The Robservatory

Robservations on everything…

 

Site News

Stories about Robservatory itself.

New WordPress attack floating around…

I use a shell script to back up my web sites each day -- it exports and downloads a SQL file of the database contents, as well as rsync's the actual HTML files. When I was checking the log file for last night's downloads, I noticed something very strange in the output:

  receiving file list ... done
  ./
  html/wp-content/
  html/wp-content/1/
  html/wp-content/1/3c-texas-holdem-poker.html
  html/wp-content/1/american-poker.html
  html/wp-content/1/bonus-code-party-poker.html
  html/wp-content/1/casino-poker-gratis.html
  html/wp-content/1/come-giocare-a-poker.html
  html/wp-content/1/come-giocare-poker.html
  ....
  ....

In total, there were 71 files in the newly-created 1 folder: 70 .html files, and one g.js file. There was also a new oddly-named backup folder, and the index.php file in wp-content (which is just a blank placeholder) had been replaced with basically the same file but with an added line break on the first line.

I googled on some of the .html filenames, and found a number of WordPress sites with the same issue (the "1" folder), but nobody who was talking about the cause of the problem. So I posted about it to the WordPress forums, where someone pointed me to this page, which contains at least a little more background on the issue. I'm also posting some of the html filenames here, in case others are searching for more information on the attack.

As of now, I don't know how they got in (though I suspect via one of the plug-ins), but I don't think it's through any sort of direct site access: none of the site's other files and folders were changed, nor were any posts or comments created. It also doesn't seem to be an automated attack, as the 1 folder hasn't returned after I manually removed it yesterday. But if you run WordPress, keep an eye on your wp-content folder for anything other than what should be there: index.php, plugins, and themes by default. If/when I find out more about this, I'll post a follow-up.

Site upgrade complete

We're now running the latest version of WordPress -- if you run WordPress and aren't on 2.3.3 yet, I strongly recommend upgrading, or at least patching your xmlrpc.php file. There's a security problem with that file in older WordPress releases, as detailed in this WordPress blog post:

If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog.

This actually happened here; two posts were modified to include links to malware and ringtone sites.

Most everything is back up and working as it was before, though sadly, the King Login widget, which allowed logins directly in the sidebar, doesn't work at all with 2.3.3, so it's been disabled. While working on the upgrade, my comment spam blocker was offline for all of 10 minutes or so. During that time, three anonymous spammy comments were submitted -- sheez!

Random header images for WordPress

I've finally migrated my family's site over to the latest version of WordPress, and installed pretty much the same batch of plug-ins and widgets as I use here. However, I wanted something else, too--a randomly-selected image for the header of the site that changes each time the page is loaded, as seen in these four sample pictures:

montage

(The header images are just sections I've snipped out of photos we've taken, with an artsy Photoshop filter of some sort applied.)

I searched the web, and there are a few plug-ins that offer this ability, but they came either too feature-rich, or required some additional JavaScript to work properly. I wanted the most simple, basic, and functional header image rotation solution I could find...so I wrote my own, which required all of two lines of code. I'm posting it here so that (a) I remember how I did it, and (b) in case anyone else wants a simple solution, they'll be able to find it with some help from Google (our family's site is access restricted, so posting it there wouldn't do much good...and it would confuse my relatives, who are used to only seeing pictures of our kids there!)
(more…)

My first WordPress plug-in: custom registration

Over the last couple of evenings, I created my first-ever WordPress plug-in, which I wrote to make it easier to customize the WordPress registration (and login) screen. As distributed, the stock version of WordPress uses a really not-very-nice registration screen--it features the WordPress logo (embedded in a background image), and links back to the WordPress site. If you wish to modify the login screen, you have to change some files in the WordPress core--and that means that every time you update, you have to remember to redo those customizations. Far from ideal...

So I took some time to read about creating WordPress plug-ins, then studied up on the available hooks to see if what I wanted to do was possible. The good news is that, as of WordPress 2.1, it was possible--and quite simple (even for my very-limited PHP skills).

After a few error-filled attempts, I wound up with a working plug-in that creates a nicely-customized registration screen, all without changing any core WordPress code--you can see the results on the registration page. (This is roughly what it looked like under WordPress 2.0, but I created that page by modifying the core WordPress files.)

If anyone wants this plug-in, feel free to grab it (36KB download)--there are some basic instructions in the customreg.php file, but I wouldn't describe it as heavily documented. Also, I'm not sure how well it works with the default login screen, as I use the King Login sidebar widget for login in the sidebar. What I'd really like to do is figure out how to display the registration form with the header, sidebar, and footer--but after some basic investigation, I think that project is beyond my skills. So for now, this is officially good enough.

Recent Macworld articles cross-posted

Macworld logoDespite my promise to stay on top of my Macworld postings, I haven't done all that well at doing so. This morning, I posted a small flurry of Macworld stories, covering the last few months' editorial pieces. Since I filed them correctly according to date, you won't see them in the RSS (I don't think?), so here are some links to the Macworld pieces, along with a short synopsis of each article:

  • Feb 28th: Don't leave the Windows open: A real-world example of what can happen to a seemingly reasonably well defended Windows XP Pro installation (as installed under Parallels on my Mac Pro). [robservatory link]
  • Feb 9th: On meaningless hyperlink graphics: I rant about Snap's "Preview Anywhere" technology, which pops-up an (unrequested!) miniature preview icon of the page you'll visit when you click a link. Ugh. [robservatory link]
  • Jan 12th: Ten iPhone suggestions: As cool as I think the iPhone will be, I probably won't be buying one. The Treo I have is so much more than a phone that I can't see losing those capabilities by switching to the iPhone. If Apple were to implement at least the majority of my ten suggestions, though, then I'd switch in a heartbeat! [robservatory link]
  • Jan 3rd: Reading between Apple’s lines: I wrote this piece after Apple's homepage changed to read "The first 30 years were just the beginning" the week before Macworld Expo. In the article, I predicted the contents of the keynote speech. Though nearly everything I wrote turned out to be wrong, I got the iPhone's general concept right, though my comment of though not even Steve can really get away with a one-button phone--can he? turned out to be exactly what he did get away with! [robservatory link]

Just so I can finish with another promise to be broken, I really will try to stay more on top of these posts from now on! :)

Timing is everything!

It figures; just days after getting everything together and uploading the first major revision to Robservatory, WordPress goes off and releases version 2.1! Sigh.

I intsalled version 2.1 on my local copy of the site, then ran the upgrader. That portion of the process went quite well. However, in trying to re-enable my collection of plug-ins and widgets, I found that many of them don't seem to get along with WordPress 2.1 at all--enabling certain plug-ins completely breaks the site's display, for instance.

So, for now, I'll be keeping the site on the 2.0.7 release until more of the plug-ins are updated.

Site upgrade completed

Welcome to Robservatory 2.0!

We're now running the latest and greatest version of WordPress, but the big news is that I've spent a fair bit of time digging for and installing useful add-ons. (I've also converted the sidebar to WordPress widgets, a cool plug-in that makes it much easier to add and remove things from the sidebar.)

Read on to see some of the new features, as well as some notes from the conversion process...
(more…)

An expansion in focus…

Given that most of the technology subjects I think to write about are being used on macworld.com (they get first dibs on anything that I want to write that's related to my job), I've chosen to expand my writings here on robservatory to cover other topic areas that I find interesting. I make no promises that you will also find them interesting, but I don't think there are a ton of readers out there anyway :). The first two such posts follow this one.

I'll clearly not venture into areas of "social debate," such as politics, religion, or Wii vs. PlayStation vs. Xbox 360...ok, if someone wants to send me one of each of those, I'd write about them :). Basically, the new entries will cover things I run into in my daily adventures that I find intriguing, stupid, rant-worthy, rave-worthy, or that otherwise tickle my interest. As such, I can't tell you exactly what those things might entail, but hopefully you'll occasionally find them of interest.

Note that I will still cross-post all my macworld.com stories here, and will continue to focus mainly on Macs, OS X, and technology, as those are my three main interest areas. And after Expo, look for a totally new "Robservatory 2.0" to be launched here. The look will be much the same, but I've spent a bunch of time digging around for nifty WordPress plug-ins, many of which are Ajax-ified for easier user interaction. I think you'll like the new tools, and I'll like some of the things they let me do (like easily run polls on various topics).

And now, I'm off to the Expo! Hopefully the realities of the Tuesday keynote meet the incredibly high level of hype they've generated...but really, how could it? I've got my fingers crossed, though, just in case!

The Robservatory © 2022 • Privacy Policy Built from the Frontier theme