diff options
Diffstat (limited to 'content/posts/2006-01-23-wordpress-en-masse-and-akismet.html')
-rw-r--r-- | content/posts/2006-01-23-wordpress-en-masse-and-akismet.html | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/content/posts/2006-01-23-wordpress-en-masse-and-akismet.html b/content/posts/2006-01-23-wordpress-en-masse-and-akismet.html new file mode 100644 index 0000000..69b7a60 --- /dev/null +++ b/content/posts/2006-01-23-wordpress-en-masse-and-akismet.html @@ -0,0 +1,66 @@ +--- +date: "2006-01-23T08:39:11Z" +title: WordPress En Masse and Akismet +--- + +<p>Saturday evening I spent several hours upgrading <a href="http://erinmduncan.com/" title="My sister Erin's web page.">erinmduncan.com</a>, +<a href="http://saraduncan.com/" title="My sister Sara's web page.">saraduncan.com</a>, <a href="http://richandrobynn.com/" title="My sister Dad and stepmom's web page.">richandrobynn.com</a>, and <a href="http://drotedogg.com/" title="My friend Nick's web page.">drotedogg.com</a> to the +latest and greatest versions of <a href="http://wordpress.org/" title="The ever-popular blogging tool.">Wordpress</a> and <a href="http://gallery.sf.net/" title="Web-based photo gallery written in PHP.">Gallery</a>. The +upgrades themselves were relatively painless (especially the <a href="http://gallery.sf.net/" title="Web-based photo gallery written in PHP.">Gallery</a> +one, which I won't even mention here), but I did jot down some +notes that might be useful to anyone else who has to do this kind of +upgrade.</p> + +<p>Tip #1: Try and stay current with your version of <a href="http://wordpress.org/" title="The ever-popular blogging tool.">WordPress</a>. +All of the aforementioned pages were running <a +href="http://wordpress.org/" title="The ever-popular blogging +tool.">Wordpress 1.2</a> which, +besides being chock-full of vulnerabilities (that were +<a href="http://pablotron.org/files/saraduncan.com-owned-20051203/" title="Sara's front page after it was defaced by a Brazillian group.">expoited at least once</a>), doesn't have an +immediate upgrade path to <a href="http://wordpress.org/" title="The ever-popular blogging tool.">WordPress 2.0</a>. The +<a href="http://codex.wordpress.org/Upgrading_WordPress" title="How to upgrade from WordPress 1.5 to WordPress 2.0.">WordPress 2.0 upgrade instructions</a> recommend +<a href="http://codex.wordpress.org/Upgrade_1.2_to_1.5" title="How to upgrade from WordPress 1.2 to WordPress 1.5.">upgrading from WordPress 1.2 to WordPress 1.5</a> before +upgrading to <a href="http://wordpress.org/" title="The ever-popular blogging tool.">WordPress 2.0</a>. Unfortunately, the +<a href="http://wordpress.org/download/" title="WordPress download page.">WordPress download page</a> only links to the latest release, and it +wasn't immediately apparent from the instructions how to obtain a copy +of <a href="http://wordpress.org/" title="The ever-popular blogging tool.">WordPress 1.5</a>. Fortunately, a bit of digging turned up +<a href="http://static.wordpress.org/archive/" title="Every release of WordPress, ever.">this page</a>, which has every release of <a href="http://wordpress.org/" title="The ever-popular blogging tool.">WordPress</a> since +the dawn of time. There are at least two other pages indexed by +<a href="http://google.com/" title="Apparently this is a search engine or something. Who knew?">Google</a> with <a href="http://wordpress.org/" title="The ever-popular blogging tool.">WordPress 1.5.1.3</a> tarballs, but both have +incorrect <acronym title="Message Digest 5 (cryptgraphic digest algorithm)">MD5</acronym> checksums, and at least one had some a code +change (which, upon inspection, appeared to be a bug fix). To be safe, +I stuck with the version from the <a href="http://static.wordpress.org/archive/" title="Every release of WordPress, ever.">legitimate WordPress archive</a>. </p> + +<p>I also switched all of the pages to a much simpler form of comment +spam filtering. Previously, the spam filtering was of a +convoluted combination of a phrase blacklist ("penis", "poker", +"viagra", etc), hacked in <a href="http://www.gudlyf.com/index.php?p=376" title="CAPTCHA plugin for WordPress 1.2, 1.5, and 2.0.">AuthImage</a> support, and a tweaked +<code>xmlrpc.php</code>. In fact, one of the reasons I was hesitant about +upgrading to <a href="http://wordpress.org/" title="The ever-popular blogging tool.">WordPress 1.5</a> was that I wasn't too optimistic about +duplicating all that nonsense. </p> + +<p>As of <a href="http://wordpress.org/" title="The ever-popular blogging tool.">WordPress 2.0</a>, all that hackery has been replaced by the +built-in <a href="http://wordpress.org/" title="The ever-popular blogging tool.">WordPress 2.0</a> plugin for <a href="http://akismet.com/" title="Free comment spam filtering system with an open API and a plugin for WordPress.">Akismet</a>. I haven't tested +it, I have a feeling it's something blog spammers can circumvent, +and I don't see how the company can stay afloat providing this as a free +service. But hey, I'm lazy. +<a href="http://akismet.com/" title="Free comment spam filtering system with an open API and a plugin for WordPress.">Akismet</a> requires zero administration, zero +tweaking, and, most importantly, zero patching, so I'm willing to give it a try and see what happens. Plus, the <a href="http://akismet.com/development/"><acronym title="Application Programming Interface">API</acronym></a> is +relatively straightforward, so if there are any hijinks on the their part, then +it's easy enough to switch to a comparable open system. There +are even <a href="http://www.blojsom.com/blog/nerdery/2005/12/02/Akismet-API-in-Ruby.html" title="Ruby bindings for Akimset.">Akismet bindings</a> for <a href="http://ruby-lang.org/" title="No post is complete without a reference to my favorite programming language.">Ruby</a>, although my initial perusal +of the source code tells me they won't work in <a href="http://linux.com/" title="Penguins, free beer, that sort of thing.">Linux</a> without a bit +of tweaking (hint: case-sensitive filesystems mean case-sensitive file +names). The only real <a href="http://akismet.com/" title="Free comment spam filtering system with an open API and a plugin for WordPress.">Akismet</a> annoyance is that in order to get an +<acronym title="Application Programming Interface">API</acronym> key, you <em>have</em> to sign up for a <a href="http://wordpress.com/" title="Free blog hosting system running, you guessed it, WordPress.">WordPress.com</a> account. It's +free, but it means I have yet another throw-away account, not to mention +a blog that I'll never update (everyone say hello to +<a href="http://pablotron.wordpress.com/">http://pablotron.wordpress.com/</a>!).</p> + +<p>Overall though, I have to hand it to the <a href="http://wordpress.org/" title="The ever-popular blogging tool.">WordPress</a> developers. It looks +like there are a fair number of changes under the hood, and I'm +impressed by how seamless they made the both of the upgrades. Or +maybe I'm just excited about not spending Sunday afternoons sitting at +the <a href="http://mysql.com/" title="Mostly open RDBMS.">MySQL</a> console deleting comment spam any more. Either way, I'm +happy.</p> + |