So You Want To Be A Waiter

The best book on waiting tables that you have never read – yet

Tag Archives: WordPress

Milestones, stats and other ephemera

Well kids, I just hit an arbitrary milestone – over 80,000 hits since the blog’s inception. I was going to use 75,000 but I thought, “Nah, let’s hit a nice round number with 4 zeros”. I’m on track to hit 100,000 in the first year, which is respectable, considering the fact that I don’t write things too controversial or demand a lot of commenting  back and forth between frothed-up people with axes to grind.

Stats are a funny thing in that they can be mesmerizing. WordPress has this very cool graph thingy which allows you to track by day, week, or month. In the first couple of months, growth is exponential – “Oh boy, look at this graph – it looks like 90s housing prices”! Then you write about something that really causes it to spike. In my case, it was an innocent article about the change in the Heinz ketchup label, something that I had only noticed at work a couple of months after it had occurred. Apparently, I missed any media coverage of this momentous occasion, so of course I just had to write about it. Talk about hits going through the roof! Now, I don’t know if anyone actually read the damn thing, but to this day, I continue to get multiple referral hits on Heinz ketchup, ketchup bottle, and ketchup.  In fact, just yesterday I got something like 60 hits from web searches. Really? That many people need some esoteric information on Heinz ketchup?

Anyway, growth is leveled off as it should have by now. I’m in a comfortable range where I’m sure that I’m getting the readership that I deserve. I’m still on the uptick, but it’s far more gradual. After all, I’m no Huffington Post or Debbie Schlussel.

I’m grateful for all of my thoughtful readers who suffer through my twisted prose and occasional sentences that don’t begin with a capital letter. Actually, there’s a functional reason for this – for some odd reason, when I had to replace my old keyboard with this new one, it’s just a little bit different from my previous one and even after about 8 months with it, the shift key is off just enough that sometimes I only brush it hard enough to think that I pressed it.

WordPress also recently upgraded their spell check to include a deeper grasp of grammar. Talk about a ruthless editing taskmaster! It doesn’t like the passive voice one little bit, let me tell you. It doesn’t like words like “preshift”, “tipout”, blogster or Fahrvergnügen.

Now I have Sitemeter to feed my desire for stats, stats and damned stats. It’s richer and deeper and I highly recommend it to my fellow blogsters. Just don’t get trapped by its curvaceous siren call. It will drive you to the rocks, I tell you.

So, thanks to all for your support of this blog. I appreciate all of those who have linked to me. I realize that it’s difficult to contact me directly without a posted email address (this is another one of those “security measures”). If you’ve just been dying to give me a piece of your mind, or wish to ask a question, don’t ever hesitate to use the comments section to do so. In fact, this type of off-topic post would be just the trigger for you to pull.

And, if you are a blogster in need of some quick hits for ad dollar purposes or just intense ego gratification, or you think that your readership has slowed, here’s a suggestion – write a paean to Heinz ketchup. Who knows? Some of those folks who are interested in Heinz ketchup might end up hanging around for the party. At least you’ll get some gratuitous hits.

So, just for giggles:

Self-hosted WordPress users need to upgrade to newest version immediately

I think that this article by Lorelle, a noted blogger on WordPress issues, is important enough to reproduce in its entirety (except for the link compendium at the bottom of the post). Please see the original article here:

http://lorelle.wordpress.com/2009/09/04/old-wordpress-versions-under-attack/

And visit her blog regularly if you are a fellow WordPress user. It’s a very helpful blog.

I want to emphasize that this is for self-hosted WP users only. Bloggers like me who have WP host their blog are in no danger.

Old WordPress Versions Under Attack

WordPress NewsOtto42 of OttoDestruct, a key WordPress developer and supporter, reports that there is an “attack” on older versions of right now. The number of sites hit by this is growing every hour. Protect your WordPress blog now: UPDATE NOW!!!

Update your WordPress blog before you continue reading this post. That’s how critical this issue is.

Things You Need to Know Now

Here is what you need to know right now.

  1. UPDATE NOW! Reports are that this attack impacts ALL versions of WordPress up to 2.8.4, the most recent release.
  2. Report from WordPress on Attack: How to Keep WordPress Secure. Information on the most recent update of WordPress that prevented this attack on updated WordPress sites: WordPress 2.8.4: Security Release.
  3. What Version Am I Using? If you are using a WordPress version after 2.7, the nag screen on the WordPress Administration Panels will alert you to upgrade. If you are using an older version, upgrade now. Don’t know what version you are using? Without a nag screen to tell you to update, you’re using an old version. Checking the Administration Panels footer will help, but don’t waste time looking. Just update now!
  4. Use a WordPress Plugin for Protection: Do not rely upon a WordPress Plugin to protect you. There are many reports of Plugins that will “help” in the comments. While they might help in other ways, please upgrade now. That is the only solution if your site has not been impacted.
  5. WordPress is Not Secure: WordPress is incredibly secure and monitored 

constantly by experts in web security. This attack was well anticipated and so far, WordPress 2.8.4 is holding. If necessary, WordPress will immediately release a update with further security improvements. WordPress is used by governments, huge corporations, and me, around the world. Millions of bloggers are using WordPress.com. Have faith they are working overtime to monitor this situation and protect your blog.

  • Fear of Upgrading: This attack is serious enough to overcome all your fears of updating. If older WordPress Plugins are holding you back, update them to the latest version or replace them with new. If your Theme might break, contact the Theme author and update or replace it. There are thousands of free Themes to choose from, probably some better than what you are using. If you are using a recent version of WordPress, updating is as easy as clicking a couple buttons. If you are using an older version, download the most recent version and upgrade now.
  • Other Issues? Whatever your issue is that keeps you from updating WordPress, get over it and update now to protect your site.
  • When we have updated news, we’ll add them to this post and/or post a new article.

    How Do I Know If My Site Has Already Been Attacked?

    There are two clues that your WordPress site has been attacked.

    There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

    The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize. You will probably be unable to access that account, but Journey Etc. has a possible solution.

    WordPress.com blogs are not impacted as they are up-to-date. Only versions prior to WordPress 2.8.4 are impacted.

    To Prevent Your WordPress Blog from Attack

    To prevent this form of attack, update your WordPress site IMMEDIATELY to the latest version. Change ALL passwords to a strong password immediately, including WordPress blog access for all users, database, FTP, control panels, everything.

    See the articles below for more helpful information on how to harden and protect your WordPress blog.

    If Your WordPress Blog Has Been Attacked

    If your site has already been attacked, it appears that the hack attacks the database, going deep. We’re looking for solutions, but the easiest appears to be to export all your content with the built-in XML WordPress export (pre 2.1 versions, try the WordPress-to-WordPress Import WordPress Plugin) and literally remove your WordPress installation totally (save images and general files). DO NOT EXPORT YOUR DATABASE! Install the latest version of WordPress and add the “clean” backup of your WordPress Theme, then import the XML export. The export will contain your posts, Pages, and comments, and hopefully no other hacked code.

    How To Completely Clean Your Hacked WordPress Installation” by Smackdown is a good article on how to reinstall WordPress after being hacked, but take care to keep your export limited to the post content and comments (and Pages), not the entire database as the hack goes into the database.

    How to Respond to a WordPress Attack

    WordPress has been requesting users update as soon as an update is released for several years. They also now have a excellent team to track down this issue and quickly protect WordPress with any necessary updates.

    Please blog and Twitter about the attacks. It’s important that we spread the information throughout the WordPress Community as fast as possible, encouraging everyone to update WordPress. Take care not to promote rumors, just the facts, until we know more.

    If you have pertinent information that will help the WordPress team track down and stop this attack, please report it to security@wordpress.org.

    Check the for more information and support. Also check for news and announcements on security issues and updates on the and in your WordPress blog Dashboard Panel.

    Please, keep your WordPress site constantly updated. You are now informed of updates directly through the Administration Panels. Act upon it.

    ——————————————————

    And here is founder Matt Mullenweg’s blog post on the subject:

    http://wordpress.org/development/2009/09/keep-wordpress-secure/

    About comments

    Obviously, this blog is just like any other. It gets its share of spam, which is handled well by WordPress.

    As a policy, I delete any spam that comes from a commercial website (especially those that have “undressed”, “nude”, “Viagra” and other commercial and exploitative ventures) while being obvious that it’s a bot trying to simulate a human trying to respond.

    And the bots are getting more clever. It’s usually easy to tell when a “Great post” message generated is just that – generated to bypass the normal spam-judging criteria that a blog owner is likely to use to filter out such things.  However, they are starting to sound a little more detailed in order to make it appear that someone has actually read the post. I am not fooled by that.

    HOWEVER…

    I recognize that someone might actually read a post, like it and want to comment on it, but they do it while either posting from, or promoting their own website. That’s fine in my book. I don’t mind people promoting their own website (unless it’s porn or some phishing-type site, generic pharmaceutical clearinghouse or hate-mongering type site).

    SO…

    If you happen to post from your own commercial site or you promote such a site, your comments will be added if you make it absolutely clear that you have read the post and your comment is relevant to the post, whether you agree with it or not. Otherwise, it goes on the virtual cutting room floor. If you are able to design some sort of artificial intelligence bot that mines information from a post and cleverly constructs a comment that seems relevant, well, I guess that’s my problem.

    The best thing is to comment and add your website as a link as either a sig or as a discrete link and not have it as part of your pseudonym (that’s the first thing I look for when doing manual sifting through my spam folder). That might be impossible for some of you, so you need to go the extra mile to assure me through the language in your comment that you are a real person, sitting in a real room making real comments on a post.

    That is all. You may now return to your regular programming.

    spam_sandwich

    Follow

    Get every new post delivered to your Inbox.

    Join 38 other followers