Tag: Wordpress

On Being Hacked [en]

[fr] Hackée, et voilà, moi qui savais justement pas quoi faire de mon beau dimanche après-midi ensoleillé...

I’m currently battling with a hacked WordPress installation. You won’t see anything if you view source, but Google unfortunately sees a whole lot of spam right at the top of each of my pages.

Result of being hacked on CTTS

Here’s some information in the hope somebody may have a bright idea to help me root out the hack.

  • I’m running 3.0.3 and would like to find the source of the problem before upgrading to 3.04 (bad idea?)
  • I’ve tried disabling all plugins, and the problem is still there when I do that.
  • I’m using the vanilla default Twenty-Ten theme
  • I’ve looked in the theme header (header.php) for anything obvious, and also in wp-content, wp-plugins, etc. for anything that looked out of place to my eyes
  • I’ve run greps for base64 (anything here look suspicious?), spammy keywords, and other things I could think of
  • It does not seem to be this pharma hack (have failed at finding any signs of it following the instructions there — wp_option keys, backdoor files…)
  • I have searched my database for spammy keywords (also backwards) and haven’t found any aside in spam comments caught in Akismet

I will update this post as I find out more. Thanks for your suggestions.

Update: at least a partial solution… running find . -iname *.php -print0 |xargs -0 grep base64 allowed us to identify a problem in l10n.php, which was promptly replaced by a new version (evil version available on request). One of my pages as viewed by Googlebot now looks like this. So, the site is cleaner, but are there any backdoors left?

Google Webmaster Central is definitely a place to visit regularly — I would have spotted this way sooner if I had, rather than wondering what was wrong with my robots.txt file when I stopped being able to “direct Google” my posts. View more scary screenshots.

Catching up With Backtype [en]

[fr] BackType: pour voir les commentaires que je fais dans la blogosphère, l'impact "social" de mon blog, les derniers tweets qui le référencent, et un plugin WordPress (TweetCount) qui va remplacer TechMeme pour moi, simplement parce qu'il liste effectivement les tweets référençant l'article en question, ce que TechMeme ne fait pas.

Image representing BackType as depicted in Cru...
Image via CrunchBase

A few weeks ago I read that BackType was going to discontinue the BackType Connect plugin that I had used some time back here on CTTS, which prompted me to (a bit hastily, I’ll admit) make a comment about how you’re really better off not relying on a third party for hosting your comments (which is not what BackType does, my bad).

The BackType Connect plugin took offsite reactions to your blog posts (tweets, for example) and published them as comments. I have to say I was never really really happy with the plugin: installing it made me realize that most mentions of my posts on Twitter were retweets (or spambots) and that I didn’t want to mix that kind of “reaction” with my comments. At one point the plugin really stopped working (or gave me some kind of grief) and I dropped it.

I actually liked BackType a lot when they started out, and I owe them big time for saving hundreds of my blog comments when I dropped my database early 2009. Even though I wasn’t using their plugin, I was unhappy about the announcement — and even more unhappy when I discovered that my user page had disappeared (yes, the one displaying all the comments I’d made on other blogs and this one, which replaced what I’d used coComment for).

BackType, however, did something I liked a lot, and wished TweetMeme had done: allow me to see all the latest tweets linking to Climb to the Stars. This prompted me to take a closer look at what BackType was actually still doing, and report my findings of interest back to you, dear readers.

  1. Good surprise: BackType actually does still allow me to track comments I make all over the blogosphere — but it uses my URL rather than my user account to identify me.
  2. Already mentioned: tweets linking to my blog. Including old ones.
  3. The social impact of any URL: tweets, comments and friendfeed mentions over time, complete with mugshots of “top influencers“.
  4. TweetCount plugin, which is probably going to replace the TweetMeme plugin I was using until now,  because BackType actually lists tweets linking back to a post (compare with the TweetMeme page for the same post). I’ve always found TweetMeme a bit too close to Digg and TechMeme (you know I’m no fan of the race for popularity or breaking news). TweetCount counts a few less tweets than TechMeme, and I suspect its results are cleaner.
  5. If you like displaying tweets mentioning your posts on your blog, you should also check out the BackTweets plugin.

Does BackType do anything else that seems precious to you?

Conversation fragmentation is still an issue in today’s blogosphere, but tools like BackType (and even the Facebook Like button!) are helping is stitch the different pieces together.

Facebook Page Like Buttons: Quick and Dirty [en]

[fr] Comment ajouter à votre sidebar WordPress un bouton "J'aime" simple pour vos pages Facebook.

Sorting out my mess of Facebook pages and groups (part 2 coming soon!), I’ve spent way too much time struggling with the Facebook Like Box creator and a couple of WordPress plugins (Facebook Social Plugins and Facebook Like Box Widget). I just didn’t manage to get what I want, which is a simple, minimal list of my Facebook pages and a Like button next to them.

Here’s what I wanted (it’s in the CTTS footer now, so you can also scroll down and see it live… and like my pages!)

Quick and Dirty Facebook Page Like Buttons

I didn’t want a Like Box full of stuff. Just the page name, avatar, and the like button.

Here’s how I finally did it (it’s dirty, but it works — just stick the code in a text widget if you have a WordPress blog):

<iframe src="http://www.facebook.com/plugins/likebox.php?id=7812744463" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:220px;height:60px;" allowTransparency="true"></iframe>

Just replace the number after id= by your page’s ID (you can find it easily by going to your page, it’s the number following your page name in the URL.

If your page name is long, you might want to increase the height of your iframe to 80px or 100px (trial and error, you’ll find the right height).

There you go!

Oh, and I added like buttons to my posts, too, with the Facebook Like Button plugin. Dunno if it’s the best one out there or not, but it seems to work and I didn’t have to struggle too much setting it up.

Traduction suisse romande de WordPress.com [fr]

Il y a quelque temps déjà, on m’a très gentiment donné les clés (merci, !) de la traduction suisse romande de WordPress.com. Chacun peut contribuer à la traduction grâce au système GlotPress — il suffit d’être connecté à votre compte WordPress.com.

Pourquoi une version romande? Comme vous le savez, le français d’ici et le français d’outre-Atlantique (et même d’outre-Léman) ne sont pas tout à fait les mêmes. Plutôt que de lutter contre “blogues”, “courriels” et autres “plans du domaine” qui apparaissent quand on mélange des francophones trop divers, je vous propose donc de mettre sur pied une petite coalition romande pour qu’on ait à disposition une jolie traduction helvético-compatible.

Si ça se passe bien, il pourrait même être question de procéder de même pour WordPress.org… Donc lancez-vous, même si vous êtes plutôt .org que .com! (On peut — enfin je peux — exporter/importer des traductions…)

Pour vous y mettre:

– allez hop, une petite traduction ou deux le matin avant de démarrer

– partez à la chasse au courriel ou au blogue grâce au filtre

– dans votre blog WordPress.com, allez sous Réglages > Général et choisissez comme langue “Français de Suisse” (fr-ch)

– quand vous remarquez une erreur de traduction, allez vite proposer une meilleure traduction en la retrouvant grâce au filtre

Qui s’y lance avec moi?

SWITCH Conference, Coimbra: José Fontainhas [en]

Running notes from the SWITCH conference in Coimbra. Are not perfect. Feel free to add info in the comments, or corrections.

Jazz and the art of Chaos

About how José became a better musician. Everything not in English at Automattic has something to do with José. But first and foremore, he is a drummer.

Where it began: a few years back, José decided he wanted to be his own boss. Wanted to develop ideas that don’t thrive well in the online world. Generic websites. Found WordPress: open source, easy to use, and named for jazz musicians. Started WordPress-Portugal.

Playing solo doesn’t work for all musicians. Freelancing felt a bit like playing solo, studio work. He came across Automattic.

Automattic does WordPress.com, but many other products: Akismet, BuddyPress, VideoPress, etc. 11 mio blogs on wp.com.

1200 servers running across a whole bunch of data centres. The service speaks more than 60 languages, and this is where José comes in. Portuguese is the third most popular language after English and Spanish.

He sent in his application, and a few months later got an answer. Whee! Felt like getting a positive response from Mick Jagger saying he’d love to play in the band or something 🙂

He thought they would be like other companies, but they’re crazy! Same kind of craziness as him, however.

  • work is completely distributed, everybody works from home (50 people!) — 12 US states, 10 countries
  • everybody sets their own work hours
  • no offices (Pier 38 in SF though, but it’s more a space/lounge rather than an office) — used as a coworking space, open to others
  • communicate using p2; IRC channel, conversations logged, indexed and archived, but it became too busy => but afterwards, moved to p2 (they use e-mail, but really not that much)
  • in-person meet-ups every six months or so, to see each other’s faces, etc.; weeks with fun activities and small projects and workgroups to be delivered at the end

Point: the system is chaotic. No titles. No diagrammes. No PAs. But there are responsibilities. Each person needs to be grown-up enough to find his or her place in the journey.

They push code changes live to production upto 20 times a day. Direct from dev to live.

It’s a jam. Embrace the chaos, don’t fight it. Improvisation. Be a better musician. He is the master of his instrument, and his band mates know he is and trust him to use it the best.

*Here’s a video of Zé’s talk (minus a little bit when my memory card was full, oops!) if you want to listen to it.*

Plans for Basic Bilingual [en]

[fr] Projets de développement pour le plugin WordPress Basic Bilingual, qui rend ce blog bilingue.

Here are the next improvements I want to make to the WordPress plugin Basic Bilingual. Considering my coding skills, they will happen slowly, so feel free to lend a hand if you think you can.

  1. Move the language definition to the admin screen. There’s already a screen and an option there, so it’s a simple case of copying and modifying code around to create options for language 1 and language 2, and create a simple function to retrieve the values at the beginning of the plugin.
  2. Allow WordPress search to access the other-excerpt field. The Keyword Search in Plugin Table example in Codex is close enough to what I’d like, only it would need to search in the postmeta table instead of a custom plugin table.
  3. Here’s the big one. Append a language code to any WordPress URL (except permalinks) to filter out posts from the other language. Ideally, would display posts in the language and also the other-excerpts of posts in the other language, with different formatting (smaller title font to distinguish them from full posts written in the desired language). Am reading up on wp-rewrite, permalinks for custom archives, WordPress queries and custom queries. I feel I’m onto something, but I also feel just a little bit out of my depth.

Four Lazy WordPress Plugin Desires [en]

[fr] Quatre idées de plugins WordPress que j'utiliserais s'ils existaient.

Dear Lazyweb,

Here are a few WordPress plugins I’d love to use, if they existed.

  • hreflang: I’ve come to love the visual editor in WordPress (after years of hating it with a passion). The only thing I regret is that if I want to add hreflang attributes to my links, I have to go over and edit them in HTML. So I don’t do it. The little pop-up to add a URL has fields for title, target (blergh!) and class, so it shouldn’t be too hard to write a plugin that adds an hreflang field, should it?
  • unpaginate: I’ve always had mixed feelings about pagination. On the blog home page, it’s great, as it allows you to simply “read more”. On very long pages, it’s also good, because it allows you to not have to wait a whole year for the page to load. But often, if I’m on a monthly or category archive page, I’d like to be able to load all the posts belonging to that month or category so I can do a quick text search on it for something I’m looking for. What would be lovely would be a plugin that adds an “unpaginate” link at the bottom of the page (near “previous”). Upon clicking that link, the reader would be taken to an “all the posts” page with no pagination. This could be an option of the next plugin I’m going to describe.
  • post lists: I like it when blogs display full posts on their pages, but I know that in some cases it’s more practical to see a list of titles with excerpts, or even just a list of titles. This plugin would make WordPress generate list and excerpt pages for any existing URL in the system: 2009/12/list/ or tags/twitter/excerpt or category/writing/partial. These pages should not be paginated, I think (so the unpaginate plugin described above could be an option for this plugin, as the code to do it should already be included). Maybe a little admin panel to set the URL schemes and activate various options would be cool.
  • Tagul tag cloud: simple one! Give all the tags of the blog to Tagul to eat, and display the pretty tag cloud on the tags/ page. Bonus for tag clouds by month, category, and… tag.

That should keep you busy if you were looking for a little WordPress plugin coding project! Am happy to give more precise information if some kind soul is willing to give one of these a try. Fame and fortune (well, maybe not fortune) await you!

WPtouch iPhone Plugin Now on CTTS [en]

[fr] Le plugin WPtouch iPhone permet maintenant aux lecteurs de CTTS munis d'un iPhone de voir une mise en page adaptée à leur petit écran. Profitez!

Some time back I noticed that sites on WordPress.com were sporting a fancy iPhone-compatible theme, like this one:

Xavier put me on the scent of the WPtouch iPhone plugin, which I have just installed on CTTS — should make getting your daily (hrmm… almost) dose on your favorite phone a more pleasant experience!

WordPress Mobile Edition is another plugin which lets you customize your mobile theme more finely.