Going offline, but only briefly (I hope)

reinstall

InformationTechnologyAs you may know, visitors to this site have received unexpected redirects. It’s frustrating because I can’t see them. I contacted the vendor on Saturday, who found a specific evil bug. That was fixed.

But shortly thereafter, my friend Catbird wrote: “This is where that latest link you sent goes; it’s a phishing page that spoofs Apple. There’s a blue banner across the top of the page saying ‘Safari Search Contest 2021’. This photo is a screenshot of the message, which is obviously some kind of phishing ploy.

“When I called Apple Support they immediately thought you were spamming me and it took a few tries to explain that you were a friend and not only wouldn’t spam me but probably didn’t know how to set up a computer scam.” This is very true, BTW.

So I contacted the host again.

Restoration

“After further review of the rogerogreen.com website, I am seeing that it’s been compromised since at least July 25th. I checked our oldest backup (dated from 7/30) but noticed the hacked files were present in the backups. Performing a restore via the DreamHost panel is no longer an option as we only keep backups for the preceding 7 to 10 days. Restoring the website from the oldest backup would restore a hacked file structure.”

Yes, that WOULD be unsatisfactory.

Earlier that day, my cousin Tom had looked at the workings of my blog via ZOOM – OK, ZOOM is not ALWAYS terrible. He was looking at my plugins, and somehow he was showing one more than I had installed, or had listed.

Dreamhost guy Matthew noted: “When I checked your /plugins directory within your /wp-content directory, I was able to find a directory named /zend-fonts-wp which looks to contain malware that would redirect the website. After further research, I was able to find it is NOT a valid WordPress plugin.

Like magic

Bottom line: “A full reinstall of WordPress will need to be done to return the site to a properly working, updated, and secure state. The following link has instructions on how to proceed with the installation in a way that will help ensure there is no data/content loss.”

This means this site will go offline for an hour or three, probably today or tomorrow. But as the former governor of California once said, “The more knowledge you have, the more you’re free to rely on your instincts.”

Many thanks to Catbird, fillyjonk, Alison, ADD, west coast Bill, Mary R, Tom the Mayor, Kevin, Darby, Jack, and especially cousin Tom.

Technical difficulties: Facebook v. my blog

One can go to the blog directly

facebookSometimes, it’s difficult to write a blog post. I’ve experienced that acutely this summer. Arthur noted his blogging weltschmerz recently.

But then there are those technical difficulties, particularly the ones I don’t understand, that are truly maddening. I’ve been getting reports that when people go to the link that I post on Facebook every day since July 31, some people are getting untoward messages. Some are denied access by something that tells them that they’re the nth customer and a prize winner.

A friend noted that the link started to go to my site then appeared to be redirected to somewhere else, then a message came up that the page was blocked as malware. And it doesn’t seem to matter whether they are on laptops or iPhones.

At times, the first time someone clicks on the link to the blog from Facebook, they get the warning from Norton. If they go back immediately and try again, no warning. Is it Norton being hypersensitive?

What ARE my passwords now?

As I’ve noted, the last time my Norton was renewed, every HTTP site I went to was “dangerous.” But that soon passed. In any case, I have an HTTPS site, which is presumably more secure. I’ve changed my password on Facebook and on my blog. It did not help.

One of my cousins ran the FB link through something called Virustotal. The direct link to that blog page came back clean. I’ve followed the FB link in a couple of browsers and saw no problems at all. I even used another scanning system; all clear.

So it seems that the problem is not with my blog. It’s with Facebook doing SOMETHING to my blog post links. I considered deleting my Facebook and starting all over. (I need to cull the list anyway.) But I’ve decided not to do this yet, in part because I’m not sure it would work.

Any suggestions are welcome, preferably something that won’t add to the hours I spent so far trying to fix it.

What to do with your stuff when you’re dead

’

I may have mentioned this first part before. My wife periodically asks me, “What do you want to happen to your stuff when you’re dead?” She wasn’t quite that coarse. But to mind’s ear, it SOUNDED that way.

Recently, my daughter has been also uttered the refrain. I don’t know, but I’m still using them, thank you.

In my wife’s case, it’s a function of my mother-in-law dealing with my late father-in-law’s stuff, so I get it. But the question still makes me irritable.

There may be some of my music and books – surely the largest physical representation of my “stuff” – that they may actually want to keep! Surely, my daughter should want the book Soulsville, USA, even if she doesn’t KNOW she wants it. Likewise my Motown, Stax, Beatles-adjacent, and other albums.

We’re giving ’em away!

That said, there are some books I could part with. Top Pop Albums for 1996, 2001, and 2009 I’m giving up if anyone wants them. But I’m holding on to the 2005 and 2016 versions, the former renamed The Billboard Albums. Why keep the 2005 version but not 2009? Because 2009 dropped the tracks on the albums, re-instated in the 2016 version. And I keep 2005 because it weighs less than the 2016 version and meets most of my needs.

I just got Top Pop Country Singles 1944-2017. So the version ending with 2012 I’d gladly give up.

I’ve somehow got two copies of Marvel Masterworks, Daredevil Volume 5, covering DD issues 42-53. They’re mostly by Stan Lee and Gene Colan, but also Roy Thomas and Barry Windsor-Smith.

And I have a case of “And don’t call me a racist!” The book was compiled by Ella Mazel.

Musical CD duplicates:
25 – Adele
Secret Identity – the Andrew Allen Trio
Sky Signal – Audible
The Long Black Veil – The Chieftains
Open Ground – Kyle Fischer
Cowgirl’s Prayer – Emmylou Harris
Metal Cares – Picastro
Long Knives Down – Rainer Maria

Optimally, anyone who wanted these locally could pick up one or more of these, and multiples of the Mazel book. Or I could drop them off. Beyond that, I’ll ship the rest, in the US only because international postage and regulations are pains. Email me at rogerogreen (at) gmail (dot) com.

More important to me than stuff

I’m more interested in what becomes of my blog when I go. My blog is paid for through March 2027. Still, I’d like to find someone to dump the spam emails, accept the real comments, and update the plugins.

Fortunately, I know most of the blog will live on via the Wayback Machine. At this writing, it was last captured just after my last birthday, on March 8, 2021.

What I discovered, though, is that I used to insert these Continue Reading breaks, the content below which I can’t retrieve. So I have been systematically been getting rid of the MORE tabs.

Also, the first five years of this blog were on Blogger. When I moved it, some of the punctuation was wonky. I’d now get a sentence such as That’s why there’s no such thing as an “aspiring writer.” I know what it means, but it’s ugly. I’m going through those posts as well.

As for Facebook and Twitter, I suppose I should figure something about those too. But they’re just not that important to me.

“Your website is at risk”

Do you know what I hate? Technology warnings that I do not understand. Specifically from my blog host, with the headline above.

<em>Your website… is currently running PHP version 7.2. Updates for this PHP version are no longer issued by the PHP project. In practice, this means that any bugs or security vulnerabilities discovered in your PHP installation will not be fixed and that your website is potentially vulnerable to several known security threats.

On June 2, 2021, we’ll be making an attempt to upgrade your site’s version of PHP to v7.4.

We’re constantly working on making improvements that we hope will reduce or eliminate any upgrade-related complications. We plan to upgrade your site and run a series of automated tests immediately afterward to ensure your website is working as intended.

If it passes all of our tests, it will stay on PHP v7.4 but you will want to inspect it yourself right away because our tests can’t catch everything. If this happens you can change PHP back easily from the panel.

If it fails, we’ll automatically revert your site back to PHP v7.2 and notify you.

We want to stress the importance of getting PHP upgraded as soon as possible. We’ve made the upgrade procedure a quick and simple process, but we understand that you may also need to update your site’s code for it to be compatible with newer versions of PHP.</em>

PHP

So I’m asking you that if you see something weird on this site on June 2/3, please me know what they are because I might not see them.

It’s LIKELY that it’ll all be fine. But being a pessimist, particularly when it comes to things largely out of my control…

BTW, PHP is “a popular general-purpose scripting language that is especially suited to web development. Fast, flexible and pragmatic, PHP powers everything from your blog to the most popular websites in the world.”

See what condition my condition was in

Some of you have asked what was the condition my blog between about 6 a.m. and 11 p.m. on Sunday, November 20, Eastern Standard Time, which is who knows when where you are.

I saw this DNS page when I got up:
dns
I emailed the provider at some point early that morning, but then I was in church for several hours, and I didn’t get home until 2 p.m. Around 11:30 a.m., I had received a message that the blog was fixed, but I couldn’t see it, literally.

Briefly, though, I could actually access an altered version of my blog – no pics – long enough to actually copy the text of my current post and throw it on my Times Union blog.

Soon, even that ability went away, and I got first:

Error 520 Ray ID: 304f0526d2f8220a • 2016-11-20 21:33:25 UTC

Web server is returning an unknown error

 

Then back to the weird ad shots.

When you’re IN the situation, you don’t always record the situation, and afterward, one may not wish to revisit it. Fortunately, the wise and wonderful Dustbury explains it rather fully HERE, and note my comment there as well.

OBVIOUSLY, I need to post the song Just Dropped In (To See What Condition My Condition Was In). It was [listen to all] , written by Mickey Newbury, “recorded… by Teddy Hill & the Southern Soul, [covered by] Jerry Lee Lewis… and a hit for Kenny Rogers and the First Edition.”