Place of Stuff

Soon, this blog shall be moving home.  Mine host has decided to go for a better deal.  And no matter what you all say, I trust him on this implicitly.  There will be some preparatory changes, most of which you won’t notice.  The one that you will notice is that I shall be disabling comments during the move.  This is so that none of your wonderful comments are lost during the move.  If the move happens close enough to my extended holiday/honeymoon they will be re-enabled sometime in week 3 of June (or maybe week 4).  Otherwise, I’ll just tease you by re-enabling them and then disabling them.  Depending on how the mood takes me.

If this all goes as well as I think it will, you won’t really notice the move.  Otherwise, well, stock up on tinned food and ammo and batten down the hatches, it’s gonna be a cold cold winter.

If you read this blog regularly (or even semi-regularly) you will know that I recommend upgrading

WordPress.org

Wordpress whenever the dashboard tells you to.  Quite apart from grabbing the latest features built into the latest releases, you also pick up any patches and security updates.  If internet history tells us nothing else, it tells us that sites that aren’t serious about security end up getting taken over.

It seems that there is a site offering a seemingly legitimate version of WordPress.org which is actually a backdoored version.  Which is a bit cunning and a lot malicious.  So what can you do to protect yourself?

Firstly (and most importantly), only ever get your copy of WordPress from the official WordPress sites: WordPress.org (for the single blog edition) or WordPress MU (for the multi blog edition).  Being the real deal, Wordpress will only offer the genuine article and will not knowingly make you install software that will trash your system or will leave you open to attack.  And they will patch when they know about a bug or security issue.  Other sites may seem faster or better somehow, but the only way to be sure that you are downloading the genuine version is to go to the official sites.

Next, themes and plugins.  If you want to be completely secure, you will only go via the Wordpress plugin page and theme page.  I have a small issue with this: the theme page has a limited selection, from memory I found this theme after going to the theme directory.  With plugins, I tend to start from the plugin directory and then navigate to the plugin’s web location – that way I get the latest version and access to any more documentation.  The natural caveat on this, though, is that you navigate away from the tested versions at your own risk.

If you do not understand what a non-official patch or hack does, don’t use it until you have run it past someone who does.  Personally, I know enough to be dangerous and know that tweaks I have applied will only, at worst, give me a blank page if they fail.  The WordPress.org support forums are a good place to go to if you need help – in fact, this is a good rule to follow for any computer changes.  I would also advise taking a backup of the site to ensure that if anything does go horribly wrong you can still roll back the changes.

None of this is rocket surgery (or brain science).  Stick with the official releases and upgrade when the message appears and you are making yourself as safe as you can be.  If you fail to follow the advice and you do get compromised you only have yourself to blame.

When I dipped in to upgrade some plugins this evening, my dashboard kindly told me that I needed to upgrade from WordPress 2.6.2 to WordPress 2.6.3. Get the latest version here.

In short, it seems that the library used to fetch the dashboards feeds, named Snoopy, has a vulnerability and this upgrade fixes that.

So, if you are running WordPress 2.6.2 or earlier (especially if you are running an earlier version) then you should upgrade soonest.

Quick Note: WordPress 2.6.1 is out.  If you are running an older version, especially if you haven’t even

WordPress.org

gone to 2.6.0 yet, you should upgrade – you’re missing out on new functionality and you may be at risk of having your site taken over.

Things to remember when upgrading: deactivate your plugins first, not all plugins work with all versions and you may need to find alternates.  Check that your themes will support the latest versions and that any custom code you may have inserted (you did comment the code, didn’t you?) won’t produce conflicts.

Finally, read the documentation for upgrading.  If you are new to WordPress.org and need to know how to install it, there is documentation for that, too.  If you get stuck, the WordPress.org forums are a source of knowledge and help – search first and then ask your question in the right sub-forum.

Oh yes, I am indeed the Comment King. For week ending 5th April, anyway. R T Cunningham hosts a semi-regular contest for the Comment King or Queen on his blog. To take part is easy, all you have to do is to leave a comment against his posts on the specially crafted “comment area”. And that’s it really. The catch is that you have to leave more comments than any other commenter.

Oh, and don’t think you can just spam his site with a load of crap to get this highly prestigious and sought after award. Like most bloggers, most sensible bloggers anyway, RT keeps an eye out for spammers and other malcontents. So be sure to leave only useful and insightful posts. Only the finest artisan created posts get the chance to gain the award (award shown is actual size).

Aside from the award I assume there’s some sort of castle, kingdom and jewellery still to come. I can wait……

Here’s something odd. I have purposely avoided writing about sexual topics – that I recall. Not because I have this plan to have a fluffy, cuddly site. Not because I find it distasteful (I don’t). But simply because I have no wish to write about it. Your sex life, and my sex life, is completely private and I don’t wish to inform the world about it. Just assume I’m a total stud and you won’t go far wrong.

Because I’m a sad type, I installed a plugin called Wordpress.com Stats (and yes, I am well aware that this is not on Wordpress.com) to see, well, stats on the site. It is written and maintained by Andy Skelton and, in line with most Wordpress plugins, is easy to install/upgrade and does what it says on the tin. This plugin shows things like a pretty graph to show your hits over various time periods and what people click on.

How do these two paragraphs relate? Well I’m glad you asked. Looking at my stats, I was unsurprised to see that I have few hits. Not bothered. I’m not doing this for a living. I was, however, completely surprised to see that over the last two days 107 people have visited my site after searching for variations on the word “lesbians”. Furthermore, one of the links people click to get to my site is from lexic.us – and online dictionary and thesaurus – and is, you guessed it, “lesbians“.

It seems that because of this post, I have become a popular place to look for lesbians. Because I’m a cynical sort, I doubt that women are coming here looking for advice on coming out – there are many better places to look for advice on that issue. I just find it funny that men (and you know they are men) are looking for material for a night alone and getting to my site. So, to all you furtive visitors, welcome. Stick around, see if there’s anything you like, post a comment.

(Incidentally, I do not know the sites I linked to in the final paragraph and have no idea whether the advice they give is good or worthwhile.  I hope it is.  Ironically, I googled for a term and found them that way.)