So, those of you who have signed up for email updates from the site may have seen a large vomit of spam from our site yesterday. Sorry about that. I loaded some posts in from a backup, and the WordPress plugin decided that meant it should send out alerts for those old posts again. Because, obviously.
In combating this latest accidental spam, I also noticed that the plugin in question has an unpatched security hole in it and has been withdrawn. So, I need to delete it ASAP. Instead of trying to find an alternative, I’m going to retire the email updates again, and this time permanently. When I mess up the site usually, the worst that happens is that it appears messed up in your browser. If I mess up something that involves email alerts, I can end up sending out thousands of junk emails. I’m tired of that.
One of the (many) things that piss me off is the growing plague of modal popups (also called interstitials) that seemingly every site deploys these days. These are the popups that dim the screen and take over the web page you just loaded demanding that you “Like us on Facebook!” or “Join Our Email List!” To proceed, you have to find and click on the (often tiny, obscure) X or dismiss button (which surprisingly is never labelled “F**k Off”, which is exactly what I utter when that happens) just to even see what’s on the site.
My reaction when I see this is immediate: I hit the back button. If you’re near-sighted enough ask me to like your site or give you my email address before you give me a chance to look at it for half a second, I can safely assume you too stupid to actually present content I want to see. I guess, in a way, it does me a service. It’s a nice filter. I won’t waste time on that stupid site. But I really get annoyed being slapped in the face again and again by aggressive levels of stupid.
So, part of my weekend was spent addressing the aforementioned spam issue. Turns out we’re not the only ones getting this same spam influx: this guy is getting it, too, and he links to another site. As the spam tidal wave rolled in, I realized that this was a massive spam operation. The IP’s are from all around the world, bot just China and Venezuela. There are also hits from legitimate ISPs and hosting companies, not just the fly-by-night places well known for tolerating spam. Someone has themselves a huge-ass botnet.
Fortunately, a bit of Googling turned up a solution to at least reduce if not totally stem the tide. This post over at RTCXpression explains how to block spammers from commenting based on their country code. Since most of the spam was coming from a few countries we’d never imagine would be posting real comments here, that seemed perfect. You can also specify a separate list of IP ranges to block, and the auto included his blocklist. That list mainly consists of Web hosting and virtual server companies, which generally won’t be posting comments to a blog. This solution is faster than some WordPress plugin. It also works with the web server we’re running. Most of the WordPress plugins rely on features found in the Apache web server (which most sites use).
The solution isn’t perfect, simply because of the breadth of the botnet that has been assembled to advertise various craptastic products. Servers that aren;t on the blacklist and aren’t in one of the banned countries are still popping in to drop a load of spam. But now it’s along the lines of 3-4 posts per day, rather than 80-90.
We’re in the crosshairs of a very aggressive comment spammer. Last night, I noticed we had 800+ spam comments in our comment spam queue, which had accumulated in a week or so. I’ve set up a bunch of WordPress plugins to spot fake comments and filter them out. Usually, we get less than 5 spams in a busy spam week, and many weeks it’s 0. I cleared it out only to find 90 more spams in the spam folder this morning.
Of those nearly 1000 spams, precisely 1 made it through the spam filters and showed up attached to a post. So, that a success rate of 0.01%. I think that pretty much qualifies as an epic fail on the spammer’s part.
So, not only do we have working RSS feeds (which is pretty surprising, since I didn’t know I fixed them… I guess I must have been sleep admin’ing again…) we also have the ability to send out email alerts for new posts!
To get Wetmachine email:
If you are already logged into a Wetmachine account (or you’ve logged in using Twitter, Facebook, or other popular social media sites), just go on over to your Profile page and click the Subscribe2 link (or just use this direct link). From here, you can choose which posts will be emailed to you, and what format they are in.
If you have an account and you’re not logged in, go here to fix that.
Don’t want all of this account nonsense? Just use the link in the right-hand column (or [subscribe2 link=’this link right here’]) to just enter your email address. You’ll get alerts for all posts on Wetmachine, and you’ll just get them in plain text.
Is even that too invasive? Don’t trust us with your email address? Well… uh… we have the RSS feeds.
Note that we won’t try to reinstate people who used to get email updates before. Many of these addresses are probably no longer valid. Plus, we prefer to have you opt-in again rather than potentially annoying you all with unwanted mail.
My wife, a graphic designer/publications gal (not her actual title), was worried by Adobe’s recent announcement that their entire creative suite will now be cloud-based. After reading the actual Adobe press release/happy marketdroidspeak, it looks like things are a bit less dire than she feared. Designers will still be able to download and install the “Creative Suite CC.” locally, rather than depending on always having reliable net access just to use the basic tools of their trade. Adobe, of course, couches all of this in happy cloud-talk… you’ll seamlessly collaborate, shooting files off to people hither and yon, and you’ll get to show off your work (key for the many designer freelancers out there). You’ll be free! You’ll be happy!
These features seem nice and all, but not something that really sounds like it has to be tied to Adobe’s Cloud. Using Dropbox, social media, and other third-party services probably can come close, or even surpass what Adobe has cooked up. So, it’s nicely integrated, yes… but not something that is world-shattering.
What’s not mentioned in the hype is how this may dramatically shift access and ownership of a designer’s own set of tools.
Mixed into all of the “OMG! SNOW!” coverage on the local TV news as I got ready for work last Friday was a small and very sad item: The Higgins Armory Museum will close at the end of the year. The Higgins is in Worcester MA, a few miles from where I went to college. I didn’t go to the museum until my sophomore or junior year, which is pretty shocking since my friends and I were all D&D geeks. How could we have not known about a steel art-deco castle-like building that was crammed full of swords and armor such a short distance away? Finally we could see exactly what a glaive looked like.
A few minutes ago, a bunch of alert emails went out for old posts on Harold’s Tales of the Sausage Factory Blog. This was caused by my editing a bunch of posts to fix some settings, and not realizing that the “send alerts” box was checked (which it shouldn;t be for old posts).
The plugin responsible for this has been turned off.
We’ve moved Wetmachine to a new server. There may be some glitches along the way, including emails to John. Hopefully, as the internets catch up on the DNS change, and any minor wrinkles get worked out, we’ll have a much more stable platform.