My Recommended WordPress Themes and Plugins

After having used WordPress for a number of years, I’ve really started to get into more plugins that help me present and share my content the way I want. I’ve also gone through some themes and picked one I like, including versions for desktop and mobile. Here’s my recommendations for WordPress themes and plugins…

Themes

Twenty Eleven

twentyeleven2Twenty Eleven is still my WordPress theme of choice. It’s feature-full, clean, elegant, and problem free from my experience.

Please note it’s not actively updated so you may need to Google around for fixes. For example, I wrote a post on how to fix the featured image that is buggy in the default Twenty Eleven theme.

Continue reading “My Recommended WordPress Themes and Plugins”

WordPress IP Blacklist not working? Remember .htaccess

Word to the wise: If you’re getting comment spam try Wordpress’ IP blacklist feature but, when that doesn’t work, try the guaranteed way: .htaccess.

Update 2011-04-03: Reformatted .htaccess config lines now that I know how to do better formatting.

Word to the wise: If you’re getting comment spam try WordPressIP blacklist feature but, when that doesn’t work, try the guaranteed way: .htaccess.

I get a lot of spam on this blog, mainly to one post that got a lot of links. Akismet is great at detecting this spam and not publishing the comment. But it gets tiring removing comments from the same IPs all the time. So, I tried WordPress’ IP blacklist feature but it didn’t work. For some reason I totally forgot about .htaccess. It’s the fail safe mechanism for protecting your site against IPs that abuse your blog.

Just put a file named .htaccess in your blog directory if you’re running apache. If you’re running some other httpd server, sorry you’llĀ  have to find another way. But, if you can do .htaccess you can do this:

You can put as many “deny from 123.123.123.123” lines as you like.

Anti-Spam Done Right

Blog comment spam is a big problem. I started out with no protection on this blog. I found out rather quickly that wouldn’t do.

So I implemented a CAPTCHA which requires you to enter a random code to prevent automated comment submissions. Then I found out actual humans were submitting comments (or perhaps very smart anti-CAPTCHA programs).

My next step was disabling auto-approval unless you had one pre-approved comment. But that only resulted in me clearing out spam every day and discouraging real-time discussion because comments wouldn’t show up immediately. After a long time, I finally found Akismet.

Blog comment spam is a big problem. I started out with no protection on this blog. I found out rather quickly that wouldn’t do.

So I implemented a CAPTCHA which requires you to enter a random code to prevent automated comment submissions. Then I found out actual humans were submitting comments (or perhaps very smart anti-CAPTCHA programs).

My next step was disabling auto-approval unless you had one pre-approved comment. But that only resulted in me clearing out spam every day and discouraging real-time discussion because comments wouldn’t show up immediately.

After a long time, I finally found Akismet.

Akismet is anti-spam done right.

Comments get automatically submitted to a blog anti-spam service where, first, they are submitted to hundreds of tests to see if it’s spam.

The second part is the key, though. Because Akismet is a service anyone can use, thousands if not millions of people use Akismet for the same reason, and this is where its power lies. The second part of the anti-spam checks is to compare the comment with millions of other blogs that also use the service. More than likely somebody already has gotten your comment, or one like it, and marked it as spam. So when it gets to you, it’s already considered spam and not published. You can decide what to do with it in your admin interface.

Google Mail also does anti-spam right. They operate on the same principle as akismet (who were probably inspired by gmail in the first place). Basically, tests are run on the sender of your email, the email itself and then the email is compared with the billions of other emails that other users of Google Mail also get. If it looks like spam based on any of these checks, it goes in your spam folder.

This is the beauty of distributed effort.

When so many people are pooling into a system you really can make spammers largely ineffective – to the point that it’s no longer worth it for them to spam.

What we need is a distributed system for anti-spam checking at the smtp level for regular system admins. Imagine the entire world pooling into this system. I have yet to try Distributed Checksum Clearinghouse. It does something like what I would like but not quite. It’s not exactly like Gmail or Akismet’s mechanisms to tag spam.

It should be clear: In a world of anti-spam done right, spam largely goes away.

Free plug for Akismet Anti-Spam WordPress Plugin for being so awesome

This thing is so good. It is doing a fantastic job of letting in the ham and keeping out the spam!

This thing is so good. It is doing a fantastic job of letting in the ham and keeping out the spam!

Anyone with a wordpress blog owes it to themselves to install akismet!

Brilliant!

Akismet. I. Said. Bring. It.

Well, I’ve been running Akismet for a few days now and so far it’s been flawless.

Well, I’ve been running Akismet for a few days now and so far it’s been flawless. I’ve had a few legitimate comments and a dozen spams. Akismet has caught all of the bad ones and none of the good ones. Excellent work!

I believe Akismet is working like gmail’s spam filter which, along with its own algorithms, takes the spam reports of other users and uses them as indicators of spam. It’s distributed and thus quick acting and far better than any single algorithm or single person can achieve.

If you have wordpress, you owe it to yourself to try out akismet!

Is gmail spamming us based on google searches?

Is gmail spamming us based on google searches?

Some time ago I did a tonne of searches looking for vintage seiko watches. I then started noticing a lot of spam to my email accounts (on google and otherwise) selling fake watches.

So, I was looking for ebooks last night. Did plenty of googles yesterday. I wake up to my gmail spam folder with a spam for ebooks. Something I’ve never noticed before.

I know the most likely case is that I don’t conciously take note of spam topics when I regularly delete my spam and it’s only when I’m concentrating on the topic that I start noticing spam about that topic. I guess it was already there.

But it is a really strange occurrence.

Is there any possibility or plausible mechanism either google or spammers could know my email addresses?

Like, is there some great big spammer database out there that they map all accounts to an ip or a cookie or something?