WordPress Defense – 4th Measure

Added password protection to the Grammar Captive WordPress login page.  Now when a bot tries to discover the Grammar Captive administrator’s identity and password through numerous repeated  attempts of corrective trial-and-error that exhaust Grammar Captive’s limited CPU and memory resources, it will be denied access.

This password protection is offered by Grammar Captive’s host server Lunarpages and can be implemented using cPanel.

Roddy

WordPress Defense – 3rd Measure

Have installed WP Cerber to shore up additional WordPress vulnerabilities including unlimited login attempts and the abuse of user-password dependent files such as those containing XML-RPC.

As this plug-in includes a variety of options that can be turned on or off at will, it will likely be less resource intensive and thus avoid the kind of internal server errors that have recently been experienced with the introduction of Matomo’s opt-in/opt-out checkbox feature.

Roddy

 

WordPress Defense – 2nd Measure

Just as there are well-behaved and poorly behaved humans so too are there well-behaved robots (Good Bots) and poorly behaved robots (Bad Bots).   Jeff Starr’s  Black Hole for Bad Bots is just the fix for robots that do not honor the wishes of site owners.

In effect, this plug-in allows access to bad bots only once before banishing them forever thereafter.  Good bots that honor a site owner’s wishes are permitted repeated access.  Robots that raise awareness about an owner’s website are good for both potential users looking for certain kinds of information offered by website owners and the sites respective owners.  The Yahoo, Bing, and Google search engines all depend on good bots to collect information for their users.  Bad bots go about the internet looking for personal information such as email addresses and telephone numbers that are then used to their owners disfavor.

You see, no bot (good or bad) is compelled to honor a site owner’s wishes.  Simply those that do not are more likely to be bad bots than good and are consequently banished.  So, if you are a bot owner that is seeking information on the Grammar Captive WordPress site, make sure you honor the robots.txt file that its owner has recently installed, else expect to be permanently bannished.

Roddy

WordPress Defense – 1st Measure

As an important block of single-source, redundant activity on the Grammar Captive website is generated on the site’s WordPress blog page, and as good success has been achieved with the proper WordPress plug-in in the past,  I have installed Jeff Starr’s Block Bad Queries (BBQ) plug-in.

As always with new software — especially of the plug-and_play variety –, I will monitor BBQ’s performance before adding Jeff Starr’s name to the Grammar Captive list of credits.

Just because it is free does not mean that it should not be made subject to good quality control.  After all, reputation means a lot on the internet, and through good reputation commercial exchange becomes possible.

Roddy

Cyber Attack

Although unfortunate on the one hand, it is perhaps a good omen on the other.  Grammar Captive is under cyber siege.  Certianly, it is not clearly understood whether the attack is against WordPress, and Grammar Captive is merely a source of collateral damage; or whether Grammar Captive is, indeed, the direct target. If it is the latter, then it is perhaps a compliment to Grammar Captive’s challenge to the world’s English language industry.

In any case, after the recent installation of the Matomo software, it was noticed that the subsequent placement of the opt-in/opt-out button for cookie-tracking on the Legal/Privacy panel of the Grammar Captive mainpage has led to strange behavior.  Proof of the button’s effectiveness only occurs after the appearance of an internal server error and page refresh.  Observance of this yet to be corrected, unwanted phenomenon led to an investigation that accidentally uncovered a likely attempt to crack the Grammar Captive WordPress password.

The evidence for this unfortunate attack was the many hundreds of hits within the space of a several minute interval on the Grammar Captive WordPress log-in page .  The source of the attack was traced to mainland China and the following domain was blocked:  60.223.252.6.

According to the Who Is? page of the APNIC list of registered domains the source of the attack came from the Shangxi Province.  China Unicom is the owner of the address and has been notified of the abuse.

The entire weekend was spent addressing this twin-problem and several more days will likely be required in an attempt to resolve the time and space issues resulting from the large amount of CPU time and memory that the Matomo software apparently requires  and appear to be the source of the button dysfunction.

Roddy

Privacy, Matomo, and Iubenda

Privacy is something that everyone can appreciate and unfortunately far too many violate.  We are especially vulnerable in this latter regard when we are exploring on the internet.  For it is there where so much information about our behavior, electronic equipment, whereabouts, interests,  inclinations, and time spent is collected without our knowledge.  From this data entire stories can be created about our person that may or may not be true depending on who is collecting the data and creating the story.

In contrast, without data collection it is difficult for service providers to tailor their services to their customers wants and needs.  Accordingly, please do not be surprised that a service provider would collect data about its users that they do not intentionally give.  Indeed, the very nature of human communication demands that more information is exchanged than is ever intentionally given.

What is more, data collection is a two-way street!  How, for example, can a service provider know that his freely offered information, instruction, or advice is not being used for criminal purposes?  He cannot!   In this light, if a user cannot trust the service provider whose data he collects, then why in the world would he be collecting the provider’s data in the first place?

In the end, it is not so much what data is exchanged and collected, but how this data is used.

Grammar Captive makes the assumption that most users do not mind that data about their person or behavior on a given site is collected, so long as it is stored securely and not used to their disbenefit.  And, in good faith Grammar Captive makes no attempt to disguise the nature of the data that it collects, how this data is used, and the purpose of its use — namely,  enhance the user’s experience and thus make Grammar Captive an attractive place for him to spend his time.

With the incorporation of Matomo into the Grammar Captive web application important decision had to be made about what data would be collected and what would not, and to this end Grammar Captive has updated its Iubenda legal advisory.  Please visit the Grammar Captive mainpage and look  for the subheading Legal/Privacy under the heading Other in the navigation bar.

Roddy

 

 

 

One Change, Many Modifications

Introducing a multiple language listing for the Seven Gates newsletter was a relatively easy task, making the necessary modifications for the files and pieces of code that depend on the same files and code that make the multiple language listing possible proved far more daunting.

In the short run, the benefit of a multi-lingual introductory newsletter may prove unworthy of its cost of implementation.  In the long run, however, I cannot help but believe that it was well worth the effort.  In any case, the worst of it is now water under the bridge, and I can at last begin the implementation of Matomo — Grammar Captive’s Google Analytics without Google.

Roddy

Language Selection

In order to sign up for a Grammar Captive account a user must enter his native tongue.  In his confirmation email is included this language.  When he confirms this information is sent to the database, and the user receives a copy of Seven Gates in his preferred language automatically.  Whereupon he can choose to subscribe, if he has not already, or even unsubscribe, if he changes his mind.

An introductory letter in your native tongue is likely to be more easily digested and encourage subscription or discourage unsubscription.  Once received, advanced users can select the English version with a simple click, if they so prefer.

The multilingual nature of Grammar Captive is an important selling point of the site, and now users will be able to select newsletters in the language of their choice.  This is the newest addition to the Grammar Captive mainpage.

At present there is only one alternative language — namely, Japanese;  this said, the technology is now in place for many more.

When you land on the page look for the word Archives under the heading Regular Updates / Weekly Newsletter in the navigation bar, or alternatively, perform a search in Japanese or English under the heading Search Grammar Captive.

Nearly a week has been lost due to a failed system upgrade, but we are nearly back on track.  Certainly the fundamentals for a mass mailing in multiple languages is now in place, and the long promised counter that replaces Google Analytics has already been installed.  What remains is coordinating the data bases for the mass mailing  and choosing what to count for Grammar Captive’s substitute for Google Analytics — namely, Matomo.

Roddy

日本人も国語で七棟の門を購読

小さな一歩でも、日本人は国語で文法キャプチッブの「Seven Gates」というニューズレターの初版を読めます。取り敢えず、国語初版は第一の版として、英語で書いたレターと一緒に同様のアーカイブに保管されています。アーカイブの第二ページにご覧ください。も少し初版だけではなく、全部の国語で書いたレターは自分のアーカイブに預かられます。

Roddy