Iframe-B-Gone 1.1

Announcing the immediate availability of Iframe-B-Gone 1.1.0. This new version’s interface matches better with WordPress 2.5’s new dashboard. A dashboard widget performs quick scans of the default terms (yes terms, delimited by commas) and counts how many infections have been cleaned. Note that even with multiple search terms possible, only automatic removal of iframe tags is fully supported. That said, the WordPress Exploit Scanner may be a more valuable tool even though it does not automatically protect against iframe injections.

-John Havlik

[end of transmission, stay tuned]

New Database Server

So this past weekend the new database server was installed (physically) at the data center. On Monday JD installed Gentoo, and then I setup mySQL on it (plus some security things). Last night JD transfered over this blog and another over to the new database server for initial performance testing. Later this week and month, additional blogs hosted by Weblogs.us will be transfered over and performance tweaks will be applied. Hopefully, by June everyone will be on the new database server. At that point, signups for more blogs may be possible. It also looks like we may be reintroducing the Weblogs.us front page that I designed a while back.

Right now, the speed increase is apparent on this blog, especially when working in the WordPress dashboard. All those AJAX elements instantaneously load now. Additionally, Spam Karma 2’s administrative section loads much faster than before. There should not be any more of those failed comment submissions due to timeouts now, which is an all around plus.

-John Havlik

[end of transmission, stay tuned]

One Regular Expression

i.?[:punct:]?.?f.?.?.?r.?.?.?a.?.?.?m.?.?.?e

That should find most iframe phrases when used in a SQL query, which I won’t lay out here (fairly easy to do with phpMyAdmin, it’s literally a copy and paste procedure in the “search” form just change the mode to the proper setting). I tested it against over a year and a half of my archives with some purposely planted and obscured iframes and it has no false positives. This will find any iframe obscured via methods found in attacks on Weblogs.us and it’s users. It may be advantageous to remember this for when Iframe-B-Gone is ready.

-John Havlik

[end of transmission, stay tuned]