Archive for September, 2011

Security Issues

Two such issues, actually. 

When I recent­ly installed a SEO plu­g­in, it includ­ed a log of all “404” calls. Each “404” is a serv­er response to an attempt to find a non-exis­tence page the blog. 

One of these issues involves a bla­tant attempt to fish for spe­cif­ic PHP files (the script­ing lan­guage files that serve as the back­ground for the web­site) that have a known secu­ri­ty error. This file, named “timthumb.php” is not present in the stan­dard Word­Press instal­la­tion but it is includ­ed in some themes and plu­g­ins, and is used to manip­u­late screen image files. The intent is to use access to this file to bypass the web­site secu­ri­ty by tak­ing advan­tage of this file’s abil­i­ty to write a any kind of file into the Word­Press direc­to­ry, after which the per­son can use that file to gain access to the entire direc­to­ry sys­tem, upon which they are able to mod­i­fy exist­ing PHP files or install their own soft­ware there. 

For­tu­nate­ly this web­site is not affect­ed: I don’t have or use any oth­er themes or plu­g­ins which include that spe­cif­ic file. How­ev­er, the inter­mit­tent, repeat­ed attempts to find this file does cause some load on the sys­tem and are annoy­ing, which is why I am try­ing to block them any way I can. 

The oth­er issue involves the “spi­der” robot, the web device that scans web­site sites for infor­ma­tion and changes to web­sites. All the major web search sites, like Google, Bing, Yahoo, etc., use them, and for the most part, they are well-behaved. But there is one that is not, and that’s the Baidu spi­der robot. Baidu is the major Chi­nese web search site. Ever since I installed the “404” mon­i­tor, I have seen dozens, if not over a hun­dred, attempts a day of the Baidu spi­der crawl­ing my blog and search­ing for a spe­cif­ic, non-exis­tent file under a com­bi­na­tion of many dif­fer­ent loca­tions. Its almost as if the spi­der robot pro­gram is bad­ly designed and does­n’t under­stand that is com­plete­ly miss­ing the pic­ture here. 

What links these two issues is the fact that I have not been able to block either using the two com­mon web­site func­tions “robots.txt” and “.htac­cess”. The Baidu sys­tem says that its spi­der robot obeys the “robots.txt” file but oth­er web com­men­tary insists that it does­n’t. The scan­ner that hunts for the “timthumb.php” file prob­a­bly does­n’t either. That said, I have set the “robots.txt” file to dis­al­low those two spi­der robots, with­out suc­cess. This is what I am using: 

User-agent: Baiduspider

Disallow: /

User-agent: Baiduspider/2.0

Disallow: /

User-Agent: PycURL/7.19.7

Disallow: /

The oth­er func­tion is to use the “.htac­cess” file, which is a sys­tem lev­el direc­tive to the serv­er to ignore these robots accord­ing to the user agent name they give when attempt­ing to access the web­site. Unfor­tu­nate­ly, this tile is a lit­tle more dif­fi­cult to code. This is what I have been rec­om­mend­ed to use. 

#Block bad bots

SetEnvIfNoCase User-Agent "^Baidu[Ss]pider" bad_bot=1

SetEnvIfNoCase User-Agent "^PycURL" bad_bot=1

Order Allow,Deny

Allow from all

Deny from env=bad_bot

Unfor­tu­nate­ly, it does­n’t appear to work, either. I don’t know if this is a prob­lem of cod­ing the restric­tions or if the restric­tion file is not in the cor­rect places: this is an area that I have lit­tle expe­ri­ence with. My web­site host cus­tomer ser­vice has not been much help, either. 

If any­one has a sug­ges­tion to make, feel free to respond.

“A Midsummer’s Nightmare” — Justice League

[amtap book:isbn=156389338X]

All across the world, peo­ple are devel­op­ing super-pow­ers, and the estab­lished super-pow­ered beings are nowhere to be found. Called “sparks” and the phe­nom­e­non “spark­ing”, it is turn­ing the world into a super bat­tle­ground as gangs of sparks bat­tle for turf. Its a dream of some, of hav­ing super-pow­ers, that is turn­ing into a night­mare for the entire world.

⇒ Con­tin­ue read­ing ““A Midsummer’s Night­mare” — Jus­tice League”

Banned Books Week — 2011

Sep­tem­ber 24th through Octo­ber 1st has been des­ig­nat­ed “Banned Books Week” by the Amer­i­can Library Asso­ci­a­tion and the Amer­i­can Book­sellers Foun­da­tion for Free­dom of Expres­sion. Every year, ever since 1982, these two orga­ni­za­tions pub­lish a list of the books that account for the most attempts to some­how ban or restrict them the pre­vi­ous year. 

Now, the ques­tion is, why is that some­thing this blog should care about? 

Well, for one thing, as a writer, it behooves me to defend my fel­low writ­ers from this assault not only on their own liveli­hoods but also against the major­i­ty who either don’t care or even sup­port the ideas and issues exem­pli­fied in the books a few want banned. I feel it is a writer’s job (and any oth­er cre­ative per­son) to explore ideas that some peo­ple want kept hid­den. This is more than just pro­fes­sion­al, its per­son­al: I know many peo­ple in the writ­ing and cre­ative field (this applies not just to books but also to comics, movies, TV shows, you name it) and this affects them, as well. 

But more impor­tant­ly, what is involved is the restric­tion of the flow of infor­ma­tion, which is a major con­cern of mine and one of the rea­sons for writ­ing this blog. 

And last­ly, it is because of the sub­ject of this blog. By and large, such banned books are often occult relat­ed, whether fic­tion­al (“Twi­light”) or fac­tu­al, and in some loca­tions, even the actu­al sub­ject of the blog, hyp­no­sis, what with the stereo­types involved, is a sub­ject of the supernatural. 

And the above does­n’t even account the “unof­fi­cial” ban­ning that takes place when peo­ple check out books from the library with the intent of destroy­ing them or sim­ply keep­ing them. 

If should be not­ed that one of the peren­ni­al banned books is “Brave New World” by Aldous Hux­ley, which is about a dystopi­an future where the pop­u­la­tion is, among oth­er things, con­di­tioned from the womb into their des­ig­nat­ed roles in life. 

So: read a banned book this week! If may even some­thing from the Collection. 


Update:

The fol­low­ing books are from the 2010 list of most fre­quent­ly chal­lenged books in the Unit­ed States, accord­ing to the Amer­i­can Library Asso­ci­a­tion:

1) And Tan­go Makes Three, by Peter Par­nell and Justin Richardson 

2) The Absolute­ly True Diary of a Part-Time Indi­an, by Sher­man Alexie 

3) Brave New World, by Aldous Huxley 

4) Crank, by Ellen Hopkins 

5) The Hunger Games, by Suzanne Collins 

6) Lush, by Natasha Friend 

7) What My Moth­er Does­n’t Know, by Sonya Sones 

8) Nick­el and Dimed, by Bar­bara Ehrenreich 

9) Rev­o­lu­tion­ary Voic­es, edit­ed by Amy Sonnie 

10) Twi­light, by Stephe­nie Meyer 


Banned Books Week is spon­sored by the Amer­i­can Book­sellers Asso­ci­a­tion; Amer­i­can Book­sellers Foun­da­tion for Free Expres­sion; the Amer­i­can Library Asso­ci­a­tion; Amer­i­can Soci­ety of Jour­nal­ists and Authors; Asso­ci­a­tion of Amer­i­can Pub­lish­ers; the Nation­al Asso­ci­a­tion of Col­lege Stores; the Com­ic Book Legal Defense Fund; Nation­al Coali­tion Against Cen­sor­ship; Nation­al Coun­cil of Teach­ers of Eng­lish; and PEN Amer­i­can Cen­ter.

“Vision Machine”

What could hap­pen if there was the facil­i­ty to share your vision, lit­er­al­ly, with every­one else in the world? How would that change the way peo­ple see each oth­er and inter­act? How could that change the world? How could some­one else use that pow­er of com­mu­ni­ca­tion not to increase com­mu­ni­ca­tion but to lim­it it?

That’s the ques­tion posed in “Vision Machine”.

⇒ Con­tin­ue read­ing ““Vision Machine””

‘The Hypnotized Audience’ — “The Shadow”

The March 27, 1938, broad­cast of “The Shad­ow” was enti­tled ‘The Hyp­no­tized Audi­ence’. The Shad­ow and his part­ner Mar­go Lane are embroiled in a plot to free a con­vict­ed mur­der­er by kid­nap­ping the state gov­er­nor and hyp­no­tiz­ing him into free­ing the prisoner.

⇒ Con­tin­ue read­ing “‘The Hyp­no­tized Audi­ence’ — “The Shadow””

Copyright © 2010-2021 Terry O'Brien / Arisian Enterprises All Rights Reserved

Skip to toolbar