Most search engines strive for a certain level of variety; they want to show you ten different results on a search results page, not ten different URLs that all have the same content.

Susan Moskwa, Google Webmaster Trends Analyst

The up-coming WordPress 2.7 introduce new advanced comment features; comment threading, nesting, paging (pagination) etc. You probably won’t have any issue with WordPress 2.7 as most of the new advanced/enhanced features is disabled by default. Thats a good news.

Unfortunately for those enthusiastic user (like me) who wish to use the Comment paging, there is one caveat; multiple similar content. The below screenshot is taken from Google webmaster diagnostic tools for duplicate content.

Comment paging duplicate content

If you have Google Webmaster account, check out the diagnostic Content analysis tools. There is high potential that your blog will generate duplicate content (if the comment paging feature is enabled).

How to prevent duplicate content

Reducing duplicate content in your website is a good SEO practice. I made a small filter script for WordPress 2.7. The script ↓ will append robots noindex meta tag rules on comment page section. This methods will prevent search engine indexer and services from indexing your blog’s comment page.

noIndex meta view code

/**
 * void wpi_comment_paging_noindex_meta()
 * Add meta noindex rules on Singular comment page section
 *
 * @author	Avice D <ck+filter@kaizeku.com>
 * @license	http://www.gnu.org/licenses/lgpl.html GNU Lesser General Public License
 * @link 	http://blog.kaizeku.com/wordpress/prevent-wordpress-27-duplicate-content/
 *
 * @todo	Check for duplicate meta-robots tag generated by
 *		meta-tag type plugins (SEO plugins)
 *
 * @uses	$wp_query	Wp_query object
 * @return 	string 		Output HTML meta noindex
 */
function wpi_comment_paging_noindex_meta()
{	global $wp_query;

	if (version_compare( (float) get_bloginfo('version'), 2.7, '>=') ){

		if ($wp_query->is_singular && get_option('page_comments')){ // comments paging enabled
			if (isset($wp_query->query['cpage'])
				&& absint($wp_query->query['cpage']) >= 1 ){

				echo '<meta name="robots" content="noindex" />'.PHP_EOL;
			}
		}
	}
}

add_action('wp_head','wpi_comment_paging_noindex_meta');

Why duplicate content is bad for your blog?

• Having multiple search crawler indexing the same content on your website (over and over) is an absolute bandwidth waster.
• Bad PR. This are quite debatable to the point of myth, some search engine penalize website for duplicate content but according to Google webmaster team “If the duplicate content is not done to game (deceive) the search results there is no penalty”. Just pretend all major search engine service does have penalty rules for duplicate content issues. From my past experiences there is no telling or earlier notice “they’ll just drop you, so can you spent sometimes to figure out the why later” .
• Bad SERP, rationally the main articles that you post should have more weight than the rest of the comment page or sub page, you don’t want to see your archives or comment page on Search Engine results while your main articles is no where to be found.

Plug-it

I don’t have any intention of making any WP plugin out of this simple function as this issues will probably be address and solve by WP’s developer or someone else up there. This code is release under open-source license, do whatever you want with it.

Might be interest

• Google Webmaster: Crawling and Indexing
• Demystifying the “duplicate content penalty”

PHP create_function()

The new variant from wordpress.net.in & qwetro.com used the “anonymous PHP create_function” to append their spam links on their victim blog. Below is quick patch to disabled the mischievous “create_function” injection on wp_head.

The below code will look for “�lambda_n” function inside wp_head wp_filters array and remove the action hook silently. I assume that any sane developer will never used this unstable PHP function.

/**
 * Remove create_function action hook
 * append on wordpress wp_head filters
 *
 * @author Avice De'véreux <ck@kaizeku.com>
 * @copyright Copyright (c) 2006 Avice De'véreux
 * @version 1.0
 * @license http://www.gnu.org/licenses/lgpl.html GNU Lesser General Public License
 * @link http://blog.kaizeku.com/wordpress/goro-spam-injection-wp-head-patch/
 */
function remove_create_function_action()
{ global $wp_filter;

	$action_ref	= 'wp_head';
	$filter 	= $wp_filter[$action_ref];
	$_lambda	= array();

	foreach(range(1,10) as $priority){

		if (isset($filter[$priority]))
		{
			foreach($filter[$priority] as $registered_filter ){

				$callback = (string) $registered_filter['function'];

				if ( preg_match("/lambda/", $callback) ) {
		 	 		$_lambda[$priority][] = $callback;
				}
			}

		}
	}

	if ( count($_lambda) >= 0 ){

		foreach($_lambda as $priority => $callback) {
			if ( has_filter($action_ref,$callback) ){
				remove_filter($action_ref, $callback, $priority, 1);
			}
		}
	}
}

add_action('init','remove_create_function_action');

note: This method only disabled the spam link from showing on your blog header. it wont fixed your blog vulnerabilities. your blog still owned thought. Tips → http://wordpress.org/download/

Download

• Note: There is a file embedded within this post, please visit this post to download the file.

Related Articles

• Fixes wordpress.net.in Spam Footer Injection
• Roberto Galoppini’s, Wordpress Spam Injection: ‘Goro’ hacked my blog

Blake Ross

Who's Blake Ross

Excerpt from wikipedia

Blake Aaron Ross is a software developer who is known for his work on the Mozilla web browser; in particular, he started the Mozilla Firefox project with Dave Hyatt, as well as the Spread Firefox project with Asa Dotzler while working as a contractor at the Mozilla Foundation.In 2005, he was nominated for Wired magazine’s top Rave Award, Renegade of the Year, opposite Larry Page, Sergey Brin and Jon Stewart. He was also a part of Rolling Stone magazine’s 2005 hot list.

Image Source, The cover for issue #13.02 (the February 2005 edition) of Wired magazine featuring Blake Ross holding a Firefox globe as part of the lead article, The Firefox Explosion, about the browser’s development history.

HTML Source & ScreenGrab

• blakeross-com-022808-source.txt
• Screenshot taken on Feb 28th, 2008

WordPress Vulnerability

1. Outdated WordPress

   • WordPress 2.0.4 Exploit & Vulnerability

     • Blake’s is running on WordPress 2.0.4 first release on Jul 29th, 2006.
     • wp-db-backup.php directory traversal Rev.4226
     • Mark Jaquith on WordPress 2.0.5 Changelog
   • µ Proxy Cached: blakeross.com WordPress Version (feed)

2. WordPress Core Directory & Plugins Informations Leak

   • View blakeross.com WordPress Core Directory Listing

     Index of /wp-includes
     
      Name Last modified Size Description
     
     [DIR] Parent Directory 25-Dec-2006 01:14 -
     [ ] cache.php 03-Sep-2006 23:52 11k
     [ ] capabilities.php 03-Sep-2006 23:52 11k
     [ ] class-IXR.php 03-Sep-2006 23:52 27k
     [ ] class-pop3.php 03-Sep-2006 23:52 21k
     [ ] class-snoopy.php 03-Sep-2006 23:52 37k
     [ ] classes.php 03-Sep-2006 23:52 51k
     [ ] comment-functions.php 03-Sep-2006 23:52 31k
     [ ] default-filters.php 03-Sep-2006 23:52 5k
     [ ] feed-functions.php 03-Sep-2006 23:52 4k
     [ ] functions-compat.php 03-Sep-2006 23:52 3k
     [ ] functions-formatting..> 03-Sep-2006 23:53 34k
     [ ] functions-post.php 03-Sep-2006 23:53 30k
     [ ] functions.php 03-Sep-2006 23:53 71k
     [ ] gettext.php 03-Sep-2006 23:53 11k
     [DIR] images/ 03-Sep-2006 23:50 -
     [DIR] js/ 03-Sep-2006 23:55 -
     [ ] kses.php 03-Sep-2006 23:55 22k
     [ ] links.php 03-Sep-2006 23:55 20k
     [ ] locale.php 03-Sep-2006 23:55 3k
     [ ] pluggable-functions.php 03-Sep-2006 23:55 17k
     [ ] registration-functio..> 03-Sep-2006 23:55 4k
     [ ] rss-functions.php 03-Sep-2006 23:55 21k
     [ ] streams.php 03-Sep-2006 23:55 4k
     [ ] template-functions-a..> 03-Sep-2006 23:55 5k
     [ ] template-functions-c..> 03-Sep-2006 23:56 13k
     [ ] template-functions-g..> 03-Sep-2006 23:56 21k
     [ ] template-functions-l..> 03-Sep-2006 23:56 15k
     [ ] template-functions-p..> 03-Sep-2006 23:56 15k
     [ ] template-loader.php 03-Sep-2006 23:56 2k
     [ ] vars.php 03-Sep-2006 23:56 3k
     [ ] version.php 03-Sep-2006 23:56 1k
     [ ] wp-db.php 03-Sep-2006 23:56 10k
     [ ] wp-l10n.php 03-Sep-2006 23:56 2k 
     
     Apache/1.3.39 Server at blakeross.com Port 80
     

     µ Proxy Cached: http://blakeross.com/wp-includes/

   • View blakeross.com WordPress Plugins Directory Listing

     Index of /wp-content/plugins
     
      Name Last modified Size Description
     
     [DIR] Parent Directory 27-Sep-2006 22:27 -
     [DIR] akismet/ 03-Sep-2006 23:52 -
     [ ] hello.php 03-Sep-2006 23:52 2k
     [ ] wp-db-backup.php 03-Sep-2006 23:52 30k 
     
     Apache/1.3.39 Server at blakeross.com Port 80
     

     µ Proxy Cached: http://blakeross.com/wp-content/plugins

Hardening Wordpress?

There is 105,000 WordPress blogs leaking their plugins informations for BotNet to scan.

Blackhat SEO targeting High PR WordPress Blog

Blake Ross is not alone, there is similar Spamride cases for the past few months. Below is are few “High PR WordPress Blogs” with similar issues.

Others Popular Victim

• Al Gore’s Blog
• Bluehost Hostmonster CEO’s Blog
• blog.indeed.com
• thinkingphp.org
• floaridablog.org

Predefine post

What a joy, they come in pair.

Questionnaire

What Daniel’s meant by interesting is actually more prosaic than the real meaning. he was hammering my blog for 4 days long with the same repetitive comments. I’d to quickly blocked him via .htacess and submit his particular details to spam reporting services.

One Liner

This type of spamming is redundant in my blog. Almost 80% of it is from CHINA. And that is very suspicious as this might be a forge address by Russian black-hat. Notice the famous name (Socrates & Sophocles). Its very noble.

How to identify a SPAM posts?

From my dictionary.

1. If the comment is ambiguous its a spam.
2. Giving out fake email address. A quick telnet will do the job
   Looking up IP address for mx1.hotmail.com.
   The IP address for mx1.hotmail.com. is 65.54.245.8sending HELO
   response: 220 bay0-mc9-f23.bay0.hotmail.com Sending unsolicited commercial or bulk e-mail to Microsoft’s computer network is prohibited. Other restrictions are found at http://privacy.msn.com/Anti-spam/. Violations will result in use of equipment located in California and other states. Mon, 8 Oct 2007 08:49:24 -0700 250 bay0-mc9-f23.bay0.hotmail.com (3.4.0.37) Hello [xx.xx.xx.xx]sending RCPT TO vanessyto@hotmail.comresponse: 550 Requested action not taken: mailbox unavailable
3. Using the blog name for reference, as in my case the spammer used “Kaizeku Ban” as reference.
4. The author is using the same IP address with the target website. This is debatable, but still good points to check.

How to identify a spam website?

Most of spam websites register their domains under anonymous registrant. So be alert for this type of sites.

Protection against spam

Today’s email and blogging software (CMS) has standard a build in spam protections but it still not good enough as spammer is getting better and cunning at every turn. I think the best protections from spamming is for you to have a “white-list” of trusted network. As it will save you from writing endless filter. Just let the one you trust to contact you and let rest of the worlds in the waiting list.

At this time of writing there is 4 million search results for “stop spam” query on Google. This should make spam as an industry by itself. How many spam should we get in the next 10 years is all depend on how much profit it makes for spamming.

There wouldn’t be spam if there wasn’t money in spam.

Related links

• Google Spam Report
• Yahoo! Spam Report
• SpamCop
  
• Federal Trade Commission
• Spam Reporting Address

view it at viddler.

[ratings]

This post is password protected. To view it please enter your password below:

Password: