Posted by Trejkaz
Fri, 02 Jun 2006 01:58:00 GMT
No, it’s not a post about my new glasses, although they’re pretty awesome.
I thought it was about time I updated the theme for the site, so I had a bit of a dig around on TypoGarden.org to find a decent theme to use as a basis for a new theme. I eventually settled on Unoriginal Sin, which looked nice and minimalist, although the JavaScript it was using to draw drop shadows broke Typo’s Live Search feature.
So I replaced the method it was using to generate the drop shadows, and fixed up the Live Search feature, and it ends up looking like this. I wanted to do some nifty fade out effects on the “sidebar” (they’re down the bottom now, so it’s hardly a sidebar) boxes, but it will require changing the page background and I haven’t yet found an acceptable background colour other than white.
You can download this theme if you wish to modify it for use on your own install.
Now I can resume working on other things.
Tags meta, theme, typo | 1 comment
Posted by Trejkaz
Mon, 13 Mar 2006 00:53:00 GMT
Is it just me, or has this weekend been particularly heavy with spam attacks?
First, I have my email spam. Somehow, a whole bunch of spams throughout the weekend completely evaded by server-side spam filtering. Thunderbird picked them all up as spam by the time I logged in from work though, so perhaps I can just go and re-teach the filter being used on the server. Or perhaps I can implement something like greylisting and stop a few spammers before they even get the mail into the server.
Next, I had the misfortune of being notified by Jabber of several dozen comment spams being made to my blog (Jabber notification is quite good for this sort of instant notification – I managed to kill said spams in no time at all.)
The first surprising thing about this spam is that I have disabled non-AJAX commenting on this weblog. Therefore, spammers either (a) know how to execute JavaScript in order to submit forms (which is an extremely scary possibility) or (b) have figured out how to detect Typo-based weblogs and submit the spam via a direct POST in the same way that the JavaScript would do it. Either is possible, given the persistence of spammers.
The spams also cut straight through Typo’s spam filter, so either they weren’t from known IP addresses, or they weren’t linking to known spam URLs. And many of them, even though the content was the same, were from many different IP addresses (side-note: if anybody ever tries to tell you that Windows is no good for distributed applications, these world-wide networks of zombied Windows boxes should be proof enough that it works fine for such applications.)
The next annoying thing was a significant amount of trackback spam. Trackback spam is particularly irritating because the entire point of trackbacks is to be automatic. You can’t have something automatic and prevent spambots at the same time. Thankfully though, the trackback spam was performed as a large number of trackbacks on a small number of articles.
In any case, the band-aid measure I’ve taken is to now block comments and trackbacks after 30 days. That way at least I only have to monitor the past 30 days for new trackbacks and comments, which is all on the front page of Typo’s admin interface.
The measure I’m probably going to have to take, however, is requiring a CAPTCHA for posting comments. Perhaps I can go with the trivial math problem approach, if spammers haven’t figured that one out already. At least that one is accessible, unlike image-based CAPTCHAs. Another way would be to require OpenID authentication for all comments, but that would only stall spammers until they set up their own OpenID servers.
For trackbacks, though, I don’t know what I can do except for turning them off… perhaps we just need a better database of known spam URLs.
Tags blog, meta, spam, typo | no comments
Posted by Trejkaz
Mon, 20 Feb 2006 13:00:00 GMT
Well, it took a lot of fannying about, but I eventually got Jabber notifications working in Typo by taking the advice of people on the newsgroups and killing Jabber4R. It’s no longer maintained, so bugs crop up (due to changes in Ruby itself, I guess) and never get fixed.
I made a simple port of the notifications to use XMPP4R instead, which seems to be behaving itself for the time being. I ultimately should be using NetXMPP-Ruby though, because it supports TLS.
Now I just wait and see if Typo trunk accepts my patch and migrates to XMPP4R. Then I can unleash a bunch of other patches I was working on which integrated with XMPP4R. :-)
Tags jabber, typo, xmpp | no comments
Posted by Trejkaz
Wed, 17 Aug 2005 03:44:00 GMT
Okay, everything seems to be in order.
Those of you using RSS aggregators at some point might want to change this feed to point at the following URL:
http://trypticon.org/xml/rss/feed.xml
I’m using a permanent redirect, which means that your aggregators should update the stored URL to this new URL automatically. However, if they’re anything like Thunderbird, they will redirect automatically, but won’t update the stored URL.
I’ll leave the redirect there until I get bored of it anyway. :-)
Expect various other parts of the site to break for a while, everything should be fixed shortly.
Tags meta, typo
Posted by Trejkaz
Tue, 16 Aug 2005 02:17:00 GMT
So I finally decided that I don’t need a wiki. I’ll lose a little functionality in the way of macros and convenient post entry by doing this, but it’s probably for the best. Any stuff which deserves a wiki, I might as well point at Wikipedia, since I can always add entries over there.
So it’s time to start moving stuff from SnipSnap to Typo.
Bear with me, this is going to be a bumpy ride. People using the feeds will see a post at some point in the future detailing the new URL for the feed.
Tags meta, typo
Posted by Trejkaz
Thu, 04 Aug 2005 05:28:00 GMT
The version of Typo sitting in source control actually has half the features I’d written down that I wanted to add to it.
In addition to this, I found a very nice theme in the tracker which looks remarkably similar to what I needed and got frustrated trying to make.
So let’s just say, “full steam ahead!”
Tags meta, typo
Posted by Trejkaz
Wed, 27 Jul 2005 04:14:00 GMT
Using AJAX to show comments inline is pretty cool, but I still think the next step is receiving comments from other users in real-time using HTTP pushes.
Of course, it would have to play a little tune for each comment which comes in. That way, you could be distracted from work in real time and if more sounds play closer together, they could have it change the pitch or play little compound tunes.
Then eventually, you end up building a Meteos-like music score if you get enough comments. The goal is then to see how many monkeys you need on keyboards, to generate enough of the right tunes to make the complete works of Mozart.
I guess it’s just an idea.
Tags ajax, random, typo
Posted by Trejkaz
Mon, 27 Jun 2005 23:55:00 GMT
The first candidate for replacement blog software seems to be Typo. Not to be confused with TYPO3, Typo is a simple weblog system based on Ruby on Rails, which should make it easy to customise.
Good:
- Based on Ruby on Rails, making it easy to customise.
- Uses AJAX tricks when posting comments and searching for articles, with cute fade effects.
- Has guest commenting built-in.
Bad:
- It would run on Ruby on Apache, making it harder to have a process like a bot running inside the server 24/7 than it is for a Java web server.
- No immediately-obvious way to integrate wiki-like features in, so I would need to leave SnipSnap up for the Wiki facility until a replacement is found for that. Or, just use static pages, and edit them manually, which I’m not completely against.
- Authentication would still be non-customisable, but maybe anonymous guest commenting is enough…
- Doesn’t store email addresses for guest comments (can probably be hacked in easily enough, though.)
Tags meta, typo