It’s come a long way from having to beg Google to come and index the site site. These days, Googlebot visits the site only minutes after a new articles is published, and it’s on the Google SERP first page for many queries within minutes after that.

So what do you like or not like about Digitivity?

What would you like to see in the future?

Related posts:

1. Showing Excerpts Instead of Full Posts on the Home Page in WordPress
2. Updating Your WordPress Blog Too Frequently: Avoiding Getting Banned from Ping Services
3. Blog Automation with BlogProfitz: A Good Way to Make Money?

About Skipfish

Skipfish is implemented as a program that you run locally (from your personal computer) or on the same server as a website or WordPress or other blog. It saves output in a directory you specify in HTML format (sample below).

If you’re wondering why Google would release a security scanner for free, Google has in interest in a secure and non-exploited Internet. If, every time you go online, your computer is hacked, you’re less likely to go online. The less you go online, the less Google searches you do, the less ads you click on, and the less money Google gets.

Skipfish is similar to other security scanning programs like Nikto and Nessus. But it also has some advantages such as:

• High Performance. You can run 500+ requests per second over the Internet, 2000+ requests over a LAN, and 7000+ requests on the same server as a website.
• Ease of Use. Skipfish is flexible and it handles weird URL schemes and even comes up with automatically generated password guesses based on site content.
• Fine security checks. Skipfish detects subtle problems like cross-site scripting, but it also identifies and avoids false positives.

Major security holes that Skipfish finds include

• Server-side SQL injection (including blind vectors, numerical parameters).
• Explicit SQL-like syntax in GET or POST parameters.
• Server-side shell command injection (including blind vectors).
• Server-side XML / XPath injection (including blind vectors).
• Format string vulnerabilities.
• Integer overflow vulnerabilities.

And there are other minor problems that it finds as well.

Running Skipfish

Skipfish is written in C, and you probably need to compile it before you run it. I’ll have another blog post later on preparing and running Skipfish.

Skipfish is hosted at Google Code here: http://code.google.com/p/skipfish/

Related posts:

1. How to Install Google Skipfish on Ubuntu Linux
2. Google Buys Picnik, a Free Online Photo Editing Website
3. Google Releases Its Nexus One Phone, But It’s Not an iPhone Killer

It bills itself as Digg for bloggers. As opposed to Digg, which covers general topics with an emphasis on technology, BloggerDen is geared toward blogger-specific issues.

• Blogging: Blogging, Writing Tips, Tools, User Interaction, Analytics, Domain Names
• Making Money: Making Money, AdSense, Affiliate Programs, PPC, CPM, E-commerce, Banner Ads
• Marketing: Marketing, Social Networking, Social Bookmarking, Link Building, Paid Services, Directories
• SEO: SEO, Alexa, Google, Yahoo!, Bing, Keywords, Tips & Tricks
• Design: DesignWebsite, Design, Graphics, Software, Tutorials, Inspiration, Photography
• Development: Development, XHTML/CSS, PHP, JavaScript & Ajax, Databases, .NET
• Content Management: Content Management, Blogger, WordPress, Joomla!, Drupal, Pligg, DotNetNuke
• Offbeat: Offbeat, Technology, Entertainment, Funny, Gaming, Lifestyle, Videos

Unlike Technorati, signup for BloggerDen is dead simple.

All you need to enter is your username, e-mail, and password:

One thing you should do after signing up is upload an avatar image in your profile if one isn’t pulled in based on your e-mail.

Submitting links to BloggerDen

Unlike Digg, it’s OK if you submit your own articles to BloggerDen.

After you submit the URL (which is supposed to be unique in the BloggerDen system):

You then set the tags and add a description:

My comments

Although BloggerDen is a total Digg clone, down to even the header and highlight colors, that’s OK because Digg frowns upon some of the articles that bloggers like to read and share. If they can prevent total spam submissions, I think it’ll be useful.

What do you think?

Related posts:

1. Blog Automation with BlogProfitz: A Good Way to Make Money?
2. Google Chrome Browser Third Place Behind Internet Explorer and Firefox
3. Updating Old Posts or Posting New Ones

Whenever I’d go to comment on another site, CommentLuv would say there’s a feed error, and it wouldn’t let display my last blog post in the comment.

I thought it would go away just by fixing the feed, but it didn’t. Here’s how I finally fixed it.

CommentLuv Feed Errors

It seems that whenever you have three problems with your feed, CommentLuv bans you:

Supposedly, this is based on your IP address and website address combination. CommentLuv then wants you to visit their site to unban yourself, but you can’t do that without being a member. I think this is a kind of a way to get people to sign up. Otherwise, CommentLuv could just:

• unban you automatically when you try to comment after your feed is fixed.
• unban you when you visit the unban URL.

If they allow you to use CommentLuv without signing up, there’s no reason you should have to sign up to unban your feed. They say “This is done because constant requests to a faulty or non-existant feed will freeze up the server.” But why would CommentLuv make constant requests to a faulty feed? It only contacts the feed when you go to comment on someone’s website.

Anyway, after you do sign up, you need to visit http://comluv.com/member/unban-url/ to remove the ban.

Removing the CommentLuv ban

At the Unban page, CommentLuv asks you to enter the URL of the site that has the bad feed:

After you fix your feed, enter the URL and click Submit, CommentLuv verifies the RSS feed and unbans you:

Ensuring your feed has been fixed

You should make sure your feed has been fixed before you try to unban it.
You can check if your blog is working with ismyblogworking.com.

Another way is to enter the feed URL in Firefox. It’ll parse and display the feed if it’s OK. It it’s not, it’ll give you an XML error.

Related posts:

1. 4 Cool Features and 4 Boring Ones in the New WordPress 2.9
2. Showing Related Posts in WordPress with the YARPP Plugin to Increase Pageviews
3. What Is RSS? An Introduction to Feeds and RSS Feed Readers

Here’s the step-by-step process for installing the plugin.

Installing the cbnet Ping Optimizer

Log in to WordPress as admin and go to Plugins > Add New.

In the Search box, enter “cbnet ping” and hit “Search Plugins”:

A list of search results of plugins is shown. Select Install for the cbNet Ping Optimizer:

A description window comes up for the cbnet Ping Optimizer. Click on the orange Install link:

WordPress installs the plugin, and informs you that it’s installed. Once the plugin is installed, you have to activate it. Click on the Activate Plugin link to activate it.

WordPress tells you the plugin is activated:

In the list of plugins, there’s a link for the cbnet Plugin Optimizer settings:

However, due to a small typo in version 2.3.2 of the plugin, the settings link from the plugin list doesn’t work. Instead, you should go to WordPress Settings > cbnet Ping Optimizer.

Resources

cbnet Ping Optimizer

Related posts:

1. Updating Your WordPress Blog Too Frequently: Avoiding Getting Banned from Ping Services
2. How to Stop Spam in WordPress with the Akismet Plugin
3. Making Minor Changes in WordPress Without Updating the Last-Updated Date with the Minor Edit Plugin

But it also does that every time you update the post, which for me is often five times in 10 minutes after publishing.

If you ping them too many times, they can ban you for spammy behavior.

So, how do you avoid getting banned?

What is a ping?

The word ping was originally used as the name of the Unix utility ping, which tries to contact another computer on the network to see if it’s visible to your computer.

In the blogging world, ping is used to mean your blog contacting a blog indexing service to tell it when you’ve published a post.

WordPress blog pings

By default, WordPress pings rpc.pingomatic.com when you publish a post.

The settings for this are in Settings > Writing > Update Services.

However, and this is key, it also pings when you update the post.

While this is OK if you’ve come back to the post a month or even a week later and added some material that you want indexed, it’s not so good if you’re just changing some minor errors.

What I normally do is proofread a post before publishing it. But no matter how much you proofread, there’s always something you miss. Sometimes I’ve updated a post up to five times after publishing for minor stuff like:

• Adding a picture
• Changing the alignment of a picture
• Bolding a word
• Adding a link
• Adding a tag

All of this in the space of 10 minutes or so. In that time, the web indexing spider for the blog index may or may not have even come around to visit your site, and you’ve already sent them multiple pings.

Overpinging

It’s like ringing someone’s doorbell over and over again when they’ve already heard you and haven’t reached the door yet. You’re likely to annoy them, and they might just not open the door whereas they would have if you didn’t keep ringing.

As for the blog indexes, they don’t really like over-pinging. Think about it if you were the blog service. You already receive millions of pings per day for legitimate posts. Would you really want to receive twice or 3X or 4X that number for no reason?

That’s why it’s believed that some of these services actually ban you if you ping too often.

cbnet Ping Optimizer WordPress Plugin

Since bare WordPress pings too often, you have to use a plugin to make it work like you want. The best overall plugin I’ve found for that is the cbnet Ping Optimizer.

It’s a fork of the MaxBlogPress Ping Optimizer, with the difference being that you don’t have to sign up for their e-mail newsletter to get the plugin.

After installing the plugin, go to the settings in Settings > cbnet Ping Optimizer.

Note: Don’t click on the “settings” link in the Installed Plugin list. That doesn’t work in version 2.3.2 of the plugin.

I checked the “Limit excessive pinging in short time” option and set the time to 15 minutes and click Save Settings:

You can set the blog index services to be pinged either in cbnet Ping’s settings or in WordPress’s own settings at Settings > Writing. On the backend, it’s the same setting shared between the two of them.

Ping log

Another advantage of cbnet Ping Optimizer besides avoiding excessive pinging is the ping log. It tells you when WordPress pinged a blog index, and when it didn’t (i.e., you updated a post in quick succession, but the blog index wasn’t sent a ping due to the settings):

Other WordPress Ping Plugins

There are some other ping plugins for WordPress, but they’re not as fit for the purpose or accessible as cbnet Ping Optimizer.

Smart Update Pinger v2.00

This plugin by Christian Davn is discontinued according to various blog posts.

I can’t find an original source for it, and it’s basically abandoned at this point.

MaxBlogPress Ping Optimizer

This is a ping plugin that works with the latest WordPress’s, but you have to register your e-mail to get the plugin. The plugin itself is free and open source under GNU GPL.

Ultimate Plugins Smart Update Pinger

This is also a ping plugin that works with the latest WordPress versions, but you have to register your e-mail to get the plugin.

There’s a Ping Watcher and Ping List Checker plugin too, but they don’t do what the other ping plugins do.

Resources

cbnet Ping Optimizer

Related posts:

1. Installing the cbnet Ping Optimizer Plugin for WordPress
2. Making Minor Changes in WordPress Without Updating the Last-Updated Date with the Minor Edit Plugin
3. 4 Cool Features and 4 Boring Ones in the New WordPress 2.9

It’s unclear who exactly it was that did the hacking, or how they did it.

Here’s how the Register (the UK technology site) showed the defaced TechCrunch site:

Techcrunch Hacked

Even the BBC is covering the story.

TechCrunch on WordPress

Since TechCrunch runs on WordPress, it obviously heightens security issues for WordPress bloggers. There are a few basic precautions you can take so you’re not a complete sitting duck for crackers.

Security on WordPress

1. Make sure only your user can read your files

It sounds sort of silly. After all, why would any other user be able to read your files on your webserver? Actually, guess again. On most shared hosting servers like Dreamhost, which is what most blogs use until they really become big, users other than yourself can actually read your files given the default setup.

For most files, this isn’t too much of a problem, but you might be surprised to know that many PHP-based applications (including WordPress) set your configuration file to be “world-readable” (i.e. other users can read it).

I’ll be posting in detail on this topic later, but for now, I’ll just say that you can reset permissions to prevent other users from viewing your files by logging into your webserver’s shell and executing the following command:

chmod -R o-r *

The above chmod command changes the permissions of all files (*) recursively (-R) to prevent others (o) from reading (r) files.

2. Make sure you have the latest version of WordPress

At least make sure you’re running no lower than WordPress 2.9. WordPress 2.7 and 2.8 had some nasty loopholes that crackers were taking advantage of to create hidden user accounts on WordPress installations.

Recent versions of WordPress allow you to upgrade right inside the web interface so there’s no excuse not to upgrade.

But be sure you have a backup before doing so.

3. Back up your WordPress installation

If you do get hacked, it’ll be handy to have a backup from which you can restore your site. You should back up both your database and your WordPress files and uploads.

Again, I’ll go into detail about this later, but for now:

Backing up the WordPress Database

There are webhost-specific ways of doing this. There’s also a shell command that’ll let you back up a database. But the easiest way for the uniniated might be using the WP-DB-Backup plugin.

Install it, and you can backup WordPress within the WordPress admin interface.

Backing up WordPress Files

WordPress files include the PHP and other files within the WordPress application when you first installed it. It also includes plugins you’ve installed and photos you’ve uploaded, as well as your themes.

An easy way to back up WordPress files within the admin interface is the WordPress Backup plugin.

Otherwise, the way you back up files differs from webhost to webhost. Some webhosts, like Dreamhost, offer the ability to backup all your files in a single shot from their control panel. If yours doesn’t, log in with FTP and download all the files in your user account to your computer.

Of course, this means you’ll be downloading thousands of files. It’s better to create a single ZIP file, and download that single (large) file. I’ll be covering how to do that later.

Resources

TechCrunch hacking

http://www.techcrunch.com/2010/01/26/techcrunch-hacked/
http://www.theregister.co.uk/2010/01/27/techcrunch_hacked_again/
http://www.loudable.com/techcrunch-is-hacked-and-up-now.html
http://news.bbc.co.uk/2/hi/technology/8480467.stm
http://pinoytutorial.com/techtorial/techcrunch-hacked-january-25/

WordPress backup

WP-DB-Backup
WordPress Backup plugin

Related posts:

1. How to Serve Your WordPress Blog from the Root Directory If It’s Installed in a Subdirectory
2. Installing the cbnet Ping Optimizer Plugin for WordPress
3. Updating Your WordPress Blog Too Frequently: Avoiding Getting Banned from Ping Services

The WordPress Foundation is a legally-constituted 501(c)3 non-profit organization. This puts WordPress on a solid base as far as being available far into the future on a free and open-source basis.

I think this is just another very good reason to use WordPress as opposed to some of the other blogging platforms out there.

While it’s true that some of the WordPress developers pursue commercial goals at wordpress.com and Automattic, the WordPress Foundation gives assurance to ordinary users that WordPress will continue to be available freely to the Internet no matter what happens to the Automattic company.

Resources

Automattic
wordpress.com
WordPress Foundation
WordPress Foundation blog post at wordpress.org

Related posts:

1. Showing Related Posts in WordPress with the YARPP Plugin to Increase Pageviews
2. How to Add an E-mail to a Gravatar Account
3. Showing Excerpts Instead of Full Posts on the Home Page in WordPress

Everyday, there can be dozens of absolutely inane comments like these:

Spam Comment

Some, however, are a little trickier:

Disguised Spam

They’re worded generically enough to seem legitimate, but they either link to a spam site, or they’re an attempt to get your WordPress installation to e-mail them. WordPress will notify commenters when new comments are posted. So, in other words, they get the e-mail address which you use to get notifications from WordPress. Regardless of whether you actually monitor that address, spammers can also use a brute-force method of trying hundreds or even thousands of different usernames at a given domain, some of which are likely to match.

Spam comments look bad on your blog when real readers are reading them. Finally, Google doesn’t like links to spam sites. It’ll mark you down for it, and can have an adverse effect on your rankings on search engine result pages (SERPs).

Automatically stopping spam with Akismet

This is where Akismet comes in. Akismet is a WordPress plugin brought to you by the same people that make WordPress and run wordpress.com .

It tests the links in the comments you receive from its servers, and determines, to a high degree of confidence, whether the comments are spam. The exact criteria for Akismet marking a comment as spam aren’t publicly revealed, so as to prevent spammers from gaming the system.

Installing Akismet

Akismet is installed like any other WordPress plugin. Log in as admin, then go to Plugins, and click “Add New”.

Installed Plugins

In the Search box, type “Akismet” and hit Search.

Search for Plugins

Click on “Install” for Akismet in the search results:

Plugin Search Results

Then click on “Install Now”:

Plugin: Install Now

Once Akismet is installed, click on the link to activate it:

Akismet Plugin: Click to Activate

The plugin is activated:

Akismet Plugin: Activated

To enable Akismet, though you have to have what’s called an API key. Since running the Akismet service takes money, service is apportioned among free users. To do this, everyone gets a kind of password called an API key.

Getting an API Key for Akismet

To get an API key, you sign up for an account on wordpress.com:

WordPress.com Signup

Simply enter your desired username and e-mail address.

WordPress.com sends you a confirmation e-mail, and after confirming, you’re sent another e-mail that contains your API key.

If at any later time, you need to find out your API key, just log in to WordPress.com, and go to My Account: Profile:

WordPress.com: Edit Profile

The API key is the first item on the profile screen:

WordPress.com: API Key

Copy it and paste it into your WordPress installation’s Akismet configuration screen:

Akismet Plugin: Configuration Screen

Click on “Update options” and WordPress will verify the API key. After it’s verified, Akismet is operational:

Akismet Plugin: API Key Verified

Using Akismet

There’s nothing else that you have to do to run Akismet.

Akismet checks your comments, and puts the ones it thinks are spam into the WordPress spam bin. You should check it occasionally to ensure that a legitimate comment didn’t get marked spam. To go the the spam holding area, just click the “Spam” link that appears in the Dashboard when you first log in to WordPress:

Akismet Plugin:Spam Bin Link

You can unspam a comment by clicking the “Not Spam” link:

Akismet Plugin:Spam Bin: Not Spam

Allowing instant comments

Another thing you can do after installing Akismet is to allow instant comments. Normally, to screen for spam, most bloggers require that comments be approved before they will display on the blog. This often means delays in getting comments to appear, which leads to a less vibrant discussion.

Since one of the main reasons for comment approval is to avoid spam, with Akismet installed, you can stop requiring admin approval for comments. Go to Settings:

WordPress Settings

Click on Discussion. Then, in the “Before a comment appears” section, uncheck both checkboxes:

WordPress Settings: Discussion Comment Approval

Summary

1. Install Akismet
2. Get and set a WordPress API key
3. Check the spam bin from time to time

Resources

Akismet Plugin Page

WordPress.com

How to Get a WordPress API Key to Activate Akismet Plugin

Configuring and Using Akismet

Related posts:

1. Making Minor Changes in WordPress Without Updating the Last-Updated Date with the Minor Edit Plugin
2. Installing the cbnet Ping Optimizer Plugin for WordPress
3. Showing Related Posts in WordPress with the YARPP Plugin to Increase Pageviews

Granted, the percentage for Chrome is nowhere near Internet Explorer, but I still think this is important.

The most important lesson is: You should code your websites to HTML standards as opposed to targeting a single browser’s quirks (like IE 6.0).

It’s a mistake to dismiss Google Chrome because it doesn’t have a lot of market share at the moment. Firefox likewise didn’t have a lot of market share, but it’s at about 25% right now. Who in their right mind would turn away 1 out of 4 of their customers?

But I think Google can increase its market share much more rapidly. For one thing, they can promote Chrome on their websites, like they’re doing on Youtube now. The number one video site on the Internet telling people to download Chrome gives it instant credibility.

In addition, Google can promote Chrome outside the digital sphere, as they are doing on the busses of certain cities currently. If Google can make google a household word, Chrome’s not too far behind.

Resources

Download Google Chrome here.
Slashdot discussion
Browser survey
ComputerWorld article

Related posts:

1. Firefox and Chrome Complicate Mozilla and Google Ties
2. WordPress Cutline Theme Resizes Image in Internet Explorer but not Firefox
3. Google Chrome for Mac: Now with Extensions