PatchLog
Simple Hotlink protection for SEO profits
This post is not about protecting images against hotlinking, it's about protecting your downloads against hotlinking.
Problem
If you've been reading this blog you might have noticed I published some wordpress plugins, patches and an xml sitemap module for pligg. Sometimes other people write posts about my patches but instead of linking to my posts they link directly to the download. This creates a series of problems: people might miss important information about the download, page rank is uselessly transferred to a zip, tar.gz, or .patch file, and you're basically serving content for other people's posts while they rip all the benefits.
Solution
So here's an easy way to avoid it. Well you can't really avoid it but you can benefit from it. All you have to do is set up a .htaccess file in your wp-content/upload directory ( that's where downloads are storred by default, feel free to change the location if you're using something else.
This .htaccess file will check the referer of every request on any file in that folder and if the referer doesn't match your domain it will redirect the visitor the search page on your blog with the search term set to the name of the file they wanted to download. most of the time this search will show as the first result the post where you published.
Here's how the file looks on my blog:
RewriteEngine On
RewriteBase /wp-content/uploads/
RewriteCond %{HTTP_REFERER} !(www\.)?patchlog.com [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule ([^\/]+)$ http://patchlog.com/index.php?s=$1 [R=permanent,L]
Pretty simple huh?
What about the SEO profits?
As you can see the last rule redirects using a permanent redirect and this means google will transfer page rank to the search page.
Other solutions?
This method is good because it's really easy to implement, but I would like a method that would redirect the visitor directly to the post page instead of the search page. I'm hoping the wordpress download monitor plugin that I'm using will at some point implement an advanced hotlink protection method but until then or until I find time to do it myself this is good enough.
Manual Wordpess Version Check
When a new wordpress version is released you'll probably find out about it sooner then it will be available for automatic installation in your wordpress admin.
This is because wordpress checks for new versions twice a day,but the check is scheduled based on the time when you installed wordpress so unless you're lucky you'll have to wait for up to 12 hours before the update shows up in your wordpress admin and use it.
This gave me the idea that it would be nice if you could check manually as soon as you find out about the upgrade, so I created this plugin that just gives you a button that you click and it will check to see if there's an update available right away. If it finds on it shows you the upgrade link.
Download: WP Version Check-0.1 (95.2 KB)
To check for an update go to wordpress admin -> Tools -> Version Check
OpenID server on php 5.3
You want to turn your blog into an OpenID server so you can login to sites accepting OpenID with your own OpenID url.One nice advantage of this is that if you're already logged into your blog you don't have to provide a username and password anymore.
The Problem
You install the OpenID plugin, configure it as a server, but you run php 5.3 and the server part of this plugin doesn't work with PHP 5.3.
The Solution
Download my patch ( for OpenId 3.3.2 plugin ) :OpenID Server php 5.3 patch-0.1 (907 bytes)
Copy to wp-content/plugins and run:
patch < openid-server-php.5.3.diff
For the lazy ones here's a version of the OpenID plugin that's already patched: OpenID Server php 5.3 Patched Plugin-3.3.2 - 0.1 (402.61 KB)
Just install it instead of the original plugin.
Follow Self Pings
The Problem
Wordpres creates all links to comment author's site or pingbacks/trackbacks with "nofollow external" . This includes links to your own blog. Apparently this is bad for your pagerank according to this post:Pinging Your Own Blog Posts? Good or Bad?
The Solution
On that article mentioned above, the author suggested that you can use a plugin that would make wordpress stop creating pingback links to your own blog. I didn't like that idea so here's mine: a plugin that will make wordpres NOT add "external nofollow" to the pings to your own blog.
The plugin doesn't require any configuration, just download, install , activate and forget about it.
Download
UPDATE: The plugin is now hosted in wordpress plugins directory. That means you can install it dirrectly from your wordpress admin or go to it's page to download it: Follow Self Pings Plugin
The first version of the plugin had a small bug that prevented it from working on blogs that were installed in one directory and had the home page pointing to something else. This bug is fixed in version 0.2 . You should be able to update it from the plugin admin.
Faster wordpress page admin
In a recent post about wordpress I explained how you can create a lot of pages really fast. If that went well and you inserted a few thousand pages in your wordpress blog the page admin became useless. Displaying the list of pages would take 3 minutes for 7000 pages on my test server.
It seems this is not a new problem and there is a bug created in 2007 about it. Although it seems like there was a patch to fix this, the problem still exists in the 2.8.4 version.
Why is this so slow ?
Short story: because wordpress is trying to display and sort pages hierarchically .
At first I thought the problem was caused by the sql queries that fetched all the pages ( even though it doesn't display all of them on a page ) but that was not the case.
After profiling the code with xdebug and Kcachegrind I found there were a few parts of the code that were taking the longest time to complete.
The main problem is that wordpress is trying to find the children for all the pages in an inefficient way. There is this function get_page_children in wp-includes/post.php which was taking about 2 thirds of the total time to complete ( ~ 2 minutes on my example ).
The Solution
I rewrote that function to make it a lot more efficient. In my case it reduced the time from 2 minute to 1-2 seconds but on other page hierarchy it might take more, the worst case being when every page is the parent of another page. The diff is here : Fast page_get_children-0.1 (1.05 KB)
The second problem is that wordpress updates the page cache every time you list pages. This was taking almost 1 minute to complete. I'm not sure if it's the right thing to just remove that call to update_page_cache in wp-includes/post.php get_pages , but doing that made the page admin load in about 15 seconds.
Now this might still be annoying but it's way better then 3 minutes. Hopefully at least the new get_page_children function will b included in the next wordpress release... maybe you can help promote this ticket by giving it a positive vote although I'm not sure if those votes actually have any influence.
Ask me questions
Have a question about unix, linux, freebsd. Or maybe you want some advice about configuring apache, mysql,an email server like exim, qmail, postfix, a proxy server like squid cache or antinat, dns or anything else similar. Want some help with php programming or maybe you want to create a wordpress plugin?
Feel free to ask and I'll do my best to answer it on this blog. I will publish a new blog post for each question and my answer.
You can use the contact form or ( if your question is short enough ) you can send it to me over twitter
You can follow me on twitter or subscribe to my RSS feeds if you want to be notified when I post the answer to your question.
WP-Twitter-ID Social Profiles Integration
A few days ago I wrote a post about a wordpress plugin that will add a twitter id field to the comments form and I was reporint two problems with it. One was solved in that post and for the second one I'm going to show you a solution in this post.
The Problem
The second problem was that the twitter id field was show assigned to a comment when a registered user was commenting.
Basically I needed a way to specify the twitter id of a registered user in the profile and then just make the WP-twitip-id plugin use that value form the profile. I could have done this by implementing the necessary code to show the field on the profile page and save it's value when the profile was saved but I was lazy and I wanted a quicker solution.
The Quick Solution
The quick solution was to install the Social Profiles plugin, set my twitter id in my profile and then do a simple modification to wp-twitip-id.
To make the modification just open wp-twitip-id.php in any editor, look for "function addtwitterfieldmeta($comment_data){" and right after that line insert the following code:
if(!empty($_POST['atf_twitter_id'])){ $twitter=$_POST['atf_twitter_id']; }else{ $current_user = wp_get_current_user(); $user_id = $current_user->ID; $twitter=get_usermeta($user_id,'cyc2_twitter'); }
That's it. Simple don't you think ? Now next time you post a comment as a registered user you should see your twitter id in the comment header.
Download
Here's the zip file with all modifications including the one in the previous post.
WP-Twitip-ID-0.9.2 (13.3 KB)Twitter id comment field
I saw this post on problogger about how Darren implemented a new field in the comment form for his new blog about twitter tips powered by wordpress. Basically he used a plugin for adding and extra field to the comment form and then modified the comment template to show the link to the twitter profile page.
There are two problems with this approach. #1 Unlike the author name, email and web site, the twitter id field is not saved in a cookie so your comentators will have to fill it in every time they post a comment, this migh be annoying for some of them. the second problem is that if you're logged in and want to reply to a comment there's no way you can set the twitter id.
The first problem was almost solved by a new plugin named wp-twitip-id by Andy Baily specially created for setting up the twitter id field. I said almost solved because this plugin uses javascript to add the new field and in some cases ( depending on the template you are using ) javascript would not be the best way to do this.
Luckily you can use this plugin without javascript and add the new field manually by modifying the comments.php template file but then the cookie would not work anymore so it needs some modification to set the cookie from the php script instead of javascript .
Simply calling setcookie before the comment is saved will do the work, then when you display the form field just use $_COOKIE['atf_cookie'] to set the value of the twitter field.
If you like to modify some plugin code get the wp-twitip-id plugin, open wp-twitip-id.php look for addtwitterfieldmeta function and add
setcookie('atf_cookie',$twitter,time()+60*60*24*60);
right after the line with this code: 'if($twitter){'
Then go into wp-content/themes/<yout_theme>/ edit comments.php look for the URL field and add a new field after it like this:
<input name="atf_twitter_id" type="text" value="<?php echo $_COOKIE['atf_cookie']?>" />
You might have to add some other html code and css to make the field look like the others but that depends on the theme you are using.
For convenience I have attached the modified plugin but you still have to modify the comments.php file in your theme.
wp-twitip-id-091
Let me know how this works for you. Do you think the twitter id comment field is worth the effort ? Does it bring value to you it as a commentator?
wordpress 2.5.1
I have just upgraded to wordpress 2.5.1. My upgrade routine worked well without any problem.
The new release seems to bring a few bug fixes to some annoying issues and a security fix as well as some performance enhancements.
Unfortunately the automatic plugin updater still fails at times and doesn't save the ftp password and the media uploader still renames .tar.gz files in a stupid way.
Upgraded wordpress to 2.5
I have finally upgraded wordpress to 2.5.
The old version was 2.3.1 ( yeah that old ) and the upgrade was pretty smooth. I didn't use plugins like instant upgrade for this upgrade but I'm thinking of using for the next upgrades.
How did I do it?
I have my own method for this. It's very similar to what they descibe in the official upgrade docs but a bit modified.
Here are the 7 steps I followed:
- backup the database using the backup plugin
- remember ( write a list of) active plugins then deactivate all ( so if any plugin will not work in the new version you can still access the blog and the admin interface )
- make a backup of all files ( assuming current install is in public_html ):
cp -rp public_html wp-2.3.1_backup
- download and extract the new version ( it will create a wordpress folder so make sure you don't already have one cause it will overwrite the files in it ) :
wget http://wordpress.org/latest.tar.gz tar -xzpf wordpress-2.5.tar.gz
- use rsync to copy the new files over the old files ( note the exclusion of wp-content to preserve the modifications you might have done to themes and plugins ) :
sync -avz --exclude=wp-content wordpress/ public_html/
- call the upgrade.php script, go to : http://your_own_blog.tld/upgrade.php
- reactivate the plugins you had active before the upgrade
The whole thing took about 10 minutes and there were no problems encountered except for a few plugins that could not be reactivated because they were incompatible with the new version.
What I like about it?
I like the new interface,it seems friendlier, faster, more slick and I was getting bored of the old one.
I don't care much about the dashboard, but I love the way the WYSIWYG editor works.
I think the feature that I love the most is the automatic plugin upgrade but this is also the one that I think it needs more work ( of course there may be others that I did not notice yet )
what id didn't like?
Here are three problems I found with the automatic plugin upgrade:
- the first time I tired it id didn't seem to care that I selected "No" for the "Use SSL" option and it just told me it could not connect.
This was because my ftp server did not have ssl enabled but it was impossible to know this was the cause because it was clear to me from the web interface that it was not using SSL until I went in the code and just run a print_r on the $credentials variable .
I'm not sure why this happened, I guess a bug. I had to go into the database and manually edit the ftp_credentials option and set ssl to 0 and then the plugin upgrade worked. - It doesn't remember the value of the "Use SSL" option. After I go in to upgrade another plugin the option is set to "yes" even thou in the database it is 0.
- it removes the old plugin first and then tries to install the other. If the new version install doesn't work for some reason you are left with no plugin and you will have to go in and install manually the old way. I think a bettwe approach would be to first deactivate the old plugin, make a backup copy, try to install the new one and if it doesn't work restore the old plugin.
Conclusions
Overall wp 2.5 brings good improvements and great new features but as with any new major version increase there are a few minor details not taken good care of. Waiting to see what the 2.5.1 version wil bring on he bug fixing side.
Have you upgraded yet? what are your thoughts on the 2.5 version ?
Subscribe
PatchLog Sponsors
