My Recommended WordPress Themes and Plugins

After having used WordPress for a number of years, I’ve really started to get into more plugins that help me present and share my content the way I want. I’ve also gone through some themes and picked one I like, including versions for desktop and mobile. Here’s my recommendations for WordPress themes and plugins…

Themes

Twenty Eleven

twentyeleven2Twenty Eleven is still my WordPress theme of choice. It’s feature-full, clean, elegant, and problem free from my experience.

Please note it’s not actively updated so you may need to Google around for fixes. For example, I wrote a post on how to fix the featured image that is buggy in the default Twenty Eleven theme.

Continue reading “My Recommended WordPress Themes and Plugins”

The Idealist

Aaron Swartz wanted to save the world. Why couldn’t he save himself? -Slate

On Jan. 4, 2013, Aaron Swartz woke up in an excellent mood. “He turned to me,” recalls his girlfriend Taren Stinebrickner-Kauffman, “and said, apropos of nothing, ‘This is going to be a great year.’ ”

On the morning of Jan. 11, one week after he’d insisted it would be a great year, Swartz woke up despondent—lower than Stinebrickner-Kauffman had ever seen him. “I tried everything to get him up,” she says.

Continue reading “The Idealist”

WordPress IP Blacklist not working? Remember .htaccess

Word to the wise: If you’re getting comment spam try Wordpress’ IP blacklist feature but, when that doesn’t work, try the guaranteed way: .htaccess.

Update 2011-04-03: Reformatted .htaccess config lines now that I know how to do better formatting.

Word to the wise: If you’re getting comment spam try WordPressIP blacklist feature but, when that doesn’t work, try the guaranteed way: .htaccess.

I get a lot of spam on this blog, mainly to one post that got a lot of links. Akismet is great at detecting this spam and not publishing the comment. But it gets tiring removing comments from the same IPs all the time. So, I tried WordPress’ IP blacklist feature but it didn’t work. For some reason I totally forgot about .htaccess. It’s the fail safe mechanism for protecting your site against IPs that abuse your blog.

Just put a file named .htaccess in your blog directory if you’re running apache. If you’re running some other httpd server, sorry you’ll  have to find another way. But, if you can do .htaccess you can do this:

You can put as many “deny from 123.123.123.123” lines as you like.

Anti-Spam Done Right

Blog comment spam is a big problem. I started out with no protection on this blog. I found out rather quickly that wouldn’t do.

So I implemented a CAPTCHA which requires you to enter a random code to prevent automated comment submissions. Then I found out actual humans were submitting comments (or perhaps very smart anti-CAPTCHA programs).

My next step was disabling auto-approval unless you had one pre-approved comment. But that only resulted in me clearing out spam every day and discouraging real-time discussion because comments wouldn’t show up immediately. After a long time, I finally found Akismet.

Blog comment spam is a big problem. I started out with no protection on this blog. I found out rather quickly that wouldn’t do.

So I implemented a CAPTCHA which requires you to enter a random code to prevent automated comment submissions. Then I found out actual humans were submitting comments (or perhaps very smart anti-CAPTCHA programs).

My next step was disabling auto-approval unless you had one pre-approved comment. But that only resulted in me clearing out spam every day and discouraging real-time discussion because comments wouldn’t show up immediately.

After a long time, I finally found Akismet.

Akismet is anti-spam done right.

Comments get automatically submitted to a blog anti-spam service where, first, they are submitted to hundreds of tests to see if it’s spam.

The second part is the key, though. Because Akismet is a service anyone can use, thousands if not millions of people use Akismet for the same reason, and this is where its power lies. The second part of the anti-spam checks is to compare the comment with millions of other blogs that also use the service. More than likely somebody already has gotten your comment, or one like it, and marked it as spam. So when it gets to you, it’s already considered spam and not published. You can decide what to do with it in your admin interface.

Google Mail also does anti-spam right. They operate on the same principle as akismet (who were probably inspired by gmail in the first place). Basically, tests are run on the sender of your email, the email itself and then the email is compared with the billions of other emails that other users of Google Mail also get. If it looks like spam based on any of these checks, it goes in your spam folder.

This is the beauty of distributed effort.

When so many people are pooling into a system you really can make spammers largely ineffective – to the point that it’s no longer worth it for them to spam.

What we need is a distributed system for anti-spam checking at the smtp level for regular system admins. Imagine the entire world pooling into this system. I have yet to try Distributed Checksum Clearinghouse. It does something like what I would like but not quite. It’s not exactly like Gmail or Akismet’s mechanisms to tag spam.

It should be clear: In a world of anti-spam done right, spam largely goes away.