22.06.09
Posted in General Colin McNulty Stuff at 8:09 pm by Colin McNulty
Ok, this is probably old news, but FaceBook now allows you to set your own url, e.g. my facebook profile used to be here:
http://www.facebook.com/people/Colin-McNulty/1421747440
Now it is here:
http://www.facebook.com/colinmcnulty
This is very nice, I like. Why they didn’t do such an obvious feature before is a bit of a mystery really. However, getting a custom Facebook url (or vanity url as it’s sometimes called) is now easy, you just go here: http://www.facebook.com/username/
WATCH IT THOUGH: it’s a one time deal. You can’t change your mind and you can’t undo it, so make sure you’re happy with what you chose, and make sure you don’t mistype it!!
Permalink
22.05.09
Posted in General Colin McNulty Stuff at 9:18 pm by Colin McNulty
I don’t know what happened to the blog this week, but I couldn’t login as administrator yesterday. I managed to fix that, though I don’t actually know how. Then I was told that comments weren’t working, somehow the option to force people to be logged in to comment was turned back on?!? Weird. It should be fixed now though.
Permalink
22.03.09
Posted in General Colin McNulty Stuff at 12:31 pm by Colin McNulty
You may have noticed that my blog has been offline for a couple of days. To be honest, I’m not sure how it happened, but I have discovered the cause. The process of fixing it may prove beneficial to others, so I’ll detail it here. Here’s what the problem looked like:
As you can see, that’s of no help. So the first thing to check was whether the blog WordPress admin pages were working. Nope, same error there. So it’s off to the trusty cPanel to check the server logs. Clicking the “Error Log” gave a lot more information:
Aha, now we’re getting somewhere:
SoftException in Application.cpp:252: File “/home/xxxxx/public_html/blog/index.php” is writeable by group
Now this makes no sense at first, what’s a SoftException and what’s a writeable group? Here’s my simple interpretation, a soft exception is an error, which in this case isn’t to do with the file contents itself, but the real clue is the “[file] is writeable by group” bit.
Writeable is a permission (like read or execute) and group is one of the 3 types of user that you can set permissions for: Owner, Group and Public. So it appears that our problem is to do with the file permissions for the index.php file, specifically that the Group set, has writeable permissions, which isn’t correct. Now it’s off to the cPanel “File Manager” to check the permissions:
You can see the permissions are set to “0777“. Don’t worry too much about this, but you do need to know that this is wrong and it should be 755 in most cases. In fact, it wasn’t just index.php that was set to 777, but every file and every folder! I can’t imagine what has caused this, but I assume it was a dodgy upgrade script. Either way, now to fix it by setting the permissions back to 755.
I use an ftp plugin for Firefox called FireFTP which allows this. Selecting all the files and folders using Ctrl+A, right clicking and selecting “Properties (incl contents)” and after a few minutes of processing, you get a permissions dialog box up:
Just untick the Write boxes against the Group and Public users, and tick the “All Contained Folders” and “All Contained Files”
Click OK and wait for a few minutes whilst Fire FTP ripples through all your files and folders resetting the permissions, and Bob’s your uncle, Internal Server errors and “is writable by group” errors are gone and the WordPress blog is back up!
Permalink
22.02.09
Posted in General Colin McNulty Stuff at 6:41 am by Colin McNulty
I periodically check my blog stats with Google Analytics, something I did the other night. Take a look at the traffic graph (click the image to see a bigger version):
As you can see, something happened around the 5th Feb that knocked about 75% of the normal traffic off the site! Obviously I was bothered about this and so decided to investigate. The question is, where to start? First I started by checking why the traffic dropped. Searching Google for terms I know I normally rank for proved it, I was no way near the top for many of the search terms I normal am for.
The first thing to do was to check Google Webmaster Tools, which is a great resource for managing your site and for getting notified of any issues that Google finds with your site. Initially it identified a missing page, which has 4 links on my site pointing to it. I was aware of this (will fix it one day) which was caused a couple of years ago when I renamed a category. So nope, that wasn’t it. What else?
Webmaster Tools didn’t throw up any specific warnings so I had to delve a bit deeper. The Crawl Statistics page was the first page that started to give a hint as to what was going on, take a look:
Compare the pages downloaded per day to the bandwidth per day graphs. You can see that the number of pages that the Googlebot is crawling has stayed pretty much the same (i.e. each time Google visits my blog) , but the amount of bandwidth google downloaded per day more than doubles around the 5th Feb. Coincidence? I think not!
Let’s think about this, if the pages downloaded is the same number but the bandwidth has increased, then the physical size of each page must have increased. About doubled in fact. I was starting to get a déjà vu feeling here, somewhat similar to when my wordpress blog was hacked last year.
So off to another Webmaster Tools page, the one that shows what Google sees on your site. There it lists the external links to your site, but also the keywords that Google has identified. Here’s what Google thinks my site is about, in descending order of importance:
- Colin McNulty Blog Keywords
WTF!!! You can see Crossfit down in 18th place and my blog is certainly nothing to do with ringtones. There we go, proof my website was hacked. Now to check: off to Google to check the cache that Google keeps of my site. However there was nothing obvious on the normal cache, until I looked at the Text Only Version, which is a really useful tool for assessing what Google really sees on your site. Aha, result. Take a look what I find at the very bottom of my home page (in fact every page on the site):
- Wordpress Hacked with Hidden Links
Damn it, hacked again. The exact same problem as last time, about 500 hidden links inserted at the bottom of the page. The last time this happened, I had not updated my Wordpress version for some time, mostly due to laziness and fear of the upgrade breaking something.
This time however, I was only just behind the latest version. I had the latest 2.6.x version (I forget what the x was, 2.6.5 I think, but it was the latest). However Wordpress v2.7 was out and I hadn’t upgraded to it. Mostly because it was a major re-write of the Wordpress admin user interface and I was waiting for a point release (i.e. 2.7.1) before upgrading to make sure any problems with the latest release had been ironed out.
That was obviously going to have to change, so straight away I backed up the site and upgraded to Wordpress 2.7.1 . A quick check of the source code showed that the errant urls had gone as a result of the upgrade, which was nice. Just to be sure though I wanted to check the Google cache. To do this, I’d have to wait for Google to re-cache the site though and I didn’t want to wait that long, or risk the hack having been done some other way I hadn’t spotted.
So using some of the cool add-ins I’ve got with FireFox (you do use FireFox instead of Internet Explorer don’t you??) to disable java script and turn off Cascading Style Sheets (CSS) so as to see a virtually text only version of the page, and it looks like this:
- Hacked Blog After Wordpress Upgrade to v2.7
Magic, dodgy urls gone. Lessons then: 1) Keep up to date with Wordpress upgrade versions. 2) Think of some way to monitor and identify if this happens again.
Also I want my rankings back as soon as possible. It’s likely that when Google re-caches my site, it should sort itself out, but in order to make sure there were no lingering spam penalties, I have filed a Google Reinclusion Request (another feature of Google Webmaster Tools). I’ll be checking to see how my rankings are over the next few weeks and will report back if things don’t go according to plan.
Permalink
30.06.08
Posted in General Colin McNulty Stuff at 3:04 pm by Colin McNulty
I’ve been having some problems these last few weeks with excessive bandwidth usage and had been unable to work out why the average bandwidth used per visitor had increased five fold!
Basically I’d hit my upper bandwidth limit twice in the last week (you may had noticed) despite not loading the site with much more material than normal. Further, the webserver statistics showed that 93% of the bandwidth was being used consumed just downloading raw html files, not images or videos or anything. I was flummoxed as to what the problem was.
Then this morning I saved the home page to my PC, to see if it really was as big a file as the stats seemed to be suggesting… sure enough it was: a 900kb .html file! Why was it so big? Checking the raw html source code I was shocked to discover literally thousands of hidden links out to other sites, for all sorts of nefarious links, I’m sure your imagination can work it out.
My blog had been hacked and had all these links inserted without anyone noticing. They were hidden with a style that stopped them being displayed by your browser, but they were still there.
It only took a few minutes to delete them all, but it’s taken me all morning to upgrade the wordpress version from 2.1 to 2.5.1 I hate upgrading, it’s a pain in the butt, not least of which because of incompatibilities between the new version and all the plug-ins I have installed. This is why I’d been sitting on such an old version for so long.
The irony of the situation is this though: if the hackers hadn’t been greedy and uploaded such a huge number of links (a pointless exercise from an SEO perspective to be honest) I would never had noticed. If they’d just restrained themselves to 2-3 links, or hell, even 50, I probably would never have suspected a thing. But 800kb of hidden links is hard to miss. Just to be clear, that’s about 2000 lines of extra links.
If you don’t understand why someone would do such a thing, it’s all to do with how the search engines rank pages in their results. Basically links to your sites are like votes, the more votes you get, the more important Google thinks your site is and the higher up it lists your website when people search for stuff. It’s rather more complicated than that, as I’m sure you realise, but that’s the essence of it.
Permalink
