OMNINOGGIN

photo credit: miss604

A few people have asked me how to make WP Greet Box work with non-WordPress pages.  Luckily there is a way to easily do this and I will show you how in this tutorial:

Requirement

You must have WordPress installed with WP Greet Box plugin enabled.

JavaScript Modification

You will have to make a copy of “http://example.com/wp-content/plugins/wp-greet-box/js/onload.js”, modify it, and place it somewhere accessible by your non-WordPress page. As an example, I will place a copy of the file at “http://example.com/non-wordpress-platform/onload.js”. Now open “non-wordpress-platform/onload.js” and modify the line:

url: "index.php",

to point to your blog WordPress blog index.php.

url: "/index.php",

For example, if your blog is installed under “http://example.com/blog/”, you would change the code to:

url: "/blog/index.php",

JavaScript Placement

There are a few Javascript files that you need to reference to do this. Make sure you drop the following Javascript references into your non-WordPress page:
Read on…

This might be old news to you, but you should know that the Googlebot now follow links created by Javascript. I have seen evidence of this myself and was starting to get frustrated that I would have to reevaluate my site and patch any leaking link juice from Javascript links. Before I got to the point of full frustration, I realized that I can use this Googlebot “feature” to my advantage and use Javascript itself to easily correct this leaking link juice problem.
Read on…

A few days ago I read a post on Webmaster Source about Minify, ‘a PHP5 app that can combine multiple CSS or Javascript files, compress their contents (i.e. removal of unnecessary whitespace/comments), and serve the results with HTTP encoding (gzip/deflate) and headers that allow optimal client-side caching.’

Being the enthusiast that I am, I decided to implement it on my blog. This post will report my experiences integrating Minify with my WordPress blog.
Read on…

If you are a new user and you use any form of advertisement blocking (e.g. AdBlock) on your browser, you would have been greeted with a neat little message saying “Doh! It appears that you are using AdBlock software…”.

The purpose of this post is to show you how to create such a message for your own website. I had this idea from a comment I found on one of my favorite blogs (Webmaster Source) regarding combating AdBlock.

Before I go on, let me say that I am not interested in discussing/debating the use and ethics of AdBlock software in depth in this post. I’m planning on writing a post with my research and data on the effects of discouraging AdBlock use in a later post, so let’s save that discussion for another time.   For now I would like you to evaluate the pros and cons of this mod and decide for yourself if you would like to install the mod or not.
Read on…

Previously I wrote a post about how to list poison email harvesters. Today I discovered that an unknown harvester/scraper bot has stumbled into my one of my traps. Here is the description of the bot:

IP:82.230.123.141
Host: bne75-7-82-230-123-141.fbx.proxad.net
User agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; InfoPath.1)

From the log snapshot (image), you can see that the bot had recursively crawl through 14464 pages, harvested anywhere between 5 – 20 fake email addresses per page (that’s about 12 * 14464 = 173,568 emails harvested), and wasted nearly 10 minutes on my site before deciding that it’s done. You can see that the last link the bot visited was something that looks like this:

http://omninoggin.com/suspicious/8864/1530/7374/527/3510/9061/8198/9981/3367/1751/5075/1765/7282/4842/1710/3655/614/9951/3183/3609/3731/9430/7682/6298/2287/683/3370/5633/4187/8842/1852/5984/7767/6037/7675/3984/4646/7823/8462/1793/6556/3054/1362/3111/3407/8182/7374/169/7738/158/2802/5438/7230/9552/1384/7538/index.php

Read on…

I apologize if you have visited earlier today and found the Maintenance-Mode screen. I was moving this blog from a self-hosted dedicated server to a shared-hosting server. In this post, I will discuss the reasons for my decision and the switching experience.
Here are some reasons why I made the switch (Pros):

1. I’ve been getting more readers lately so my bandwidth was almost reaching capacity. Shared-hosting is the cheapest way to get decent burstable bandwidth.
2. I wanted to start focusing more on WordPress and less on FreeBSD. Making this switch will alleviate me from having to maintain/troubleshoot low-level system things, leaving me with more time to focus on WordPress development & discussion.

Read on…

You may not know it, but your site is probably being regularly harvested for email addresses. In this post I will show you how to easily help fight email spam using a Lojack technique called List Poisoning (see previous post for more Lojack anti-spam philosophy). Though this is not a new technique, it is definitely worth spreading the word and implementing.
The goal here is to pollute the harvester’s email list with fake email addresses and fake recursive links. In doing so, the harvester will waste time and resources harvesting and spamming fake addresses. (see this in action)
In the demo below, you will notice that the first three links are recursive links that will just redirect to the same index.php. The next set of links will be fake email addresses generated for harvesters.
Read on…

For those who have tried to comment on my posts but were not able to, I would like to sincerely apologize. If you are a returning reader/commenter, thank you for your patience and your continued reading loyalty. I would also like to thank Agam Rosyidi for notifying me that my comments were broken on this blog. In the future, if you notice anything wrong with my site, I would greatly appreciate it if you let me know via my about page.
On the actual problem itself, it turned out that WP-SpamFree was not working with WP-Super-Cache when the cached page is being dynamically delivered. I did not look too much into why this was the case, but comments now work after disabling WP-SpamFree. I have removed this plugin and I don’t plan on re-enabling WP-SpamFree in the future or making it work with WP-Super-Cache because of the philosophies in this great paper by Mark Pilgrim. I highly recommend reading this timeless article before you think about combatting spam. Read on…

Every time I search the web for information on how to block spam bots, scrapers, and harvesters, I always see an Apache .htaccess file or some code to dump into httpd.conf to achieve this. I’m a bit against using this method for blocking evil bots. I do respect Apache for being a flexible & modular web server (that’s why I still use it), but I do not have much to boast about Apache’s speed and efficiency.
To achieve the same purpose on my server with greater efficiency, I made use of my Varnish reverse proxy configurations (located under /usr/local/etc/varnish/default.vcl).
In this post, I will only be discussing about vcl_recv subroutine, which gets called when a client request is received.
Read on…

What are SSH Keys? (Easier than what you learned in Computer Security class)

SSH keys are one of the common authentication techniques people use to log into a Unix session (the most common authentication technique is login & password).

If you are like me, you get sick and tired of typing in your login and password every single time you open a new terminal to connect to a Unix session. This is where SSH keys help me everyday by letting me authenticate against the key once, and every new shell session I start will authenticate using the same SSH key.

All you have to do is create a pair of public and private keys. In this analogy, the public key is the house lock and the private key is equivalent to the house key.

Private Key = House key

Public Key = House locks

Using an SSH key to authenticate is like using one key for all the doors in your house instead of having a bunch of combination padlocks (with the same unlock combination) on all your doors.
Read on…