Link fraud creeps into WordPress

[ru] Вордпресс, известная платформа для "добросовестной" поисковой оптимизации, давно привлекает дельцов от «чёрной» оптимизации («Блогорама» и прочие). Теперь они выходят на поверхность, выпуская сомнительные плагины через официальный сайт проекта.

WordPress, known as a leading white hat SEO platform, becomes a target of ill-minded groups who try to circumvent WP’s reputation.
Continue reading

Two Moons [Restored from WP “Add media” bug]

[ru] Две луны восстановлены!
После апгрейда вордпресса решил попробовать новую фичу "Add media". Показалось что сработало, а на самом деле оно не учло местных настроек и картинка была недоступна пока ...спамер не написал в комментариях: "Красиво смотрятся!". Тут я вспомнил, что сам ещё не видел, как там они смотрятся на сайте...

Having upgraded WordPress at I decided to try out [fixed now] a new (I was on WP 2.2 before) feature – “Add media”.
Continue reading

Too early to upgrade WordPress to 2.6 easily

I’ve developed what appears once again to be a good habit – NOT to upgrade a WordPress instance soon after new [sub-]version release. Wait at least a month.

Indeed, why hurry? I back up both database and file systems regularly and automatically, most inherently insecure features of the system (like user registration) are turned off, Apache’s mod_security is in place…

However, the rule of waiting a month (more is better) for a release to mature resulted in my installation being stuck with some old version of WP (2.2) – they just were updating way too quickly. And I started to feel slow in implementing new features in my blogs. So I took a plunge with WordPress 2.6.
Continue reading

Блог-Спамеры из .RU и .INFO забанены

[en] Recently I'm seeing a lot of hired commentators promoting loads of *.RU domains registered just a couple of weeks before comment time. It seems logical to automatically remove all comment author URLs which are in .ru TLD. See below for a WordPress plugin for that.

Заметка о наёмных комментаторах не подействовала: пачки сайтов продолжают бесстыдно продвигаться. И хоть мне не очень жалко Google Juice (т.е. частички Page Rank), считаю, всё же, дурацкие ссылки портят вид блога. Надо было придумать что-то действенное.
Continue reading

CMS selection can improve AdSense earnings

Google AdSense targets ads by content of web pages from which the ads are served.

Sometimes pages get out of control, exposing irrelevant content for Google bots to analyze for ads selection. It may be an inappropriate comment by a site’s visitor or, a navigation menu item Google happened to adore. Suddenly you start noticing CTR going down (or watch it low from the beginning).
Continue reading

Traffic dynamics after taking care of the site

Traffic growth for looks promising now: traffic dynamics for Jul-Oct 2007

Especially so in the light of having been largely neglected until late July 2007 since the last record was published in January. No wonder traffic plummeted then.
Continue reading

Преимущество красивых урлов

В пачке ссылок
мой URL на первом месте, хотя и не совсем по теме.
На какую больше кликают, думаю, тоже понятно.

Иллюстрация в пользу пермалинков и дополнительных усилий, которых они требуют.

Weekly Top Posts automated email digest for WordPress

Ever wanted to set up a weekly or monthly mailing list for your blog?

FeedBurner is good for a daily email dispatch which is attainable by just “burning” your feed and activating mail service for it.

But how about less frequent mailings?
And how about selecting only the best articles to include in those rare mails?

It’s easy. Better yet, it can be automated with standard components for your WordPress installation.

To set up a Weekly (or Monthly) Top Posts mailing list just follow these 5 simple steps:
Continue reading

WordPress passwords, password reset – insecure key length

You’ve probably already noticed how the default WordPress passwords (those generated during install for the admin user) are too short. So you did change yours right after the installation, didn’t you?

Now bad news.

As the system security is always only as good as its weakest link, your well chosen long WordPress password (or was it passphrase?) is no better than the default one.

Apparently it only takes guessing a 32-bit key and an email address for the user in question – secret components of the reset link for WP – to reset a WordPress password into another 32-bit key, the length of the passwords generated by WordPress.

Of course 32 bits isn’t too bad, that’ll take 136 years to try by brute-force all the key space assuming 1 second per try (which is not unreasonable in the web realm). But anyway wouldn’t it be just a little bit more soothing to have all those keys/passwords say 64 bit long?

Password Protected Posts in WordPress export/import

A word of caution to those moving their blogs from one installation to another: if you’ve got some posts in your blog “secured” with a password for reading – they may be no longer secure after importing into a new WordPress.

Protected Posts DO NOT preserve their protection on WordPress export/import.

The password field becomes cleared on such entries somehow (not included in export – special XML, WordPress eXtended RSS or WXR – in the first place?).

Beware of Google indexing your protected posts while you tinker about re-closing them down.

Top Commentators little trick

As you might have noticed already, now offers its most active commentators a no nofollow” link.

Now, a number of probloggers have been discovered suggesting these tips for efficient promotion (for commentators‘ own sites) with the “Show Top Commentators” feature found more and more often on all kinds of blogs these days:

  • Comment under different names on the same blog.
    This way you may get not one, but two (or more) links to your site. This is the biggie.
    (You can also promote different pages of your site, not only the front page.)
  • Use a descriptive string in place of your name.
    Personal names aren’t especially descriptive usually, better choices would be sitename or your product/service name.
  • and, of course, choose a blog with a higher Google PR – the links you earn will give you greater return on your time investments.

Happy commenting!