Category: Blogging

Ultimate Blog Party 2014

Blogging

Techydad_Doctor_whoLast year, I participated in the Ultimate Blog Party for the first time.  When it came rolling around again this year, I decided to give it a go again.  So, for anyone who is new here, I decided to answer the question: Who is TechyDad?

This might be a long post.  Please make yourselves comfortable.

First, of all, I’m a husband and father.  My wife is B, aka TheAngelForever, my two boys are NHL (age 10) and JSL (age 6).  I’m a web developer by trade which is a good thing since I love making websites.  (I do it as a day job and am also available for freelance work should anyone need some website work done.)  I’ve been blogging and on social media for almost 6 years.

I’m a huge geek.  I love technology (and just wish I could afford more of it).  I’m a big superhero fan, as well.  I love Star Wars, Star Trek, Farscape, and many other geeky science fiction shows.  Most recently, I’ve become a huge Whovian.  So much so that I made my own fez and bowtie so I could "become" the Doctor.  Now if only I could find my TARDIS.

For a long time, I held my geekiness in check, but recently decided to explore my geekier side with an "Extreme Geekery" series.  The first one explored how much paper would be produced if you printed out a hard drive.

I’m a big fan of Disney also.  We all loved Frozen and we’ve been to Disney World many, many, many times.  (Here’s hoping we can go again soon.)

I’ve long written about my history of being bullied.  It took me a long time to fully come to grips with that and I was heartbroken when NHL was bullied in school.

Speaking of NHL, he has been diagnosed as having Asperger’s Syndrome.  Since his diagnosis, not only have we become Autism advocates, but he has as well.  He’s learned to stick up for himself when people expect him to "just act normal" as if Autism is a switch he can flip off should he decide to.

Furthermore, as we read the many, many books and articles about what Asperger’s Syndrome is, something became perfectly clear:  I’m an Aspie as well.  When I was a kid, Asperger’s Syndrome wasn’t diagnosed.  Children were just stamped with a "shy" label and that was it.  Unfortunately, getting a diagnosis would cost money we can’t afford to spend.  As it wouldn’t help NHL at all and as I’ve clearly learned my own coping techniques, I’ll remain an "undiagnosed Aspie" for the time being.

For more reading, I’d suggest my post for World Autism Day/Month which summarized and linked to a year’s worth of Autism posts.

Other things I enjoy doing are playing video games, cooking, and reading books.

You can also find me on Twitter and Instagram.

Thanks for stopping by!

Recovering From A WordPress Disaster

Blogging, Internet

Let’s say your day is going pretty good.  You are sitting down to write a blog post and have a great idea too.  As you bring up your blog to check on an older post you see something strange.  Nothing.  As in no posts on your site.  Fighting back panic, you try to log into your admin panel.  Maybe you are successful and maybe you aren’t.  In either case, you find that you can’t bring these posts back.

Just this situation happened to SelfishMom last week.  All of her posts were gone and, while she could log in to her administrator account and see the posts there, nothing she could do could bring them back.  She feared that a hacker had gained control of her site.  I’m going to show just how I helped her bring her posts back – as well as what I could have done had things gone differently.

Just a warning: This is going to involve some intense mySQL queries.  They will be very powerful, but can also be very confusing.  If you find yourself in this situation and don’t want to wrangle with mySQL, I can always help.  That help might come with an hourly rate, however.  You can contact me using my contact form on this site or message me on Twitter.

First, let’s launch phpMyAdmin.  Different web hosts have it set up different, so you might need to check with your host to see how to launch this.  Most web hosts let you launch cPanel by going to yoursite.com/cpanel.  You log in (with credentials given to you by your host), find an entry for phpMyAdmin and launch this.

Once you are in phpMyAdmin, you can access your database directly.  Your database should be on the left hand side.  Click on it.  (You might need to click on a + sign first to show the database.)  A series of mySQL tables will be shown.  Within here is all of your WordPress data.

Find one of your WordPress tables.  It should be named something like "wp_users" or "wp_posts".  The "wp_" prefix might be different depending on your setup.  For the purposes of this post, I’m going to list all of the tables using a wp_ prefix.  If your tables used a different prefix, just replace yours for wp_ in the following queries.

Let’s deviate from SelfishMom’s situation for a moment and suppose that she wasn’t able to log in at all.  How could she have reset her administrative password without having access to the administrative panel?  This is actually pretty easy via phpAdmin.  For brevity’s sake, and since they did such a good job on it, here’s WPExplorer’s tutorial on it.

Ok, now that we have a login, let’s address another concern: Hackers.  Did a hacker somehow gain control of SelfishMom’s site and make himself the administrator?  Click on the SQL tab in phpMyAdmin. A blank box will appear.  In here, type:

SELECT u.*, m . *
FROM wp_usermeta m, wp_users u
WHERE u.id = m.user_id
AND m.meta_key like ‘%user_level%’ and m.meta_value = 10

After you click Go, this will show you a listing of users who are set as administrators.  Ideally, you should see only ones that you have set up.  If you see any users there that you don’t recognize, those might be hacker accounts.  You can lower their access by noting the ID number in the listing.  (For the purposes of the query below, I’ll use the number 42.)  Typing in:

Update wp_usermeta Set meta_value = 0 Where meta_key like ‘%user_level%’ and ID = 42

and clicking Go will lower their access level to 0 (Basic access).  We could have deleted their account, but at this point I’d prefer to lower the access in case we need to use the account.

What if your account isn’t listed though?  This would mean you’ve definitely lost administrative access.  Let’s get that back for you.  Run the following query (replacing "admin" with your administrative username):

Select ID from wp_users where user_login = ‘admin’

Make a note of your ID number.  (You’ll need it again later.)  Now run the following query.  In place of your ID number, I’ll use the number 2.

Update wp_usermeta Set meta_value = 10 Where meta_key like ‘%user_level%’ and ID = 2

There’s one more administrative access level to check.  Enter and run the following query:

SELECT u.*, m . *
FROM wp_usermeta m, wp_users u
WHERE u.id = m.user_id
AND m.meta_key LIKE ‘%capabilities%’ and m.meta_value like ‘%admin%’

Again, this should show only your administrator account.  If a mystery account shows up, revert it to basic access by noting the ID number and running the following.  (Again, I’m going to use 42 in my example.  Replace it with the actual ID number.)

Update wp_usermeta Set meta_value = ‘a:0:{}’ Where meta_key like ‘%capabilities%’ and ID = 42

If your account wasn’t listed, run the following query (substituting your administrative ID – obtained earlier – for the number 2):

Update wp_usermeta Set meta_value = ‘a:1:{s:13:"administrator";b:1;}’ Where meta_key like ‘%capabilities%’ and ID = 2

Now that we’ve sorted out administrative access, log into your WordPress Admin panel.  Keep phpMyAdmin open though, we’ll need that later.  Once you are in, look for your posts.  If they are there, then try to make them live.  If you can, then congratulations.  Your troubles should be over.  You might want to secure your WordPress site more, though.

If you can’t make your posts live, then there are two other possible problems.  The first possibility is that your database has grown so large that it is bumping against the limit your host set for it.  To see how large your database is, run the following query:

SELECT table_schema "Data Base Name", sum( data_length + index_length ) / 1024 / 1024 "Data Base Size in MB" 
FROM information_schema.TABLES GROUP BY table_schema ;

This should give you a listing of one or more databases with sizes.  If your database sizes are more than what your host provides, then unfortunately there is little to do.  You will need to contact your host to discuss your options.

If your database is under the limit, then most likely the database tables have been corrupted.  Don’t worry, though.  There is an easy fix.  At the top of the page, above the Browse tab, the server should be listed.  Next to that should be your database..  Click on the database’ name to see a listing of database tables.  Next, click on the checkbox next to all of the tables relating to WordPress (all of the ones with the "wp_" or other prefix).  Finally, at the bottom of the page, click on the "With selected" drop down and select "Repair table."  The repair process should begin and, when it is done, you should see all your posts live again – just like SelfishMom did.

There is one possibility we didn’t cover yet, though.  What happens if, after you log in, you find that all your posts are gone?  While it is possible that they remain in the database somewhere and are recoverable, sadly this is too complex to cover here.  The best bet here is to have a good backup process in place and to restore your database from a known good backup.  You might lose a little bit of data in the process, but it’s better than losing everything.

I hope this has been an informative post on how you can recover your WordPress posts even under seemingly dire circumstances.  Hopefully, you’ll never need to use them.  Of course, should you find yourself in this situation and need some help from someone well-versed in the ins and outs of WordPress and mySQL, feel free to contact me.

Defeating BuzzMyFx Content Scrapers

Blogging, Copyright, Internet

burglar_smallMy next post was going to be one about WordPress issues, but then something else came up.  That post will still go live on Wednesday.  Right now, I want to talk to you about content thieves and scrapers.

We had a run-in with some content scrapers two years ago.  That scraper took the content, but left the image links intact.  At the time, I showed how to defeat that particular variety of scraper.  This scraper, however, was trickier.

I’m not sure what the purpose of “BuzzMyFx” is beyond content hijacking.  If you “check” to see if your site is scraped by them (by going to YourSiteName.buzzmyfx.com), you might see that your site isn’t being scraped.  However, your mere act of checking will CAUSE them to start scraping your site.  Scraped sites have all content redirected through their servers.  Images, Stylesheets, JavaScript files, and more all seem to pour through BuzzMyFx’s servers instead of yours.  What’s worse is that, since all links go to BuzzMyFx now, clicking on a link to another site causes that site’s content

It didn’t take long to deduce what was going on.  BuzzMyFx is a server side scraper.  Imagine someone coming to your site under normal circumstances.  They tell their browser to load “www.MyWebSite.com”.  The browser then contacts the server hosting your site asking for that page.  The server gives the page to the browser which shows it to you.  Simple, right?

BuzzMyFx adds an extra layer.  If you go to MyWebSite.BuzzMyFx.com, your browser goes to BuzzMyFx’s server first.  BuzzMyFx’s server then contacts your server (as if it was a browser) for the page.  Your server gives the page to the “BuzzMyFx browser” as it does to all other browsers requesting pages. BuzzMyFx then alters the page’s code to direct all links back to them.  They also add in their own StatCounter script and change ad code to give them the revenue instead of the site owner.  Finally, they give the changed version of the page to you.

Pretty scummy, right?  Of course, by doing this, they are committing massive copyright infringement at the very least.  At $750 – $150,000 per infringement, dozens of infringements per site scraped, and possibly hundreds of thousands of sites affected, this could land them on the hook for millions of dollars.  Then there are the problems encountered if they are using a trademarked logo/name without authorization.

So how do you stop them?

Thankfully, servers keep logs of every visit.  As you loaded this up to read this post, my server dutifully recorded information such as your IP address, where you were referred from, the current date and time, and what page you were loading up.  This happens at all websites you visit, but not all people know how to read the logs.  As a webmaster, I am well versed in reading server logs.

I loaded up their scraped version of my site while checking my server logs and there it was: 192.151.156.170.  That was the IP address doing the scraping.

Next, I opened up my “.htaccess” file.  This is a special file on your web site that controls who can access your site and what they can and can’t see.  I added the following lines at the beginning:

RewriteCond %{REMOTE_ADDR} ^192\.151\.156\.170$
RewriteCond %{REQUEST_URI} !/content-thief.html
RewriteRule ^(.*)$ /content-thief.html [R,L]

Finally, I created a simple HTML page called “content-thief.html” with big, bold, red letters warning people that this was a scraped site and they should go to my real site.  (I didn’t link to my real site since the link would be altered, so I just spelled it out.)  You can go ahead and copy my “content-thief.html” page for your own usage.  Just be sure to change the site name to your own.

Unfortunately, BuzzMyFx has already cached some of my content, so the main page of my “BuzzMyFx-ed” site doesn’t show this warning.  Still, as their content expires and their server tries to grab the new content, it will be replaced by my warning.  (I went easy on them.  My initial reaction was to redirect them to some hard core pornography.  I didn’t want my name linked with that though.)

The other problem is that they can change their IP address which will let them bypass this rule.  I can add their new IP address in, but it will be a constant effort to keep up with them.  Perhaps the best remedy would be for all affected site owners to contact the people who run this “service.”  Unfortunately, they’ve hidden who they are from WHOIS, but they can’t hide two things:  1) Their domain name is registered from eNom and 2) Their site is hosted by CloudFlare.com DataShack.net.  If we can’t get them to stop, we can always get their hosting and domain name cut off.

Here’s hoping this scraper menace ends soon so we can all get back to producing great content instead of trying to protect our content from being scraped.

UPDATE:  CloudFlare.com is denying being their host.  As Heather commented below, they say they are a “reverse proxy, pass-through security service.”  I’m guessing that BuzzMyFx is using CloudFlare to hide their server’s real IP address.  However, the IP address I obtained that was seizing my content (192.151.156.170) isn’t “hidden” at all.  That IP address comes from DataShack.net.  So focus communication on them, not CloudFlare.

UPDATE #2:  If you aren’t technically inclined enough to know how to fiddle with htaccess and/or FTP files to your server, but you are using WordPress, you can also use the WP-Ban plugin to keep them off your site.  This plugin lets you list IP addresses and even leave a specific message for those IP addresses to see.

UPDATE #3: According to Lazy Budget Chef, even if you manage to contact BuzzMyFx, they will try to sell you a domain protection package to “steal the blogger’s legal right to their blog, their log in credentials, mailing list, and other personal information.”  So even if you manage to contact these scrapers, don’t sign anything they give you!  You shouldn’t need to sign some form of contract for them to cease scraping – they should just stop.  Be very wary of these people.

UPDATE #4: It looks like we’ve won this battle.  BuzzMyFx seems to be down.  They could still flee to another hosting provider (or even the same one signed up under a different account) and start their service back up.  Even if they don’t come back, I’m sure other scrapers will take BuzzMyFx’s place.  Still, you need to take each victory as it comes.  Congratulations and thanks for helping take down this scraper, everyone!

NOTE: The “burglar” image above is by tzunghaor and is available from OpenClipArt.org.

A Look Back at 2013

Blogging, Social Media

The end of the year is typically a time to look back on the past 365 days (366 during a leap year) and review what has happened.  What big events have occurred?  What memories have been made?  What new friends have you met?  How is your life different today than it was on January first?

For my blog, this retrospective usually takes the form of looking through a year’s worth of photos, culling them down into a few hundred, and then somehow trying to shoehorn as many of them as possible into a post.  I think I’m going to take a different route this year.  A more analytics and social media driven route.

I started off with a tool by Vizify which lets you generate a quick Year In Review:

With that done, I wondered if I could improve on it.  Especially in the photos area.  Since many of my photos weren’t posted to my blog, but to Instagram, I decided to make a video of my top Instagram photos of 2013.

Using instaport.me, I downloaded all of my Instagram photos from January 1, 2013 to December 29, 2013.  I went through these and picked out a bunch that stood out to me and then put them into a video.  (The background music is "New Year’s Eve (Instrumental)" by Silence Is Sexy and is available from FreeMusicArchive.org.)

Now, on to the Analytics.  I fired up Google Analytics and asked it to look from January 1, 2013 to the present.  Then, I picked a few analytics from the huge number available.

First, let’s look at general audience analytics.

How did mobile devices do in 2013 versus desktops and tablets?

mobile-tablet-desktop

Clearly, 2013 was the year that mobile took off on TechyDad.com.  I went from virtually no mobile users to nearly 20% of my users on mobile.  Tablet use increased as well.  Desktop use, meanwhile, dropped down drastically.  It should be noted that I’m talking about percentages.  In raw numbers, all segments made increases.  Desktop alone rose by over 30% from its previous year’s total.  Mobile and Tablet increased much more than Desktop did, however, so Desktop’s percentage wound up decreasing.

So mobile and tablet grew fast, but what mobile/tablet operating systems were people using on TechyDad.com in 2013?

mobile-os

Clearly, iOS maintains a significant lead, but Android is holding a sizeable chunk as well.

As far as browser usage went, Chrome was king in 2013 with Safari close on its heals.  Firefox took third place and IE came in fourth.

browsers

All this is nice, but I still believe in the old saying "Content Is King" so what was the most popular content on TechyDad in 2013?  Well, we can look at that two ways.  We can only count posts made in 2013 or we can count all posts.

Top 10 Most Popular 2013 Posts:

  1. The Facebook-McAfee Lockout – B got locked out of Facebook and I turned my investigation into a post.  A ton of traffic from Reddit made this post’s traffic skyrocket.
  2. Designing a Car on Disney’s Test Track – After a trip to Disney World, I wrote about being able to try out the new Test Track and how incredible the design options were.  I still look forward to introducing this to my kids.
  3. It’s Time To Meet The Muppets in My Muppets Show – I love trying out new games for my phone or for the boys’ tablets.  Mix in a love of the Muppets and this game was virtually assured to be an instant win.  They’ve kept it fresh by adding in new stages which means we still play it to this day.
  4. Paid App Do’s and Don’ts – After being frustrated by a couple of apps which made gameplay near-impossible unless you paid them money or bothered your friends on social media, I wrote this guide showing how some apps did it right and others didn’t.
  5. Like Bow Ties, Doctor Who Legacy Is Cool – I love Doctor Who.  So does the rest of my family.  A game where you help the Doctor battle his enemies is very nice, but the graphics and gameplay take this from "very nice" to "excellent."
  6. How I Did NOT Give My Son Autism (And How I Did) – After reading an article online where a mother blamed her child’s autism on every single action she took while pregnant, I felt the need to write a rebuttal.  Spoiler alert: The only way I "gave" my son Autism is via genetics.
  7. Prepping a Tablet For Children – My boys used some saved up money to purchase tablets for themselves.  (Well, one tablet they shared the cost of and one that B got as part of the Verizon Lifestyle Bloggers.)  Obviously, we weren’t going to just let them use the tablets fresh out of the box.  Instead, I found apps to help lock them out of certain areas and protect the tablets from what could have been innocent, but destructive behaviors.
  8. Vine vs. GIFBoom – Before Instagram came out with their video solution, I was tempted by the lure of Vine.  I tried it out but was underwhelmed.  I found another option at the time in an app called GIFBoom that lets you make animated GIFs.  Since that post, though, Instagram’s video option has been released and I’ve grown to like it.
  9. The Playground Dalek – Run for your life!  The Daleks have invaded my kids’ playground!  Since this post, my boys have fallen in love with Doctor Who and now see the Dalek on the playground as well.
  10. Asperger’s and the Emotional Cage – Here I talked about how neurotypicals can sometimes mistake an Aspie’s inability to fit words to their emotions for a lack of emotions.  I’ve found that it’s much easier for me to express emotion via writing (where I can edit and rewrite) than via speech (where the words must flow in real-time).

And now including all posts.  (Obviously, I won’t add comments to the posts that appears in the previous list.)

The Most Popular Posts in 2013 (Counting All Posts):

  1. The Facebook-McAfee Lockout
  2. Freeware Review: Shape Collage – This one surprised me.  A freeware review that I wrote over thee years ago took the number 2 spot.  I guess it just goes to show that content doesn’t necessarily go bad just because it is older.
  3. Designing a Car on Disney’s Test Track
  4. Gimme Free Stuff: A Guide For Review Bloggers Just Starting Out – Another case of older content holding up.  This post from 2010 was targeted towards new bloggers who seemed to think that they could just demand "free stuff" from companies by virtue of the fact that they opened a blog.  I tried to give some advice on how to get review opportunities and how to properly pitch companies.
  5. It’s Time To Meet The Muppets in My Muppets Show
  6. Paid App Do’s and Don’ts
  7. My Most Controversial Post Ever: Nutella vs Dark Chocolate Peanut Butter – I pitted Nutella and Dark Chocolate Peanut Butter in a winner take all battle royale.  We still keep a good stock of Dark Chocolate Peanut Butter but haven’t bought Nutella in awhile.
  8. Like Bow Ties, Doctor Who Legacy Is Cool
  9. How I Did NOT Give My Son Autism (And How I Did)
  10. Duncan Hines Apple Carmel Decadent Cake Mix and Vanilla Glaze Review – This was a review I did of Duncan Hines cake mixes and glazes from 2010.  It’s amazing sometimes what posts keep bringing in the traffic.

What were my favorite posts of 2013?  From a quick look over my archives list, I’d have to say some of my Asperger’s posts like Asperger’s Syndrome Resources, The Challenges of Asperger’s Parenting, Obsessions and Asperger’s Syndrome, The Upside of Asperger’s, An Open Letter About Asperger’s Syndrome, and How I Did NOT Give My Son Autism (And How I Did).  I’d also include Rotten To The Common Core – my first post on Common Core, Doctor Who Geeklings Are Born – my first posting of my kids becoming Whovians, and Doctor Who? Doctor TechyDad! – where I revealed the Doctor Who costume that I made.  Finally, I’d include a pairing of posts where I discussed the self doubt that I face nearly every day, how Wil Wheaton’s book – Just A Geek – helped me realize this, and how I’ve been trying to turn that voice on its head: The Voice Of Self Doubt and Self-Doubt and Self-Achievement.

It’s been a very exciting year and I can’t wait to see what 2014 has in store.

A Cure For Comment Spam Ills

Blogging, Spam

no-spamIf you run a blog that allows people to comment on posts, it is inevitable.  You will get comment spammers stopping by.  They will post in hopes that their comments will provide links to their websites peddling "medicinal products", adult content, and other items that you probably would rather not have on your website.  The links – these spammers hope – will mean that their sites will gain a better Google ranking and lure more people to their websites.

Side note to explain "Google ranking" in case you don’t know:  Google ranks sites based, in part, on how many links there are to them.  The sheer number isn’t the only method, however.  Sites who themselves have a better Google ranking lend more weight to the sites they link to.  For example, if CNN were to link to my blog, I’d get a much bigger Google-boost than if some spam site nobody ever heard about linked to me.  The spammers hope that the comment spam links from the blogs they "visit" will help boost their Google ranking.

It would be bad enough if spammers went around leaving garbage comments to increase their Google ranking, but spammers don’t stop there.  They employ networks of compromised computers ("spambots") to do their bidding.  Using this tactic, they can post dozens of their spam comments from different IP addresses, getting around IP address blocks.

Thankfully, there are an array of tools that you can use to thwart spammers.  I’ve used a few of these in the past to varying effects.  Akismet helped block nearly all spam comments, though a few did still slip through.  NoSpamNX helped block a bunch more.  Unfortunately, while the spam comments (for the most part) didn’t appear on my site, they were still in my database.  I could delete them but there was still server load to think of.

All of those spammers sending all of that data to my database might not cause my to unwittingly boost their Google rating, but they could slow down my server.  For some reason, my blog seemed wildly popular with the spammers.  It seemed that I was getting almost a hundred spam comments a day.  And then it got worse.

On November 5th, I received 252 spam comments.  TWO HUNDRED AND FIFTY TWO!  The next day, the total quickly rose up and threatened to top even this.

Something had to be done.

Jenn (aka KissMyKitty) recommended Captcha by BestWebSoft.  I was leery since I hate whenever sites use captchas.  This plugin, however, doesn’t give you garbled text that you need to decipher and re-type, though.  Instead, it gives you a simple math problem such as:  One + 3 = _____   If you type in "4", your comment will move on to Akismet and my other anti-spam measures.  If you are a spam-bot and don’t understand math like this, your comment won’t even be saved into the database.

Good idea in theory, but how will it hold up in practice?  Take a look at this graph:

spam-comments-graph

(Click on the graph for a bigger version.)

That huge drop in spam comments was right after I installed Captcha.  Spam comments initially were so non-existent that I figured something was wrong with my comment form.  One test comment later, though, and I knew that it was just Captcha confounding the bots.  Yes, some spammers did manage to get by, but at a greatly reduced rate.  Instead of dealing with a flood of comment spammers, I now only see a trickle coming in.  In the four days since I installed the plugin, I had only 8 spam comments with my biggest spam day since installing it at 6 comments.  My pre-Captcha low was 39.

Given that Captcha is so effective against spambots, so easy for real human posters, and free to boot, it’s definitely going into my Must Have anti-spam toolkit.

NOTE: The "no spam" image above was partially created out of "no sign" by skotan which is available from OpenClipArt.org.

1 2 3 4 5 6 14