www.NewVentures.ca

Well its been a while hasn’t it! It seems the sites main usefulness these days is almost at an end.

Certainly can’t type the way I used to, nor play with the toys I used to like, but sadly the hit count for Gipp has gone down as he slowly fades into time. His count had dropped below searches for “Lifeline to Victory” which was, for you who don’t knows great Global TV movie.

I tried to do what I could for his many fans who were looking for him. I certainly hope his “producer” finally polished hi recordings and got the on iTunes. But I would wager not. Which is a huge loss for us all…

Well I think it’s sad.

As you must know by now, I haven’t been doing much. Those few sentences above took way too much effort for me, with way too may corrections LOL. And I’m already sweating quite badly ` go figure.

So Ill keep this site up for Gipp. Hope the links within still work, and some joy can still be found.

Till then – Merry Christmas

So , you may, or not, have wonder erred where I went to. I know it’s been a while.

Well the short story is. I had a stroke a year last July. My right side was wiped out and is very slowly coming back.  Still can’t type properly, which is why I have taken so long to reply. Matter of fact I am hunting and pecking and autocorrecting on my iPad with my left hand – quite tedious.

So why keep the site up, if I can’t type you ask… Simple answer really if you know this site – Gipp Forester.

I still get lots of hits for people looking for him, it seems to be the main reason this site exist. Yes, he may be gone now, and never realized the impact he had but people still want his stories and words of comfort – he had so much to share….he’ll be missed but many will go on listening to him.

We’re there tech challenges over the last year and a half, yes but typing about them wasn’t something I could do easily – so maybe next time.

Till then, Merry Christmas and a Happy New Year!

Rick

Okay – I think I can finally and tentatively declare Victory!

A few lessons learned from this ugly business. The biggest one was that while it was pretty obvious that most of the spammers were automatic, there were two types!

One group obviously used the comment forms on posts directly. Creating comments on random postings, but usually only one or two of them at a time ( postings that is – not  comments LOL. )

Of that first group, there were those who just opened up a comment window and dumped their garbage in – but requiring them to pass a simple Captcha code caused their attempts to fail!

The second part of that first group obviously had the processing smarts to crack a normal Captcha ( those that use numbers and letters combinations ) – possibly by brute force…

Once I installed a simple graphic puzzle ( requiring no entry of characters at all ) the high number of Spam entries dropped to a small low of 10-20 at a time!

Those last 20 were using a new way to post spam. They actually bypassed the whole Captcha challenge entirely! They did this by using WordPress ( the engine I use for my blog ) against itself – sort of.

Since they knew that the site was written in WordPress they just called a special utility within it called wp-comments-post.php which is the tool that does the posting of the comments after you have entered them into the comments field.

I’d like to thank the website code.tutsplus.com for posting their 6 ways to combat Spam Comments. Their posting was instrumental in my fixing my problem. Now to be honest – all the Spam I was getting was going directly into the spam folder, none of it ever got posted on the website, so my original tools like Akismet were working – I just didn’t want to have to wade through the tons of Spam every couple of days looking for valid comments ( which has happened in the past unfortunately. )

So I added code.tutsplus.com‘s first recommendation to cancel the wp-comments-post.php attack – which was to put some special code into my .htaccess file. It seemed to work at first, but all at once they were posting again…

What finally did the trick was a special plugin called Cookies for Comments. I know there are mixed opinions about cookies on the Internet and I am against anything that tracks you over a period of time. But these are short duration things that are added and checked almost instantaneously!  Essentially, the user will pick up a cookie from one of my pages and if he goes to post a comment, the cookie will be checked first! If it isn’t there the posting will be disallowed ( Because they are using the wp-comments-post.php tool not a page!)

I’m sure eventually, they will figure a way around this – what ever one man can construct another man can deconstruct – but for now the dam is holding.

I think WordPress themselves will soon have to address this direct access of code for spamming purposes – it’s too big a hole and needs to be fixed!

Till next time then…

Ok, comments are working now BUT 😯

It would seem while the “normal” user could not leave any comments – the spammers have been working around the clock anyways… obviously accessing the comment files directly!  👿

I managed to find an older version of the file that was corrupted – which is good as some of my other tools seem broken for the moment ( my web hosting service having gone under several new companies might have something to do with this… )  😕

So while I can restrict, somewhat, some of the spammers. Some seem to be getting through besides that… which means I have to do some work behind the scenes now to make obvious files become way less obvious ( I hope  😥  )

Having broken tools doesn’t make my life any easier either… Got to get them fixed first I think.

Wish me luck – I think I’m going to need it!  🙄

Man

I’ve taken a look at my logs. “Unknown” sites are visiting a minimum of every hour to try and obviously plant SPAM on this site… I’m obviously posted on somebody’s list out there  👿

Add to that the fact that even after upgrading my Captcha tools – I was still getting SPAM  😯  So there are some VERY dedicated machines or a million monkeys typing really REALLY fast to crack all the codes 😥

So I thought I would take it to yet a higher level ( there are some really neat tools out there now that use graphics and mouse clicks to confirm you are a real person. ) Unfortunately, somewhere along the line when either Java stopped working ( or started complaining ) and the graphics were active ( but not visible ) things broke.  🙁

Both the footer and the comment field and posted comments are no longer visible   🙄

So at this point the smart thing to do would be to just roll back to the latest backup up… where of course I discovered that I had never installed backups on my own site 😳 I did it for all the other ones but never for my own…. go figure….

So, now I have to set up my backups and eventually go back and fix what ever broke, where ever it broke…

One big advantage… Spammers can’t post either  – so I think I’ll take my time fixing this one… and maybe, just maybe, somebody will drop me off that list  😉