Archive for May, 2008

mushrooms

I used to despise mushrooms. Avoided them at all costs for the first 30 years of my life. Now I love them. I seek them out. Order them, specifically. “Oh, that has sliced shiitakes on it? Well, yeah, let’s go with that one, thanks”.

I have a similar tale about asparagus.

It’s funny how we box ourselves in.

“I don’t eat mushrooms. I’m not a mushroom-eater.”

I need to remind myself that I spent 30 years avoiding something that I now enjoy.

twitter.com/simplebits

“Once delivered a box of t-shirts to Arista Records. Clive Davis came out of an elevator, looked at me: ‘You delivering underwear?’”

Discount Days

Sure, the price of oil may be at a record high, but the fine, friendly folks of the internet are here to brighten your day. Here are two ways the faithful readers of SimpleBits can save some dough:

Save $50 on the ticket price to An Event Apart San Francisco in August! Just enter the coupon code AEACEDE when you register (that’s in addition to the early bird discount).

If you’ve never been to an An Event Apart, make this your first. I’ll be giving a talk along with 11 other web luminaries. It will be the best of times.

I mentioned Luke Wroblewski’s Web Form Design book previously. Now you can save 10% on the cover price by using the coupon code CEDERHOLM when ordering from Rosenfeld Media. This code should work for their other excellent books as well.

Hack’d

I spent yesterday cleaning up some awful link spam that littered several of the domains I own. Some crafty fellow had stuffed hidden links to illegal MP3 sites in the footer of as many index files as they could find. I thought it’d be a good idea to document it in case anyone else runs into the same dilemma. Plus, hey, an excuse to write a multi-paragraph entry. Go me.

I’m not exactly sure _how_ the account was compromised, and I’d hate to point fingers without knowing. Could’ve been either of the two popular blogging software applications that are installed. Or it could’ve been a hack to the server in general. After some digging and some Googling, it turned out someone else had the exact same problem. A hidden directory was including a PHP file that was in turn including a .txt file filled with SEO spam and inserting it by IP address to most of my domains. I quickly deleted these files, but the links were still there.

The baffling part was that when opening any of the compromised files, the links weren’t in the source. Grepp’ing for the spam had it showing up in multiple files, but opening the file to edit showed nothing, leaving me to believe that the links were being dynamically inserted somehow. It took a helpful tech support agent to show me I’d fallen for one of the oldest tricks in the book: the huge block of spam links was just _indented_ a ridiculous amount. I hadn’t noticed the horizontal scrollbar at the bottom of the text editor, and sure enough scrolling over approximately 10,367 pixels to the right, there the spam was.

So after cleaning up 20 or so index files, changing passwords and updating software, all seems well again. If you run into link spam, and the usual fixes don’t help, check your logs for suspicious .txt includes, and beware of the “massive indent”.