A little while back, I was interviewed by Eve from Multicoolty, a site that talks to ex-patriates about their experiences abroad. That interview just went up today.
I want to say a big hello to all the folks that have stopped by since I was Freshly Pressed.
This is the first time I’ve ever been Pressed, and I’m pretty stoked about the whole thing. I have two things I wanted to mention, though.
Thing the first: My posts aren’t usually so oriented in geek culture as that last one. I do reference genre television and movies from time to time, like in this post over here, but most of the time it’s a little more general. I write about life in Germany, about my travels, about the cool things I see in other cities and countries, and about whatever happens to pop up in my head.
Thing the second: When I scheduled my posts for this week and next, I wasn’t counting on the influx of traffic that you get from being Freshly Pressed. I’m really not used to having a lot of traffic at all. Even my post about the European Dog Sled Championships got more views than my sci-fi post before I got Freshly Pressed.
I have a cool post about trains set to post on Monday while I’m in an airplane, but I’m not sure yet what I’ll post after that, because I generally only have one or two posts ready ahead of time. My expats-in-scifi post went up right before two insanely busy weeks where I’m not really going to be at a computer. so there might be a little bit of a lull in the next two weeks.
That being said, if you’re the sort of blog reader who doesn’t mind if a blog only gives you new material once or twice a week, I’m probably your guy. Please come in, make yourself comfortable, and have a nice cuppa tea! I’ll be back soon, I promise!
I neglected to prepare a post for today. I assumed that after four days back in the States, I would have a lot to talk about. However, I forgot to account for the fact that I would be so busy catching up with friends and family that I wouldn’t have time to actually sit down and write something before the very last minute. Oops!
I’ll get back to writing new material as soon as humanly possible. For now, however, I’ll just be over here eating this awesome cookie that was given to me as soon as I stepped off the plane on Wednesday.
A quick explanation for why the blog has been down a lot over the last few days.
On Monday, I discovered that my WordPress installation had been hacked again. I spent a few hours cleaning things up, and then I got really frustrated with the Sisyphean nature of the whole process. Because of that, I decided to move my site from a self-hosted WordPress installation to WordPress.com servers, so that constant vigilance against hacks and software updates would be Somebody Else’s Problem(tm) for a change.
The annual fees for WordPress.com hosting were, I thought, well worth the one night a month I would gain in not having to clean out my blog’s infection and reset everything.
The last two days during which the blog was completely down were due to a failure in my nameserver change from Dreamhost to WordPress. This failure is ongoing and Dreamhost support is working on it- I’m actually using an http cloak to load the WordPress site directly without properly mapping the domain name. It’s a kludge, but it will at least bring me back up for the time needed to resolve the real problem.
As a nifty bonus though, WordPress.com hosting does a few things natively that it took me several plugins to get working on the self-hosted variety. Things like the direct connections to Facebook and Twitter to notify of new blog posts. The only functionality I lose is the LiveJournal crossposting, and I have a different solution for that once this is all sorted out.
The downtime is not the fault of Dreamhost, although their initial communication infuriated me because they misread my question three times. The downtime is also not the fault of WordPress, although their documentation could be a little bit more clear. The real fault for the downtime is a combination of my poor understanding of DENIC’s strict rules and an as yet to be determined problem with Dreamhost’s third-party registry vendor, Logic Boxes. That support request is ongoing.
Technical Note (If you’re bored by the technical stuff, skip this paragraph): DENIC, the registry for .de domain names, has very, very strict rules about things. It requires that you have a valid zone file on the name servers you want to change to, and this was not clear to me at first. I realized yesterday, after I discovered an “unexpected RCODE failure” on their nameserver check at http://www.denic.de/en/background/nast.html that I needed the zone on WordPress servers to make this happen. WordPress is used to this, and they get support requests to create zones manually all the time, so this was a piece of cake to fix once I knew that it was needed. However, the nameserver change is still not going through because the Dreamhost panel thinks this domain name isn’t registered.
In any case, there may yet be some additional hiccups to the DNS here, but once this is all sorted out I’ll get back to posting about life outside of the command line.
This blog is clean of malware. However, that wasn’t the case last night, so if you saw weird behavior when visiting before today, that may be why. And if you see weird behavior moving forward, please leave a comment and let me know! Here’s what happened:
Last night, while I was preparing the bus post, I noticed that sometimes when I went to the main site, I would get redirected to some spammy rr.nu domain. I thought it was a fluke the first time it happened, but then it happened two more times. Around this time, one of my friends was encountering Google warning them away from the blog, like so:
It turns out that at some point in the last few days, stevenglassman.de was hit by malware. I believe most of the changes were from February 21st, but it might have been earlier. I’m not certain of the point of entry, but a lot of things needed to be updated, so it might have been as simple as php injection. When I noticed this, I did a reinstall of all the core WordPress files, and I also reinstalled the theme that I’m using. This killed off most of the badness, but I was still seeing spammy rr.nu links at the bottom of every page. In addition, something was generating a .logs directory which contained a list of the spammy links. When I deleted that directory, it came right back.
Ultimately, I did all of the following-
- Deleted all of the themes except the one I’m using.
- Removed ALL of the plugins except for Akismet (anti-spam) and Jetpack (statistics).
- Removed Jetpack and installed it fresh.
- Changed my MySQL password.
- Changed my web user password.
- Changed the blog password.
- Disabled FTP for my web user entirely. (I never use it anyway; I rsync or scp files.)
- Went through individual files all over the server and pulled out obfuscated base64 code that was designed to cause more mayhem.
- Didn’t get a lot of sleep.
By the time all of this was done, the spam link finally stopped appearing at the bottom of every page on the site. The .logs directory stopped being regenerated. I haven’t lost any of my posts, and everything else seems to be intact. However, I’ll be re-setting lots of tiny things over the next week or so, reinstalling Wordbooker and lj-xp (my crossposting plugins), and so forth.
On the plus side, this clean start gives me the opportunity (I choose to call it an opportunity) to work on some design elements of the blog that I’ve been procrastinating.
We now return you to your regularly scheduled blogging about life in Regensburg, Germany.