New face, new engine, new everything

Management Summary of this longer entry: 1) Comments are back, 2) I’m using Serendipity instead of Movable Type and 3) This layout – though premade – is going to stay.

But now my reasoning:

As I’ve stated earlier today, I had enough comment spam arriving on gnegg.ch. Not only the blog was filled up with junk, but also my mailbox was hit (MT was sending mails for every comment).

To underline how BAD it was, notice this: During last weekend I was off the internet most of the time. In the two nights (friday to saturday and saturday to sunday), gnegg.ch was hit by 683 SPAM comments, of which MT only classified 4 as spam.

For each of these 683 comments, I got an email message. Which was especially bad as I was checking mail from my mobile phone (that was the most expensive mail checking process in my life I guess – imagine the sheer size of only the headers)

Even worse was the interface for comment removal: The biggest page size I could select was 50 comments, so I had to delete the comments in groups of 50, each time waiting for the affected pages to be rebuilt over and over again.

There is a mutliselect option in MT, but it always affects all comments per page, so chosing to display all comments and then using the “Select All” feature would not have helped as it would have deleted the legit comments too.

This just so you understand why I had to do something. I did not want to have another “fun” comment removal session next sunday evening (most of the comments get posted on the weekends – probably in the hope they will remain unnoticed for a while longer – which they did).

At first, I just wanted to turn off the comments and keep it at that.

But what is a blog without comments? Yeah. right… not much.

So I went ahead and installed Serendipity because I knew that it had some really nice SPAM-countermeasures included.

As I currently don’t have the time needed to port the old MT template over, I selected a template that comes with s9y and I have to say: It looks great, IMHO. I think I’ll keep it at this.

I’m no web designer and even if I could convince Richard to create a new layout for me (thinking that the old one just is a bit too dark and grey for my current mood), it would take AGES for me to create a Smarty version out of it, so I decided to go with premade templates.

And this one (Perun Blue) is really nice – IMHO even better than the old, custom made, one. So, I hope, you can live with this.

While the import process worked flawlessly, many links inside the site are broken and I’m currently in the process of fixing them.

A worm named pilif?

I just heard, that my nickname-ever-since has been “misused” by someone in his evil malware-schemes.

At least the second entry in google after searching for “pilif” points to this page

This is very unfortunate. I’m using the name “pilif” since long before the first mail virus (ILOVEYOU) has been written. Pilif has the benefit of being nearly unused in the web so far (very convinient when registering somewhere) and it somewhat contains my name (Philip -> Filip -> Pilif)

I can asssure you that I have nothing to do with this worm or any other worm for that matter.

Besides, if I really wrote a virus I would never be so stupid as to name it after my nickname ;-)

Two years of gnegg.ch

Two years ago, I started to use my spare gnegg.ch domain with this weblog. My first posting was quite the ordinary welcome-posting. Even back then, I promised to create a better layout for the site, which I finally did this february:

As I am not-so-good™ with layout, I kept the default one of Movable Type, my blogging-engine. Maybe Richard will help me here sometime in the future.

And Richard did a really good job with it. Thanks again.

Many times, gnegg was lingering around a bit, but I managed to put myself together all the time and in the last two years, there was at least one post every month. Since around january 2004, post much more often. Currently I’ve nearly 200 postings on the site, wich means that I wrote the same amount of postings in 6 months that took me a year and a half before: My 100th post was only this march.

With the increased amount of postings, I also got more visits: 2003 there where and average of 115 visits a day producing 184 pageviews. Now it’s more like 552 visits producing 12883 pageviews. Tendency: rising. Thank you, my fellow readers, for this.

With gnegg.ch becoming more known, also the problems grew: Currently, I’m filtering about 50 SPAM comments per day. A year ago it was at most one per month.

Posting here still is a lot of fun and I’m certainly going to continue writing here.

And in case your wonder, what “gnegg” actually means: It’s nothing. In 2001 I created that word quite by accident by typing around the keyboard to create some blind text and it liked it so much that I reserved the domain… What I liked about the name was that I was quite uncommon in the internet so far. Ok. There’s this, but whatever it is, it’s funny anyway…

Fix for comment spam?

Yesterday, asterisk* talks about comment spam and an easy fix to do it.

Reading the article gives quite a good insight on how those spammers work: They don’t seem to really request the page of your entry, but they only submit hardcoded values in some database.

This gets this seemingly simple trick to work. Inststead of reading the weblog page and submitting the real form, spammers still submit the hardcoded value, missing the additional form-element.

Unfortunately, this problem is easy to fix for the spammer: Just update the database with the new information form the forms. And I promise you: As soon as this hack gets more known (which is bound to happen soon as it’s so simple to impelement), they will update their scripts.

The logical next consequence would be to change this additional tag more often, leading to the spammers updating the index more often.

The ultimate consequence would be a script generating some kind of random cookie which is different on every request. This in turn would lead the spammers to actually request the form before sumitting it.

I don’t think, I have to name the consequences of that: The spam will stay, but the bandwidth needed will increase greatly. Instead of just posting, the spammer will also request the whole page.

And the spammer will certainly do that on all weblogs. Regardless of whether they deploy this cookie or not.

So in the end, this “fix” just makes the whole thing worse for all us bloggers.

Sorry. No solution. Or ist it? Convince me otherwise!

Explain This!

Would anyone care to explain me this:

stats.png

I mean: While I can understand that an entry concerning filesharing is very popular and while I really see the sense in the rdf-File being requested often, I can absolutely not understand what’s so interesting about suburban railways!

I for myself certainly find it interesting, but none of the people around me share this interest. Who would have thought that there are more fans of railways out there on the net than there are people having problems with their P800 phone…

Reading logfile analysis can be so interesting at times…

Oh and on another note: I would be really interested to know how many people have actually subscribed to the RDF-Feed and thus are coming back regularly to read what I have to write. So: RSS-Subscribers: Stand up and post a little comment here. A “I do” certianly suffices.

As the traffic really peaks whenever I post an entry, there certainly have to be some subscribers.

mod_perl or not to mod_perl

Floating around the net I found a patch for my mod_perl problem I had with MT 3.1, so I have reenabled mod_perl, which actually sped up the wohle system greatly, but forced me to remove MT-Blacklist, as it’s not compatible with mod_perl environements (Internal Server Error, here I come!)

“No big deal”, I thought – deleting those five SPAM comments a day would not have been so bad – especially since MT 3.1 provides a far better comment-deleting UI than 2.6

Then, today, I had to change my mind: Between 6am and 12pm two of those f***ing SPAMMers actually posted stupid comment spam to nearly every posting in my blog. After deleting them, they gave me a rest just to continue their evil doing during the whole afternoon, forcing me to delete about 2 comments per 20 minutes. Inconvinient when I have to work in between.

So – for me, it’s back to non-mod_perl. It seems like gnegg.ch is popular enough for actually depending on MT-Blacklist. Very nice. Thank you stupid SPAMMers!

MT 3.1

As you almost certainly know, MovableType 3.1 has been released.

Reading the feature list – especially the entry about dynamical publishing – I deceided to upgrade.

Needless to say that much went wrong:

  • The dynamical generation is of no use to me because I’m using (exactly one) cutom tags in my archive template and custom tags do not work with dynamical generation. Too bad. And too much documentatino to read to port it to PHP
  • My beautiful mod_perl setup ceased to work. Somehow MT sometimes (this is completely random) gets a random number back from $q->parse in lib/MT/App.pm. Updating Perl, Apache and mod_perl did not help. The effect of this bug is a randomly occuring “Upload too large” error. Back to CGI then… (I’ve opened up a support ticket. Let’s see how good this support really is)

At least I can now use MT-Blacklist as it does not work in mod_perl. Much trouble for setting up something I dont really like either because of its extremely commercial background. We’ll see what the future brings…

An experiment

Now that I have some problems with MT (it’s so terribly slow when not using mod_perl), I thought to myself: “Let’s do a little experiment. Let’s try out WordPress and let’s see what happens”

This is what happened. And this is the source of the template.

So. Was it worth it? How is it, working with WP?

While I really like the dynamical generation feature and the OPML-Upload, I have some problems with WP:

  • It’s not as flexible as MT. All those template-functions output much too much HTML (every little bit of HTML-code is too much, actually). I had to change the stylesheet to accomodate wordpresses forced <ul> in the sidebar. And for the links I actually had to patch around in WP for my template
  • MT seems much more polished.

Anyway. As WP is written in PHP and contributions are certainly welcome (it’s free software after all), maybe I should look into contributing something.

And as for the future of gnegg.ch: I’ve not deceided yet, what I should do: Adopting the other gnegg.ch templates would take about half a day to one day, which is terribly much time to invest in replacing something that essentially works.

So, as I said here, I’m going to stay with what I currently have – for now. At least until I hear back from MT about my support ticket, as mod_perl is a requirement for me to be running MT.

Comments working again

OK… there was this… embarassing… problem with the pilif.ch-Domain. Talk about forgetting payment for the registration ;-)

The problem is fixed. so the comments and the search function should be working again…

Movable Type licensing

While looking for some documentation for improving my comments-system (later post), I came across a link to this blog entry that announces a revised licensing scheme for Movable Type 3.0.

This time they actually did it right: The (still) free edition is now clearly announced. The personal edition is what quite a lot of users (including myself) have wanted (unlimited blogs) and it is quite affordable. This is nice.

Thank you, Movable Type