| «« Just Pile it On | Scoble's Link Blog »» |
|
About
I'm Ryan Lowe, a Software Engineering graduate living in Ottawa, Canada. I like agile software development and Ruby on Rails.
I write this blog in Canadian English and don't use a spell checker. Typos happen.
Projects
» Full-time Ruby on Rails freelancer
» Full-time with Rails since May 2005 » Former committer for RadRails (now Aptana) » I also have a few Rails side-projects in development: 1. wheretogoinTO.com Toronto nightlife 2. Hey Heads Up! TODO list and sharing 3. Layered Genealogy family history research 4. foos for foosball scoring 5. fanconcert for music fans (on hold) Hiring Rails developers? I can telecommute by the hour from Ottawa, Canada »» Email: rails AT ryanlowe DOT ca
BulletBlog
Now hosted on Hey! Heads Up -- check it out!
Syndication
Pings
Recent
Derek Lowe's (Ryan's older brother) words at Ryan's funeral
blog@ryanlowe.ca no more Forging Email Headers: Good, Bad or Ugly? Sarcastic Dictionary (Part 1 of Many) Tags Hierarchies Twisting Rails is Risky Business Risky Business? My Take on Early Alphas Whoa, it's August 2007 Closing Comments A Postscript to "Growth at the grassroots" »» All Blog Posts
Linkage
del.icio.us/ryanlowe
technorati/ryanlowe.ca/blog Aurora Roy Jim Andrew Trasker Travis Kibbee Karen Dr. Unk Ayana Van Bloggers Joel Spolsky Robert Scoble Tim Bray Dave Winer Raymond Chen James Robertson Ruby/Rails Bloggers rubyonrails.org weblog David Heinemeier Hansson Dave Thomas James Duncan Davidson Mike Clark Jamis Buck Signal vs. Noise Tobias Luetke Amy Hoy: (24)slash7 Jeremy Voorhis Eclipse Bloggers Planet Eclipse EclipseZone Luis de la Rosa Eclipse Foundation Kim Horne Billy Biggs Ian Skerrett Mike Milinkovich Bjorn Freeman-Benson Denis Roy
Archives
  
|
Updated to MovableType 3
OK, I've transferred everything over to the new MovableType. If you have any problems with this blog now please let me know ... it should be all good now. It's funny, even with no front web site the old MovableType installation got spammed 500 times since I moved it over. The spammers didn't even go through the web site to spam me, they just spammed the MT API. Tricky. This one hasn't been spammed yet, though I think I'll owe that to changing the file names to the post titles. Update: it doesn't need the web site to spam comments because the CGI file that handles comments is in the MT install directory, not where the blog is. Once I remove the blog from the MT install, the entries won't exist and comments can't be added to them. Update 2: I'm noticing a lot of referrals in my hit counter from unknown, which sometimes is an RSS feed reader opening up the post. Are my RSS feeds OK? The Movable Type default is to publish excerpts and I changed it -- my intent is to publish the full post. Also, found some great summary and some tips about avoiding comment spam. Posted at August 26, 2004 at 12:31 AM ESTLast updated August 26, 2004 at 12:31 AM EST Comments
Isn't there some way to protect against this kind of thing. If it's hitting the back end, shouldn't they check that stuff is coming from the front end before processing it, or something. Something like this would really annoy me. Good thing it doesn't happen. Security through obscurity works again. » Posted by: Kibbee at August 26, 2004 07:18 AMThat's the thing though, it's not really a back-end per se. It's just another area of the site where the dynamic CGI code is. For this blog, the statically built blog is here: and the CGIs (for security reasons) are in http://www.ryanlowe.ca/cgi-bin/MT-3/ For example, the comments for this entry are at: http://www.ryanlowe.ca/cgi-bin/MT-3/mt-comments.cgi?entry_id=1023 The comment form POSTs to the same CGI file. So all a bot has to do is iterate through the id numbers to put comments on another post. I'm not sure this mechanism could really be improved from an exposure standpoint, but I've installed MT-Blacklist to block comment spam and flooding. It's hard to say whether it's worked yet. Because I changed all of my post URLs, the Google page rank for my blog posts gets reset. I'm not even sure my new blog posts are indexed by Google yet. It will take a while before I'm back on the blog spammer's radar screen again, because they spam high-ranking blogs to improve their own Google rank. » Posted by: Ryan at August 26, 2004 10:41 AMJust wondering, but can you set it so that when you get a request for an old post, you send a client redirect to the new url? I can't see that spammers are checking the responces in their spam-bots. Wouldn't that at least prevent every other person's link to you from being broken? » Posted by: Jim at August 31, 2004 01:47 PMYes, but it would also make the URLs still valid and then Google wouldn't automatically take them out of the Google database. I want the old URLs to be replaced by the new ones, not point to them. It's not a big deal, I'll get my Google rank back. :) My index page still has a high rank. » Posted by: Ryan at August 31, 2004 04:00 PM |
