Category: Know the Code

The IT Kitchen was recently hacked, and because of that, Shelley has found a critical bug in both WP 1.2.x and 1.3a. She provides the full details on what is wrong and how to fix it. There is also a thread in the forums that details the bug and the fix for it.

This was actually an already known bug, but unfortunately the WordPress forums don’t really explain what to fix to prevent it from happening in that post, and there hasn’t been much of a public push to fix the code. Until now.

If you’re running WordPress, please visit Shelley’s site and fix the code to prevent this from happening to you.

I repeat … DANGER. DANGER. IF YOU ARE RUNNING WORDPRESS, FIX THE CRITICAL BUG NOW.

(Do you think that will get people’s attention?)

Just doing my part to help spread the word about this MT-Blacklist v2.x bug – don’t delete any weblogs you have if you are running this version of MT-Blacklist. When you delete one weblog, it will delete a second weblog. As long as you don’t delete any weblogs, there shouldn’t be any problems. Just keep them up and running until there is a fix issued.

Thanks to Lisa, I learned that it is incredibly easy to add the “Add to My Yahoo!” RSS button to your site. You can learn more about how to get your content syndicated on My Yahoo!.

If you want to, you can block it from publishing your RSS feed too, but that’s not very nice to those of us that want to read your feed. Meanwhile, if you ping them to make sure your latest post shows up, you can. I’ll have to look to see if the Ping-o-Matic is already set up to ping them.

Mmmmm… RSS feeds. Good things. By the way, Jennifer fixed mine so it’s a full feed again. Yeah! Tasty! Oh, and if you’re wondering what an RSS feed is, you can go learn more here.

Kevin has made stickers to share so that you can share your love of TiVo. Let everyone know that you are a Tivotee!

I’m under attack. In the past 2 hours or so, I have received over 700 spam comments. In the time it takes me to delete 20 of them, another 5 arrive. Earlier, they were from a variety of IP addresses; now they are the exact same comment coming from the same IP. Over, and over, and over again. I have comment moderation turned on in WP, but it’s going to take forever to delete all these comments. Bigger issue, I want to stop them from coming in at all.

Back in MT, I could enter an IP address and tell MT to not accept comments from that IP. I can’t find an option like that in WP anywhere.

Any WP gurus out there with suggestions? Anyone? Help? I need to stop the flood!

UPDATE: As soon as I posted this, I realized that because they are running a script to leave so many spam comments, that means they are hitting the server. When they are hitting the server, you can stop them on the server level. Doh! So there is an IP deny in place on the server itself for their IP right now. Meanwhile, it seems I have some plugins to install tonight. Jenn responded to my panic e-mail and let me know that there is a plugin at ScriptyGoddess that will allow me to delete all comments in moderation mode. I’ll be installing that in a few minutes.

Update 2: In the time it took me to write that last update, Jenn put the plugin in place for me, and let me tell you … wow!!! That is so cool! When you have a lot of comments stuck in moderation mode (or even just a few) and you want to zap them all away, the best thing in the world is her Comment Moderation – Select All For Delete plugin! Jenn ROCKS!!!

I’m all nice and calm again now. Thank you to everyone for your support!