MDLog:/sysadmin » WordPress

WordPress mod_rewrite rules taking over mod_status

- Marius - — Sun, 01 Mar 2009 23:12:55 +0000

While working on setting up a monitoring solution for a big wordpress installation, I realized that the server-status url was not working as expected even if mod_status was configured correctly:

ExtendedStatus On SetHandler server-status Order deny,allow Deny from all Allow from some_ips

The .htaccess wordpress rules were taking over this and the server-status url was returning a page not found error from within wordpress. This was happening because of the way how the rewrite rules are setup to handle all the permalinks on the site, and for any non-existing file send it to index.php:
# BEGIN WordPress RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # END WordPress
This works fine with any aliases defined in apache, but the mod_status handler was going to the rewrite rules first, hence the problem. This is not a wordpress problem, and should happen with any other application (like zend framework is one other example that comes to my mind right now) that uses the same type of catch-all rewrite rules to handle all the urls inside the application. The solution in this case is to specifically add a rewrite rule to not have the server-status url processed and sent to the default rule:
RewriteCond %{REQUEST_URI} !=/server-status
and the wordpress rewrite rules should look like this:
# BEGIN WordPress RewriteEngine On RewriteBase / RewriteCond %{REQUEST_URI} !=/server-status RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # END WordPress

WordPress 2.7 released

- Marius - — Thu, 11 Dec 2008 09:58:48 +0000

This morning WordPress 2.7 “Coltrane” was released as stable after 2 quick RC’s. The most important change is the major admin interface redesign. For full details check the official wp announcement: http://wordpress.org/development/2008/12/coltrane/

As always, you can download the latest wordpress version from: http://wordpress.org/download/
or if you are using an svn install (like me) you just have to run:
svn sw http://svn.automattic.com/wordpress/tags/2.7/

Getting ready for WordPress 2.7

- Marius - — Wed, 19 Nov 2008 10:00:15 +0000

WordPress 2.7 beta3 was just released and probably we will see the final release very soon. In the meantime, here is a great article outlining the changes this version will bring (a complete rewrite of the admin interface): 10 Things You Need to Know about WordPress 2.7, by Aaron Brazell.

ps. if you are using svn for your installation and want to test this release, you need to update to the trunk version:
svn sw http://svn.automattic.com/wordpress/trunk/

Enabling Gravatars

- Marius - — Mon, 27 Oct 2008 12:52:20 +0000

“Gravatars are Globally Recognized Avatars. An avatar or gravatar is an icon, or representation, of a user in a shared virtual reality, such as a forum, chat, website, or any other form of online community in which the user(s) wish to have something to distinguish themselves from other users.”

I’ve just finished enabling gravatars on my blog, and this was as simple as adding the gravatar code in my theme. Starting with WordPress 2.5 gravatars are enabled by default without any additional plugin needed, and you only need a compatible theme to start using gravatars. This was not the case with my theme so I had to add a simple code to enable this:

There are other parameters you can use, and they can be found here: http://codex.wordpress.org/Gravatar

This means that any commenter that has a gravatar (you just have to register your email address and upload your image) will have it displayed on my blog also. Finally .

ps. I tried out also the WP-Gravatar plugin that works with more services (Gravatar, MyBlogLog, OpenAvatar, Wavatar, Identicon, monsterID or Favico.ico), but I am not really sure if this is really needed. For now I will settle with gravatars only, but maybe in the future I will enable the wp-gravatar plugin and disable the default wp function.

Akismet 2.2.1 stats

- Marius - — Thu, 23 Oct 2008 10:31:39 +0000

The latest Akismet version 2.2.1 brings a cool new feature: stats! In the wordpress dashboard we have now some nice stats on Akismet activity (you can find it under the “Akismet Stats” tab in your admin dashboard). What’s cool is that they present the information from the past also. I can see all my data from the time I have started this blog – actually from the time I activated akismet). Nice… I can see now graphically and in text that my blog is averaging about 10,000 spam comments per month.

In case you missed this new feature check it out, as it looks nice…

Source: Akismet Blog

TypePad AntiSpam beta

- Marius - — Mon, 02 Jun 2008 07:21:49 +0000

“Akismet has caught 202,526 spam for you since you first installed it…”

Wow… I can’t imagine how my blog commenting would have looked without Akismet. This has saved me from a lot of troubles and as you can see it just went over 200k. It is just unbelievable to see how much commenting spam is going on and I can’t imagine anyone having their blog ‘open’ and manually verifying all the comments.

Akismet has it’s problems, and from time to time I see it timing out and spam going through, but since I don’t get 15,000 spams / day like the big boys, this is not a huge problem.

A few days ago Six Apart launched a new free open source product called TypePad AntiSpam. It’s free (Akismet costs for a commercial license), it has a plugin for WordPress 2.5, it’s open source, and it’s compatible with Akismet (so you can even run them together). I will definitely test this out and if all is ok, start using it on this blog.

WordPress 2.3.3 – urgent security release

- Marius - — Tue, 05 Feb 2008 20:33:07 +0000

WordPress 2.3.3 was released today, and it is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog.

Anyone running the 2.3 branch is recommended to upgrade immediately to 2.3.3. Official wp announcement:
http://wordpress.org/development/2008/02/wordpress-233/

As always, you can download the latest wordpress version from: http://wordpress.org/download/

Note: I must say that I am very happy since I’ve switched to the subversion method to update wordpress. This is indeed very easy, and if you are managing several wordpress installations this should help a lot in the process to keep them updated:

svn sw http://svn.automattic.com/wordpress/tags/2.3.3/ U wp-includes/gettext.php U wp-includes/gettext.php U wp-includes/version.php U wp-includes/pluggable.php U xmlrpc.php U wp-admin/install-helper.php Updated to revision 6730.

WordPress 2.2.3 released – security and bug-fix release

- Marius - — Mon, 10 Sep 2007 10:21:53 +0000

WordPress 2.2.3 was released yesterday and it is a security and bugfix release. Anyone running the 2.2 branch is recommended to upgrade immediately to 2.2.3. Official wp announcement:
http://wordpress.org/development/2007/09/wordpress-223/

As always, you can download the latest wordpress version from: http://wordpress.org/download/