

Over the weekend I was moving several websites around (see my Moving Your WordPress Blog To A New Server In 10 Easy Steps for a walkthru on this process) and discovered that one of my (seldom used) blogs had a database file that was too large to import using phpMyAdmin at my web host. It was just under four megabytes, so easily within their 51MB limit, but still, it kept timing out. Now, WiredTree (my webhost) is very accommodating and I’m sure if I had contacted support they would have gladly (and easily) imported the file for me. However, I knew there had to be a solution and I wanted to figure this one out on my own. Well, on my own with Google’s help, of course 😉

The first “solution” I came across was to use a program called MySQLDumper which I dutifully downloaded, unzipped, uploaded and accessed only to discover that in order for it to work I would need to actually create the backup in MySQLDumper.  Well, I wasn’t interested in a solution that would require me to install a program multiple times on multiple servers run by multiple webhosts, so I deleted that bad boy and kept looking.

Next I found the simple and elegant solution: BigDump by Alexey Ozerov.  BigDump is a single php file that you download from Alexey’s site.  You then change a few paramaters within the file, upload it and your backup, and voila!  You’re all set.  Here’s what I did, step by step…

  1. Visit the BigDump: Staggered MySQL Dump Importer page and download the file.  I used ver. 0.29b (beta)
  2. Unzip BigDump.zip and open the file (BigDump.php) in a text editor.
  3. Modify the following lines to match your database and backup-
    • Line 40 – $db_server   = ‘localhost’;
    • Line 41 – $db_name     = ”;
    • Line 42 – $db_username = ”;
    • Line 43 – $db_password = ”;
    • Line 47 – $filename         = ”;     // Specify the dump filename to suppress the file selection dialog
    • Line 67 – $db_connection_charset = ”;
  4. Upload the modified BigDump.php and your SQL backup file to the webhost where the new database is located
  5. Visit http://www.YOUR-DOMAIN.com/BigDump.php
  6. Click “Start Import”
  7. IMPORTANT: When the script has successfully run, delete bigdump.php and your dump files from your server.

A couple of notes…

  • BigDump has the charset defaulted to ‘latin1’ while most phpMyAdmin’s I’ve encountered have it set to utf8, so make sure you set this correctly.
  • When creating your backup file make sure to uncheck ‘Extended Inserts’ as BigDump isn’t able to split such SQL queries.  This will make your backup (or dump) file much larger (mine almost doubled from just under four megs to just over 7 megs), but will allow BigDump to install it smoothly.

There ya go!  No more worries about moving large databases.  Not only did it handle my 4MB to 7MB blog backup easily, but it imported my 120MB+ forum database dump just as smoothly.  To give you some idea of the size of the forum database I have the fastest DSL connection available to homes and it took more than 25 minutes just to upload the sql backup file.  But it only took BigDump around 7 minutes to successfully install it – something that phpMyAdmin was simply not created to handle.  Man, I just loves me some freeware 🙂

Until next time, if you have any questions, thoughts, or concerns, please comment below and remember that giving this article a Thumbs Up with StumbleUpon will up your karma quotient for the day 😉

Part of the Wonderful WordPress Wednesdays Series - Previous in series        Next in series
Dec 172008
Part of the Wonderful WordPress Wednesdays Series - Previous in series         Next in series

Welcome to the ninth installment of my Wonderful WordPress Wednesday series.

NOTE: Although the main focus of this week’s tutorial is sponsored blog posts, there are many, many uses for what I’ll be sharing with y’all today so don’t run off just yet. After the tutorial I’ll share some other great uses for today’s lesson.

Anyone who has ever taken a sponsored post through any of the ‘paid to blog’ companies knows that they’re all full of various rules restricting how you can lay out your blog. Anyone who has taken sponsored posts for more than a few months has no doubt run into frustrations at what seems to be the usurping of your blog by these companies. Well, I’ve finally found a simple and elegant solution – separate templates for individual blog posts.

To see what I mean click over to my latest post at Gilroy Review about how columnist Cynthia Walker hates poor people.  Scroll down and take a look at the entire layout of that post.  Then click on the navigation to go to the post before it on Mary Jane Goods.  Notice anything different?  The ad placements are totally different because one is a sponsored post while the other is not. (BTW, if you’re reading this Google, the sponsored links are all nofollowed so don’t get your servers in a bunch).

All I had to do to accomplish those entirely different post layouts was tell my blog that a different author wrote each post.  I use author because I’m the only person writing on these blogs and my blog themes don’t mention author names anyway.  I could do the same thing with a specific tag or category as well.  I only use author because it’s completely transparent on my blogs.  Now, this did take a little set-up which is what I’m going to layout for y’all here in this post.

I learned how to do this, BTW, thanks to a great post by Justin Tadlock on his terrific Life, Blogging & WordPress blog.  That post contains a lot of code because it covers so many options, and all of that code can be pretty intimidating to people who aren’t used to messing about ‘under the hood’ of their WordPress installation.  So I’m going to stick to one simple system here.  If you want to change templates based on something besides the author of the post then please visit Justin’s site and you should be able to follow along just fine after seeing how easy it is here.

How It’s Done-

Enough blathering.  On to the tutorial itself…

First you’ll need to visit Appearance > Editor within your WordPress Admin and select your Single Post (single.php) file.  Select the everything in the text box there (either drag your cursor over all of it or simply click in the box and hit CTRL-A) and then paste it into your favorite text editor.  Personally I use EditPad, but Notepad works just as well in this case and is available on every Windows computer.

This is the basic template file that determines the layout of the single post pages on your blog. It’s probably already setup in an ‘advertiser friendly’ manner so you’re going to leave this copy alone.

Now return to your WordPress admin, go to Users > Add New and make a new user that you’ll only use for your sponsored posts (or whatever pots you want to use the old template for).  By the way, if you want the author to display the same as your current account on your blog just include the same name in the Nickname box and select that name in the “Display name publicly as” drop down menu.  Ok, once that user is made click on them to go to their edit page and look at the URL in your address bar.  Roughly in the middle you should see something along the lines of "?user_id=4". That number is the key to our next step. Return to your text editor program and save the file as single-author-?.php, replacing the ? with the number you saw in the URL above. Pretty easy so far, right?

Okay, now you just need to open your FTP program and connect to your server. Navigate to Your Blog > wp-content > themes > Your Theme and make a new folder or directory there called single. Then upload your newly saved file to that folder/directory. It should end up looking something like my FTP directory to the right.

That was the hardest part, I promise.  Now you just need to return to your WordPress admin area again and go to Appearance > Editor but this time select Theme Functions (functions.php). Each of these is going to look a little bit different depending on what theme you’re using, but you don’t need to worry about that. Just scroll down to the very bottom where you’ll see ?> and place your cursor on the blank line above that one. Then paste the following into the file and hit Update File-

* Define a constant path to our single template folder
define(SINGLE_PATH, TEMPLATEPATH . '/single');

* Filter the single_template with our custom function
add_filter('single_template', 'my_single_template');

* Single template function which will choose our template
function my_single_template($single) {
	global $wp_query, $post;

	* Checks for single template by author
	* Check by user nicename and ID
	$curauth = get_userdata($wp_query->post->post_author);

	if(file_exists(SINGLE_PATH . '/single-author-' . $curauth->user_nicename . '.php'))
		return SINGLE_PATH . '/single-author-' . $curauth->user_nicename . '.php';

	elseif(file_exists(SINGLE_PATH . '/single-author-' . $curauth->ID . '.php'))
		return SINGLE_PATH  . '/single-author-' . $curauth->ID . '.php';

	* Checks for default single post files within the single folder
	if(file_exists(SINGLE_PATH . '/single.php'))
		return SINGLE_PATH . '/single.php';

	elseif(file_exists(SINGLE_PATH . '/default.php'))
		return SINGLE_PATH . '/default.php';

	return $single;


Now just go back to your Single Post (single.php) file and make whatever changes you want to your single post layout – ad layouts, styles, backgrounds, etc – without having to worry about the opinions of the sponsored blog companies you work for. Just make sure to select that other (fictitious) author whenever you do a paid post and theirs will appear on a page that meets all of their requirements.

Personally, I also plan on using this when setting up a Daddy-Daughter blog with Zaira in the near future to give my posts a black & white color scheme and hers a pink & black scheme. This system would also be perfect for when you have guest bloggers and it can also be used to differentiate between categories or subjects on your blog rather easily. For example, if you have a weekly photo feature as many do, or host a blog carnival you could use an entirely different template for those posts. As I mentioned above, if you want to differentiate by category or tag just visit  Justin Tadlock’s original post on the concept at his Life, Blogging & WordPress.

I’m sure there are plenty of other uses for this as well, so if you’ve got any ideas, please leave a comment and let me know!  Or, if you have any questions or problems, just leave a note and, as always, I’l ldo my best to help.!

Part of the Wonderful WordPress Wednesdays Series - Previous in series        Next in series
Dec 102008
Part of the Wonderful WordPress Wednesdays Series - Previous in series         Next in series

Welcome to the eighth installment of my Wonderful WordPress Wednesday series.

I first started blogging about six years ago, discovered WordPress in 2006, fell in love with it in 2007, and started sharing that love with y’all (through this series) a few months ago.  However, I must confess, I hated the changes that WordPress 2.5 brought to the WordPress admin panel and flat out refused to update beyond 2.3.3

That all changed when I gave WordPress 2.7 Beta a try on a new blog.  Today Release Candidate Two (RC2) of 2.7 was released and I spent the day upgrading all of my blogs.  While this only took 15-45 minutes (based on which plugins were installed) handling so many blogs still took me many, many hours.  All well spent!  So what is it that’s got me falling in love with WordPress again?  Let me count the ways…

  1. Collapsible, click & drag boxes in the admin panel.  These allow me to set up my admin pages (particluarly the Dashboard and Add New/Edit pages) with only the features I want and in th elocations I want.
  2. Simple, internal upgrades.  Now when I get that annoying little “A new version of WordPress is available! Please update now.” at the top of my admin pages I can simply click on the link and the update is handled automatically!  Plugins are updated in the same way.
  3. Simple, internal way to add plugins!  The ability (or desire) to use an FTP program is no longer necessary to install the latest WordPress plugins.  Now when I find a nifty new plugin I want to try I can simply search for it from my admin panel’s Plugins page and click “Install”.  All of the background “tech” stuff is then taken care of automatically.  Why this hasn’t been implemented for themes as well is beyond me.

WordPress 2.7 isn’t without its problems, however.

For example, I have a grand total of zero interest in my “Akismet Stats” but since the folx at Automattic seem to think these are somehow vital I’m stuck with that link taking up space in my menu bar.  Of course, I can close the Dashboard box to return that space to me, but whenever I click over to my dashboard it just pops back up.  I could also move the Dashboard box further down the menu, but I frequently use the Dashboard link so this isn’t really an option either.

Okay, that’s a pretty minor quibble.  So how about the fact that all of my drafts are now included in the ‘Edit Posts’ page, in date order, like regular posts.  I use drafts to keep notes for future posts and most certainly do not need them cluttering up my previously clean Manage Posts page.  Still minor?  Hmmm…

How about all the plugins that have conflicts with 2.7?  What?  That list keeps getting shorter as the plugin makers update their work?  Hmmm…  I guess there aren’t that many problems after all.  No wonder I’m in love!

So, what’s keeping you from upgrading to WordPress 2.7?

Part of the Wonderful WordPress Wednesdays Series - Previous in series        Next in series