TRIPAWDS: Home to 24989 Members and 2184 Blogs.
HOME » NEWS » BLOGS » FORUMS » CHAT » YOUR PRIVACY » RANDOM BLOG

Who needs domain mapping?

I wonder just how many Tripawds Bloggers might consider upgrading with a Supporter subscription if they could have their very own custom domain mapped to their blog. And by that, I mean how many would like the idea of blogging about their pups at yourblog.com instead of yourblog.tripawds.com.

The answer will determine whether or not we implement the Domain Mapping plugin from WPMU Dev Premium here. It integrates with the Premium Supporter plugin we use, and would enable Tripawds Supporters to enter their registered domain name and have their blog appear online at that address instead of here at theirblog.tripawds.com. Domain registration would be  necessary of course, with just minor edits to the DNS record at the registrar.

So, really cool new feature? Or, more hassle than it’s worth?

In the meantime, I’ll explain what I did to redirect our parked domains to this WPMU install. Any WordPres MU site admin who searched and found this post may now be saying, “You can’t do that” and they are right. That’s why we’re considering the Premium Domain Mapping plugin. At which point they may now be saying, what about Donncha’s free WordPress MU Domain Mapping plugin? Well, as I mentioned, we’re considering adding this to our list of Supporter Blog features. But there I go digressing again …

How to Redirect Parked Domains to WMPU Site

After discovering that our parked domains were redirecting to the WPMU sign-up page instead of the primary blog index as expected, I searched the WordPress MU support forums and discovered that this was actually expected behavior after all. So I did some homework and figured out a work around.

Remove parked domains…

The first thing to do when redirecting parked domains to a WPMU site is to unpark them. Access your your cPanel account and remove the parked domains you want to redirect to your primary blog, assuming they are already parked there.

Next, click the Addon Domains button in your cPanel account. Here you will create add-on domains for all those you have registered and want to redirect to your primary blog.

cPanel Addon Domains

Once you have added the domain, return to Addon Domains and select Manage Redirection. Redirect the new domain you just added to the root of your primary blog (or wherever you desire) and click Save. That’s it!

You will notice in the screenshot that I renamed the file directories in my document root to keep folders for all the addon domains nice and tidy together. They will all reside in the public_html directory where you installed WordPress MU.

This method proved quick and simple for me. And you will now notice that tripawds.org and tripaws.org now both successfully redirect to tripawds.com. It’s a workaround, and it’s not true domain mapping as you will notice in the address bar, but it does the trick for us. If more than a handful of members are interested in upgrading to have custom domains for their blogs, I can just remove these Addon domains and install the Domain Mapping plugin.

How to automatically redirect web pages

Another option I considered before figuring out this workaround, was to set up hosting accounts for the parked domains and add static pages for auto redirection. Below are a few methods for doing that if anyone is so inclined.

Manual URL Redirect…

The simplest way to redirect visitors from any web page to another is with a manual URL redirect, forcing them to click a link to proceed:

Please follow <a href="http://www.example.com/">link</a>!

Redirect Domain using Refresh Meta tag…

Using the “meta refresh” method, it is possible to specify the URL of the redirect page, thus replacing one page after a specified time by any other. A timeout of 0 seconds means an immediate redirect:

<head>
<meta http-equiv="Refresh" content="0; url=http://www.example.tld/">
</head>

Auto-Forward web page using PHP…

In PHP, header() is used to send a raw HTTP header to the browser. Using the location function, this can be used for auto-redirection. Note that header() must be called before any actual output is sent:

<?php
header("Location: http://example.tld/");
?>

Redirect web site using .htaccess…

There are many methods to redirect a web site using the .htaccess file. Adding this to the .htaccess file of the domain you want forwarded is the most basic:

# redirect entire website to another domain
Redirect 301 / http://example.tld/

Permanent redirect HTTP Status C0de 301…

Adding the HTTP 301 Status code to any web page before the opening <head> tag will result in immediate and permanent redirection:

HTTP/1.1 301 Moved Permanently
Location: http://www.example.org/
Content-Type: text/html

How to extend Supporter Blog subscriptions

Tripawds Supporter Blog subscriptions are automatically renewed via PayPal, based on the renewal term selected when upgrading the blog. If a PayPal subscription is canceled before the renewal date, enhanced Supporter blog functions will be deactivated upon the renewal date, no sooner.

This is all made possible using the Supporter plugin available with our WPMU Dev Premium membership. But it puts site administrators – that’s me – in a position to wonder about how to handle early cancellation of a Supporter subscription if the blogger has been generous enough to contribute to Tripawds with a separate donation. This happened recently – thank you Maggie! And here’s what I did to modify the renewal date that appears in the Supporter tab of her dashboard.

Any WordPress MU site administrator who wishes to extend a Supporter subscription for longer than the 365 day maximum allowed via the Admin panel:

  1. Access your WPMU database with PHP MyAdmin
  2. Find the wp_supporters table and click Browse
  3. Find the blog ID* with the date you want to modify and click Edit
  4. Enter your desired Unix timestamp** in the expire field and click Go

*The blog ID is the first digit(s) of the Custom Number field in the Supporter subscription announcement email. For example, blog ID #294 with a 3 month $10 subscription is identifed by Custom Number: 294_3_10.00_USD_1234567890

**The Supporter Subscription expiration date is identified by Unix time, or POSIX time, which is a system for describing points in time, defined as the number of seconds elapsed since midnight of January 1, 1970. Many Unix Time Conversion tools can be found online.

For additional help using Supporter 2.o please visit the WPMU Dev Premium Support forums.

The Ongoing Fight Against Spam Blogs

The fight against Spam Blog registrations for any WordPress MU site administrator – that’s me – is an ongoing battle, that often seems to have no end. But at the risk of jinxing things I would like to think we are finally winning the war against these splogs, which are much worse than any old Spam.

Splogs - Even Worse Than Spam!

Tripawds members can feel free to report questionable blogs here in the Tech Support discussion forum. Just keep in mind, that said blogs may very well be deleted by the time you do so since we are always doing our best to immediately get rid of any that actually get created. We just can’t do so in our sleep. Thank Dog there are tactics that can!

WPMU site administrators may be interested in the available anti-splog options and these steps we took to slow the flow of splogs here at Tripawds …

Restrict WPMU User and Blog Registration

The only bulletproof way to keep splogs out of your WPMU site is to disable registration, and require users to email requests for signup. We’re not about to do that since we want all new users to have immediate access to our canine cancer discussion forums, and be able to start sharing their three legged dog stories right away.

The Secure Invitations WPMU plugin stops access to your signup page, except where the visitor has been invited and clicked the link in their invitation email. This seems like a great solution for stopping automated splog signups on private or corporate installations, but it would not work for us. Too many people find Tripawds when searching for help to allow registration on an invitation only basis.

Edit .htaccess to Stop Automated Spam Blogs

One sure fire way to stop automated spam blog registrations is to ban any signups resulting from POST requests (form submissions) for wp-signup.php that have not been sent from a web page within the WPMU site itself. D’arcy Norman makes this easier than it sounds.

For complete details, or to ask any related questions, please visit his original post about how to stop WPMU spam blogs with .htaccess file edit. Be sure to read the comments there as many concerns have been addressed.

To summarize, however, adding the following to your .htaccess file will indeed stop most if not all automated spam blog registrations:

# BEGIN ANTISPAMBLOG REGISTRATION
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-signup\.php*
RewriteCond %{HTTP_REFERER} !.*yourdomain.tld.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://die-spammers.com/ [R=301,L]
# END ANTISPAMBLOG REGISTRATION

All you need to do is change yourdomain.tld to the domain of your WPMU website, and change die-spammers.com to wherever you want potential spammers redirected. We send them here for an explanation, since there may be a rare occasion when legitimate users might get blocked – if they clicked the signup link from an email they were sent, for instance.

Another more serious tactic to deploy is banning any spam blog registrations from specific ip addresses. This can also be done by editing your .htaccess file. Check your server logs or new registration emails to find out where they’re coming from and then block their IP addresses in your .htaccess file by adding the following:

# BEGIN IP ADDRESS BAN
order allow,deny
deny from 192.168.44.201
deny from 224.39.163.12
deny from 172.16.7.92
allow from all
# END IP ADDRESS BAN

Or, block a range of IP addresses:

# BEGIN BAN IP ADDRESS RANGE
order allow,deny
deny from 192.168.
deny from 10.0.0.
allow from all
# END BAN IP ADDRESS RANGE

Please note that the IP addresses shown are examples only! Special thanks to Sarah over at WPMU.org for this one, and other tips to get rid of spam blogs once and for all.

Stop Common Spam Users in Their Tracks

Using cPanel …

At this point, I thought we had defeated the sploggers. But alas, before long we had more Money Making Tips for Tripawds. After getting tired of editing our .htaccess file, I took to banning IP addresses directly from cPanel using the Quick Deny feature of csf – ConfigServer Firewall. This is much quicker, and enables me to easily search for banned IP addresses should a legitimate user get blocked, which has not happened yet.

Banning known spammers …

Some of the most common spam blog registrations come from easily identifiable sploggers. One such known malicious username format is fullname#### – such as geraldmason1976. No such users will ever register for Tripawds Blogs ever again thanks to our WPMU Dev Premium membership. With our membership, I am able to particiapte in the WPMU Dev Premium Support Forums where I helped test this Splog Check for Known WPMU Spammers…

Within the wpmu_validate_user_signup function, I added the following hack to disallow any username ending in four digits:

// BEGIN 4-DIGIT USERNAME BAN
$tmp_user_name = substr($user_name, -4);
if (is_numeric($tmp_user_name)) {
$errors->add('user_name', __("Username not allowed"));
}
// END 4-DIGIT USERNAME BAN

Special thanks to Dr. Mike for this one. For detailed instructions, and to take advantage of many other benefits including Premium WPMU plugins and themes, please sign up for a WPMU Dev Premium membership. And if anyone is wondering why they couldn’t join Tripawds with a username ending in four digits, that’s why!

But it still wasn’t enough to keep me from deleting far too many spam blogs every morning. It was time to edit some core files…

Reword Signup Page to Confuse Sploggers

Many sploggers use Google to find WPMU signup pages by searching for their default content. Once they find pages including phrases like “Gimme a blog!” or “Just a username, please.” they know where to go to create their next blog for stretch mark creams or making money online.

By rewording the content within our wp-signup.php file, we were able to thwart some more spam blog registrations. Here is the default content from the lines I edited to re-phrase:

  • #157: 'Get <em>another</em> %s blog in seconds'
  • #178: "If you&#8217;re not going to use a great blog domain, leave it for a new user. Now have at it!"
  • #241: 'Get your own %s account in seconds'
  • #254: 'Gimme a blog!'
  • #257: 'Just a username, please.'

Be sure to use proper HTML entities where necessary, and do not edit any PHP code – like %s whatever that means. Keep a copy of the original file to be safe! And for the record, this information is based on WPMU 2.8.6 – line numbers and code may or may not change in future revisions!

This alone was still not quite enough to keep the sploggers at bay. More extreme measures measures were necessary…

Rename WPMU Signup Page to Stop Splogs

Savvy sploggers know to search for the signup page by its file name. A simple Google search like “Gimme a blog!” inurl:wp-signup.php will result in numerous sites to attack, for instance. Nefarious automated spam bots also know to go directly to wp-signup.php for immediate registration. Renaming the WPMU signup page was the final step we took to slow splog registrations to a crawl here at the Tripawds Blogs community.

There are a few important steps, however, to keep in mind when taking this measure to stop spam blogs.

If you rename wp-signup.php there are five core file locations where the link must be updated:

  • wp-signup.php: rename file and update link to match on lines #26, #179, #242, #311, & #391
  • wp-login.php: update link to match on line #390
  • wpmu-settings.php: update link to match on line #154

Again, these are the line numbers in WPMU 2.8.6 – future revisions might differ. Now, the reason I put off doing this for so long was because we had linked directly to our signup page in numerous blog posts and discussion forum topics. Had I renamed the signup page to anything other than wp-signup.php all these existing links would be broken.

So, after discovering the following SQL query to easily search and replace terms via PHP MyAdmin, I went for it:

UPDATE wp_{id}_posts SET post_content = REPLACE (post_content, 'wp-signup.php', 'wp-renamed.php')

Simply replace {id} with the ID number of the blog you want to search. And replace ‘wp-renamed.php’ with whatever you renamed your signup page. To run the same search and replace query within SimplePress Forum posts, just replace wp_{id}_posts with wp_{id}_sfposts.  Also, be sure to edit any theme files or sidebar widgets you may have that point directly to your signup page.

Recommended solution for stopping spam blogs

The single best suggestion I have to stop all WPMU splog registrations forever is: all of the above. And I recommend implementing these steps immediately after installation of WordPress MU – before you enable registrations.

Whatever you do, don’t give up and disable registration. Do that and the sploggers win!

Trimming the Fat

I did it!WordPress Post Revisions

<pats self on back>

OK, with that said, I finally found this great SQL query for deleting old WordPress draft revisions.

What this means to Tripawds Bloggers

You may have noticed the Save Draft button in your Tripawds Blog post editor. This will do just that – save a current working draft of your post. Actually doing so, however, is unnecessary considering WordPress has it’s own auto-save function built right in. But if you are writing an important post and concerned about losing your work, go ahead and save your drafts. I am no longer concerned about database bloat!

Scroll down beneath your post editor after saving a draft and you will notice a section called Post Revisions. Clicking the link there will allow you to review the latest draft you saved, compare it to the most recent auto-save, and restore whichever one you prefer.

Why only one revision, and How?

Anyone familiar with WordPress may wonder why only one revision shows, no matter how many times the post is saved. Those very familiar might be asking how we did that.

Every saved post revision is stored in the WordPress database. Over time, especially in a WordPress MU environment, and particularly with users who tend to frequently save drafts, this can create excessive unnecessary database entries – said bloat I eluded to earlier. By limiting revisions to one draft, we are still allowing members to save important drafts and compare that draft with the current auto-save, while keeping unnecessary entries out of the database. FYI: Every draft manually saved will replace the most recent revision.

How did we do it? We are running the Limit Post Revisions WordPress MU plugin from the wpmudev.org project repository. I know, I know, limiting post revisions will not delete old drafts from the database, and that’s what truly enquiring minds want to know. We’re getting to that.

Limit Post Revisions WPMU Plugin Site Admin OptionWhat use this is for WPMU Site Administrators

Limiting post revisions can also be done with this simple hack to your wp-config file, immediately following the db_collate definition, as in…

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/** Number of saved revisions; false acts as 0 */
define('WP_POST_REVISIONS', 1);

But I like to avoid editing core files whenever possible, and much prefer to use awesome WPMU plugins. But I digress, back to the task at hand – how to delete all those old revisions in the MySQL database driving your WordPress installation…

Here is the query I used, edited for use with WordPress MU:

DELETE a,b,c
FROM wp_{id}_posts a
LEFT JOIN wp_{id}_term_relationships b ON (a.ID = b.object_id)
LEFT JOIN wp_{id}_postmeta c ON (a.ID = c.post_id)
WHERE a.post_type = 'revision'

Simply replace {id} with the id for the blog on which you want to delete old post revisions. Backup your database first! To be safe, I also exported copies of the affected tables so I could restore them quickly if anything broke. But nothing did, at least not that I can tell, yet. 😉

In our case, I reduced file size of our wp_1_posts export from more than 11 MB to less than 2MB! Please note, this worked for me. No promises, and good luck!

Many thanks to Andrei for providing this query, and explaining how it will remove related entries from the postmeta and term_relationship (i.e.: tags, categories, etc.) tables. I found many references to the following query for deleting post revisions, but Andrei’s solution gave me the confidence that all unnecessary data would be deleted from the database.

DELETE FROM wp_posts WHERE post_type = "revision";

While we’re at it, for anyone looking to delete all old post revisions from a basic WordPress install, here ya go…

DELETE a,b,c
FROM wp_posts a
LEFT JOIN wp_term_relationships b ON (a.ID = b.object_id)
LEFT JOIN wp_postmeta c ON (a.ID = c.post_id)
WHERE a.post_type = 'revision'

Hope this helps someone, as much as it helped me!

We have a blog ring now.

Wanna see a random Tripawds Blog?

Every Tripawds Blog is now linked together in a true Blogger style Ring of Blogs. Users can now stumble upon another totally random three legged dog blog by following the links now found site-wide here at Tripawds. Each Tripawds Blog now has a common navigation strip, something like this…

» RANDOM TRIPAWDS BLOG » FORUMS » CHAT » DIRECTORY » JERRY’S BLOG »

By clicking the RANDOM TRIPAWDS BLOG link, you will be taken to the next RANDOM TRIPAWDS BLOG which has the same strip for visiting the next RANDOM TRIPAWDS BLOG, and so on, and so on.

For those wondering just who might be blogging about their dogs here, this is a easy way to discover what you’re missing. The top 100 active Tripawds Blogs are always listed on the directory page, but cruising the blogs this way should be more fun. We hope you enjoy it.

The only problem I see so far, is that many Tripawds members create a blog upon signup, but never actually start blogging. 🙁

So why not drop on comment on those blogs to let them know what they are missing? The more stories we can share here, the better a resource this community becomes for those facing cancer or amputation with their dogs.

So, how did I do this?

For anyone interested, I implemented this Blogger style blog ring for WorPress MU using these two free plugins available from the WPMUDev.org project repository:

WPMU Footer HTML
This WPMU Plugin enables you to insert any HTML into the footer of all blogs posted within a single WPMU install. With a little hacking, it will place inserts in the header too. Sure, it’s takes a little hardcode effort to customize, but for a CSS neophyte like me it just worked better than Global Header which had the sweet Admin interface I preferred.

WPMU Random Blog Redirect
This mu-plugin allowed me to create a global link to http://tripawds.com/?random which will redirect readers to a random Tripawds blog, in classic StumbleUpon-like fashion.

I am always cautious about installing old WPMU plugins, especially those that appear to be no longer maintained or supported. I much prefer to install the plug and play plugins available with our WPMU Dev Premium membership. But I wanted to make this specific functionality work, and I carefully tested things first on our development installation.

This version of Random Blog may be two years old, but it is apparently working fine. And since the discussion about WPMU Footer that helped me get it working seems to have disappeared into the ether, I’ll share how to ad header inserts in this global footer plugin…

First, I’m using v. 1.0 since v. 1.1 had some issues with the header inserts, which I just added right before the final php function:

add_action(‘wp_head’,’jas_wpmu_css_footer’)

Correct, the header insert code goes after that for the footer. Whatever, it works for me! No promises for anyone else. 😉

But your saying Jim, banner ads are in the header too? Using the WPMU Dev Premium Supporter plugin, we are able to automatically remove banner ads from all blogs while keeping the community navigation strip. I did this by wrapping the ad code within an optional Supporter script and placing HTML for the navigation after that.

Hope this helps clear up any questions about the new Random Tripawds Blogs navigation strip, and how it got there.

UPDATE: Download WPMU Footer HTML v.1 here.

Behind the Scenes is brought to you by Tripawds.
HOME » NEWS » BLOGS » FORUMS » CHAT » YOUR PRIVACY » RANDOM BLOG