Chinese spammers abuse Jetpack plugin

All day long, Chinese spammers have taken advantage of an apparent flaw in Automattic’s (the makers of WordPress) Jetpack plugin. This morning, I noticed a slew of email bounces in my inbox, all with Chinese letters in them and a link to one of my blog posts. It turns out that the spammer has been clicking on the post’s “Share This” link and somehow entering their spam as the resulting email’s “From” address. Each email goes to a “” address, which is a Chinese mail provider.

The only way I could stop these emails was to turn off Sharing under Jetpack’s settings. Upgrading to the latest Jetpack (4.6) didn’t seem to help.

Apparently this has been an issue since 2014. I have no idea why this is the first time my site has become a victim nor why Automattic hasn’t figured out a suitable countermeasure yet.

Need Photos of Raleigh? Mark Turner Says Use His for Free, Please. – Raleigh Agenda

Raleigh Agenda wrote about my public domain photos of Raleigh today.

I first met Mark Turner on the corner of McDowell and Hargett streets for a mysterious “field trip,” as he had called it.

“C’mon, there’s something I want to show you,” he told me, motioning up the street toward DECO. He seemed eager to push past the handshakes and how-do-you-dos, so the adventure could begin. Inside the gift shop, he directed me toward a little basket filled with postcards.

“See that?” he asked, holding up a pack of cards that featured a colorful, sketch-like rendering of the Raleigh skyline. “These are based on the picture of Raleigh that I uploaded to Wikipedia. All the streets line up.”

Sure enough, the skyline sketch—captured from the Western Boulevard overpass, looking northeast in 2008—employed the same angle and details as the picture that accompanies the Raleigh, North Carolina Wikipedia entry. Even a red minivan was echoed on the postcard, eternally stuck in traffic. That’s Turner’s shot, free to anyone who wants to use it.

Source: Need Photos of Raleigh? Mark Turner Says Use His for Free, Please. – Raleigh Agenda

Georgetown Hospital blocks MT.Net, gives Facebook a pass

I’m connected to Georgetown University Hospital’s MedStarGuest network and trying to keep from being bored between tests. I was about to do some blogging this morning when I was greeted with a WebSense notification that my blog has been blocked:

No MT.Net for you!

No MT.Net for you!

What makes this particularly amusing is that Facebook is not blocked by the hospital’s WebSense nanny filter. It seems that MarkTurner.Net is considered “Social Networking” but Facebook, the granddaddy of all social networking sites, is not blocked for being “Social Networking.” What’s even more amusing is that other sites I host on the very same site using the very same software (like are not blocked. Somehow I’ve earned inclusion onto WebSense’s no-no list.

This is yet another example of how idiotic these Internet nanny filters can be. Attention fellow IT people: there is no substitution for monitoring your own network. Don’t delegate your network monitoring to stupid products like WebSense.

And aren’t “guest” networks supposed to be safe for guests? Protect your important infrastructure with a secure network but your visitors shouldn’t need nanny filters.

Fortunately my VPN has not been blocked so that I could bring you this important message.

How I almost invented Wikipedia

Wikipedia Logo

Wikipedia Logo

I sold one of my domain names this month, I had that domain longer than I’ve had kids, registering it on 17 January 2000. Two months ago the domain became old enough to drive.

I remember just where I was when I decided to register the domain. I was in my entrepreneurial phase at the time, working with some extremely talented friends at NeTraverse and while I was on a business trip to Austin I dreamed up what I thought would be an innovative website.

I was a regular reader of the Slashdot (which was recently sold) nerd news website back then and was intrigued by its “karma” system of ranking posts. I wanted to apply this karma ranking to the people in the news, giving users the ability to rank what someone in the news says based on that person’s known credibility.

It was inspired by President Bill Clinton’s time in office. The Office of the President carries a lot of built-in credibility, for instance, so right away you’re going to listen to what the President says. But what if the President is caught lying (i.e., “I did not have sexual relations…”)? That should make one skeptical of whatever that President says, knocking down his or her karma score.
Continue reading

Script kiddie fail

Watch out, we've got a badass over here.

Watch out, we’ve got a badass over here.

Some bored kid out there has taken to brute force attacking my webserver in the early morning. I just noticed this referrer entry on the URL:

[Redacted IP] – – [19/Jan/2016:03:33:28 -0500] “POST /wp-login.php HTTP/1.1” 200 3416 “-” “–user-agent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:39.0) Gecko/20100101 Firefox/39.0”

Catch that? Whatever script Dr. Evil is trying to run here sets the referrer value by using –user-agent= as an argument. Instead, our boy genius is passing…

–user-agent=”–user-agent …”

Brilliant. Simply brilliant.

Google Search Console fail

Google gets it wrong

Google gets it wrong

I got a helpful email from Google today (and, yes, I checked the headers. It is indeed from Google), alerting me that my blog is apparently running a version of WordPress which is five years old. This is news to me since I regularly update WordPress (currently on version 4.4). I’m not sure how the all-knowing Goog got fooled into thinking I haven’t updated my blog platform for five years. It’s a rare miss for this ubiquitous search company.

Adaptive firewall rules with the react module

I’ve been fighting off hackers to MT.Net for several years now. My traditional way of doing this has been to manually flag the IP address of the attacker and add it to a block list. This used to be very effective, but then attackers began enlisting bot networks with dozens of IPs per attack. It because impossible to block them all without making it a full-time job.

About three years ago I implemented adaptive firewall rules which will track URL requests and only allow a certain number of those requests before blocking further ones. I blogged about their success and then … promptly stopped using it for some reason!

Today I noticed I was no longer using these amazing rules and promptly put them back into place. Like magic, the huge load I had seen on my webserver promptly disappeared. Now it doesn’t matter how many IPs an attack originates from, it will be blocked! That IP will not be able to launch any further attacks for 5 more minutes.

I love using smart approaches to problems. Just wish I remembered to keep them around next time!

From Gateway theme to Dellow

I got tired of the Gateway WordPress Theme because it teased me with features only available in the pro version. I don’t mind starting out with the basic, free version of the software if I know going in what I get for free and what I need the premium version for. I also wanted to add Infinite Scroll to make my blog perform the way all other social media sites now perform. I don’t know if even the premium version of the Gateway Theme does this.

With a little more poking around the Internets, I found the Dellow Theme. Dellow offers a cool Parallax effect with the header image. For the unaware, the Parallax effect scrolls an image or frame at a fraction of the rest of the page, offering a cool depth-of-field effect. Dellow also offers Infinite Scroll so that webpage visitors never reach the end of my blog.

Now, I’ve read that search engines sometimes have trouble finding content on an infinite scroll page. This remains to be seen. If it cuts into my search traffic then I may have to rethink my strategy. All told, I am impressed with what the free version of Dellow offers, so much that I immediately paid for the Dellow Plus version to show the author thanks.

Please help me kick the tires and let me know what you think of it. Thanks!