Starbeamrainbowlabs

Stardust
Blog


Archive


Mailing List Articles Atom Feed Comments Atom Feed Twitter Reddit Facebook

Tag Cloud

3d 3d printing account algorithms android announcement architecture archives arduino artificial intelligence artix assembly async audio automation backups bash batch blog bookmarklet booting bug hunting c sharp c++ challenge chrome os code codepen coding conundrums coding conundrums evolved command line compilers compiling compression css dailyprogrammer data analysis debugging demystification distributed computing documentation downtime electronics email embedded systems encryption es6 features ethics event experiment external first impressions future game github github gist gitlab graphics hardware hardware meetup holiday holidays html html5 html5 canvas infrastructure interfaces internet interoperability io.js jabber jam javascript js bin labs learning library linux lora low level lua maintenance manjaro network networking nibriboard node.js operating systems own your code performance phd photos php pixelbot portable privacy problem solving programming problems project projects prolog protocol protocols pseudo 3d python reddit redis reference releases resource review rust searching secrets security series list server software sorting source code control statistics storage svg talks technical terminal textures thoughts three thing game three.js tool tutorial twitter ubuntu university update updates upgrade version control virtual reality virtualisation visual web website windows windows 10 xmpp xslt

Atom Feed Optimisations (and bugfixes)

Hello again!

I have made a few tweaks to this blog's feed that I think that you might want to know about.

Firstly, I fixed the bug with the named html entities breaking the feed. Apparently XML doesn't like named html entities much. This has involved a number of tweaks to atom.gen.php - You will see that the script is now ~30kb(!) - this is due to the inclusion of a named html entity to numeric html entity conversion table. You will now also see (?) if an unknown named html entity couldn't be converted successful.

Secondly, I have improved the performance of the feed by only showing the last 15 posts in the feed. I didn't notice at first, but this has been slowing the server down for some time because it been adding every post I have made so far (62 for those of you who are counting) to the feed, every time someone requests it.

Hopefully these changes don't have any unintended side-effects, but if they do please let me know in the comments below.

Rob Miles has Linked to This Blog!

This is a quick post to say that Rob Miles has linked to this blog in his latest post. You can find that post here.

Fighting Spam on your blog

Since I have written my own blog script from scratch, I have learnt a lot about how spambots spam my site in order to implement measures to stop them. This post is a compilation of all the methods that I have discovered so far.

Currently I have yet to rate the effectiveness of each of these measures since at the time of writing this post I have only just finished rewiring the commenting script so that I can 'measure' the effectiveness of each of the methods described below.

Method 1: Honeypots

If you don't take either an email address or a web address on your blog, try adding a email or website field and hiding it via CSS. The more complex, indirect, and obscure the CSS you hide it with, the better. Just make sure that is actually hidden.

This blog uses a hidden website field along with a warning for users who see it due to poor browser support.

Method 2: No super long comments

This isn't really a proper method, but I found that spam comment on my blog were generally really long. So I am imposing a 2000 character limit on comments. If people have more to say, then they can reply to their own comment, and use service like pastebin or hastebin for code.

Method 3: Keys

This is the really important one. I was finding that while the above 2 methods were stopping some of the spam, I was getting some smart spambots with chrome/firefox-like user agent strings that I can only summarise knew how to tell whether a from control was hidden or not by reading the CSS or my website.

The hidden key field is basically a timestamp of when page was served to the user by the server. In it's simplest form, it can just be the output of PHP's time() function.

In this blog, however, the timestamp is run through a number of different functions, such as base64_encode() and strrev(). Pick a few string manipulation functions that are reversible.

This timestamp can then be analysed by the server. If the timestamp is too far in the past (say 24 hours old), or under 10 seconds old, then the comment is rejected. Spambots will either fetch and cache your page for longer than 24 hours, or they will fetch your page and post a comment immediately. As soon as I set this blog to reject comments posted within 10 seconds of loading the page, I haven't had a single spam comment :)

Summary

So there you go: 2 1/2 methods to banish spam on your blog - for now. The real secret here to log as much information about your commenters as possible (in my case I have been capturing the contents of $_POST, $_GET, and $_SERVER) and working your way through it comparing the requests of legitimate commenters and spammers. The above are simply exploits of the differences I found (with some help from Google). If you can think of any more tricks, please post a comment below!

Stardust Update: Email Notifications

Welcome to another blog update.

Yesterday I added email notifications to the blog comments. You may have noticed that there is an extra optional field for you to put your email address in when commenting. If you do so, anybody who replies to your comment will trigger an email notification which will go to the email address that you specified.

Currently the only method I have for you to unsubscribe from these emails is to email emails at starbeamrainbowlabs dot com, and I will process your request manually. Make sure that you include a copy of the email that you don't want anymore, since it contains information about the comment that you posted that I will have to edit. In the future I hope to have an automated system that you will be able to use.

If you notice any issues with this, please leave a comment below.

The other thing that I added is email notifications for myself. Now, every time somebody comments on my blog I will receive an email notification telling me about it. This is mainly because I forgot to check for new comments - you should receive a reply to your comment much faster now :)

Happy New Year!

I am back - I got distracted so I don't have any new demos for you yet. In the last (half) year, I have set up a website (with the help of Mythdael) and started this blog. Currently my posts are rather Javascript / CSS heavy, but I plan on releasing some more C♯ related posts soon. I have a few more sorting algorithms I must learn for University, so what better way to do so than to implement them in C♯?

Very soon I will also release I few snippets of code I am writing for Blow Worm.

In other news, I have been adding to Pepperminty Wiki. You can now have administrator accounts, which can move and delete pages. Futher plans can be found on the project's readme.

If there is anything you want to see here, post a comment below.

Happy Christmas!

A Random Snowflake

Happy Christmas!

Posts will resume in the new year.

I have a random snowflake generator for you that I wrote a while ago - my current project is taking longer than I thought :D

Edit: It can be found here Random Snowflake Generator).

Tag Cloud Update

Today (after lots of code tweaking in preparation), the tag clouds that recently appeared on the blog now have links on each tag so you can see which posts havethat particular tag. Currently, the Next Page and Pevious Page links are a little bit buggy, but that problem should be fixed sooner or later, I just need to make a few more changes to the code to make it more intelligent.

Edit: The Next Page and Previou Page buttons have been fixed! I have also added First Page and Last Page butttons too - the last page button was the reason it took to long to refactor the code :)

Tag Clouds

Yesterday I added a tag cloud to the website. You can find it at the top of the blog, or below the post on the article view. The tags are not yet linked to a list of posts that have the corresponding tags, as I need to some a litttle bit of refactoring of the blog's code in order to get that to work.

Imaanvas!

Today marks the release of a larger project that I have been doing, called Imaanvas. It has been in the works for months and is meant to be a web based version of a program called MSW Logo, which is now called FMS Logo. It has a few tweaks, though, to make it slightly easier to use. It was orignally written for a year 5 class in a primary school.

It also does not come with all the commands present in Logo, so if you find that a command is missing please comment below and I will try to add it for you as soon as I have some spare time. (You can also write the command yourself, and I can add it that way, but will probaby need the original source code for that - gulp is used to compact the code - send me an email if you want the code)

Immanvas is a horribly complex piece of code - so if you encounter any bugs (which is likely), please either leave a comment below, or send me an email. Remember to be descriptive about the bug that you have found, otherwise I won't be able to track it down and fix it! Also remember that Imaanavs is meant for modern browsers, so if Imaanvas doesn't work in your browser, try upgrading it to it's latest version.

This post is late since essential maintenance work had to be carried out to try and reduce the amount of spam that is being posted.

Website Updates

Yesterday I tweaked and updated the website. Here are the thing that I changed:

  • Finished adding the jigsaw puzzle pieces to the homepage
  • Added navigation aid to the top left of website on widescreens
  • Added footer to blog index page
  • Moved prism to the new /libraries/ folder
  • Added a smooth scrolling script to the navlist in the top left
  • Updated the todo list
  • Removed spam from blog
  • Added extra antispam measure: Not allowing email field to be filled in since it is not currently used yet anyway
  • Changed the highlighted selection colour to rgba(54, 0, 255, 0.21)

If you discover any issues while using the website, please leave a comment below. Antispam measures for this blog in particular seem to cause issues - in which case you can send bug reports to bugs at starbeamrainbowlabs dot com.

More changes will be coming in the near future, such as an Atom feed for comments and an email notification system for replies to your comments.

Update: The Atom feed for comments has been created! You can find it over at feed.comments.php.

Art by Mythdael