Fix to Try if WordPress Won’t Allow Comments

One of the my blogs stopped allowing comments. If you experience this is might be due to an issue with https. The blog in question was serving https pages and everything had been working previously. I am not sure when the issue first appeared, but I noticed it after updating to WordPress v 5.1.

When I looked at the page source I could see the comment form was trying to submit to http (even though it was being submitted from a https page). I received a message that the page was going to be submitted in an insecure manner and did I want to submit anyway. I said yes and a new page was loaded (though it was blank). But no comment was submitted to the wordpress database.

Using another browser it gave a 405 error.

This page isnโ€™t working
If the problem continues, contact the site owner.

HTTP ERROR 405

I couldn’t figure out why it was submitting to http. I remembered there is a general settings page (/wp-admin/options-general.php) and I went there and noticed the

WordPress Address (URL)
and
Site Address (URL)

fields were set to http. I updated them to https and then everything worked fine.

Related: Compare WordPress Files on Server to Proper WordPress VersionFix for When a WordPress Blog Stops Displaying ImagesWordPress: Multiple Blog Network on One Server โ€“ Overcoming Conflicts

Fixing a Problem with WordPress Trackbacks and Pingbacks

Trackbacks and pingbacks stopped working on several of my blogs. It turned out to be quite time consuming figuring out what was causing the problem. Eventually the following worked:

Installing php-xml

sudo apt-get install php-xml

And commenting out a check for empty $context variable (this doesn’t really make sense as the variable isn’t empty at this point but until it was commented out it just silently didn’t work) in the file wp-includes/class-wp-xmlrpc-server.php.

// if ( empty($context) ) // Link to target not found
// return $this->pingback_error( 17, __( 'The source URL does not contain a link to the target URL, and so cannot be used as a source.' ) );

Anyway if the initial steps you take to deal when trackbacks and pingbacks on your blog stop working you might want to try these steps that worked for me.

Related: Fix for When a WordPress Blog Stops Displaying ImagesCompare WordPress Files on Server to Proper WordPress VersionWordPress: Multiple Blog Network on One Server โ€“ Overcoming Conflicts

Compare WordPress Files on Server to Proper WordPress Version

Sadly one of the hassles in managing your own WordPress blog is dealing with people that use your blog to serve spam content. These hacks can insert spam links into your pages and posts or create spam directories that are completely their own content on your domain.

There are many issues to deal with in re-establishing control of your server; but that isn’t the scope of this post.

This is just a tips if you are troubleshooting to try and determine what is going on. Often your server has been hacked to allow uploaded php pages to be added or for WordPress php files to be edited.

One way to track down if the files have been changed or new ones added is to compare the WordPress files on your server to the current files for a fresh WordPress install. This assumes your blog is using the current version, which hopefully it is because on the big improvement WordPress made is to make those updates automatic. That greatly reduces the chance to have WordPress be the vector to infecting your server. If you were using a older version then just compare to the field for that version from the WordPress server.

If you don’t have a current backup I would make a backup before I tried this. Obviously, don’t make any deletions or changes to your server unless you understand what you are doing. You can create big problems for yourself.

You can use the diff command to view the difference between WordPress on your sever and the fresh install from WordPress. I install the new WordPress in a new directory outside public_html. At the cli on a Ubuntu/Linux server:

[code]sudo wget http://wordpress.org/wordpress-4.0.zip
unzip wordpress-4.0.zip
diff -rq wordpress ../public_html/[/code]

wordpress-4.0.zip – replace with whatever the version is you are using.
../public_html/blog/ – replace with the path to your blog

Continue reading

Fix for When a WordPress Blog Stops Displaying Images

My WordPress network site stopped displaying uploaded images. I finally found something that works, though it is a lame “solution” in my opinion.

I found this advice and it worked for me. Insert the following in wp-includes/ms-files.php

adding ob_clean() before the readfile in ms-files.php

So you end up with:

[bash]// If we made it this far, just serve the file
ob_clean();
readfile( $file );
?>[/bash]

Caching seemed to make the images “disappear” slowly (they didn’t all go at once and using different browsers they “disappeared” at different times). So when I fixed it they “reappeared” at different times (it seemed like cached ones stayed disappeared for awhile).

The advice mentions the image files being seen as “corrupted.” The files seem unlikely to actually be “corrupt” because these are images that worked for years and then all of a sudden every image for the sites “disappeared” (wouldn’t be displayed). I suppose it is possible the are corrupt in some detailed way and some update no longer allowed some previous “lax” checking to allow the non-compliant files but it seems more likely that some of thing has gone wrong (but somehow ob_clean takes care of it).

Related: WordPress error: Image could not be processed. Please go back and try again.Overcoming Conflicts Multiple Blog WordPress Network on One ServerBash Profile Adjustments, Scrolling History

Make Your Bounce Rate More Meaningful

Nice post on what the operational definition (though it doesn’t use that term) of bounce rate is in Google Analytics and some ideas on how to fix bounce rate to be more meaningful (better fit your desired operational definition).

We often make mistakes because we use the data we have assuming it means something other than what it actually means. There suggestions let you make Google Analytics collect the data so it is more aligned to what you want to know.

Essentially bounce rate without any adjustment is operationally defined by Google to mean the visitor doesn’t click a link to another page on your site that has Google Analytic code (so it can register the click).

They suggested using

[javascript]setTimeout("_gaq.push([‘_trackEvent’, ’15_seconds’, ‘read’])", 15000);[/javascript]

inside your Google analytic tracking code. They also updated the post with an idea from a Hacker News comment to use scroll tracking as a better option than just timing if they stay on the page at least 15 seconds. The scroll tracking lets you count it as a bounce only if they don’t scroll down and they don’t click to a new page on your site.

Which data is more useful depends on your situation, what you want to know and what you want to do with the data you collect.

Related: Setting Up Multiple WordPress Blog Network on One Server, How To Overcome ConflictsWordPress error, Image could not be processed. Please go back and try again.ModSecurity Adjustments for WordPressSimple Process to Claim Authorship of Pages with Google

ModSecurity – Adjustments for WordPress

How to secure an Ubuntu 12.04 LTS server – Part 1 The Basics is a great resource to secure a VPS.

Mod_Security is a web application firewall. I found a couple things to add to my servers.

The same site includes a very good guide to installing it (you also may well want to whitelist Googlebot, instructions in the link). However it blocked my access to one of my sites. You end up just getting the message:

“Forbidden

You don’t have permission to access / on this server.”

There are tips on some edits to include when using WordPress on an Apache server with modsecurity.

One simple action is to include

SecRule SERVER_NAME “[your-domain.com]” phase:1,nolog,allow,ctl:ruleEngine=off

[bash]SecRule SERVER_NAME "code.curiouscatnetwork.com" phase:1,nolog,allow,ctl:ruleEngine=off[/bash]

on the bottom of modsecurity.conf which is found /etc/modsecurity (for me, on Ubunutu 12.04). Then restart Apache

[bash]sudo service apache2 restart[/bash]

and see if the problem goes away. If it does then you have a very good indication modsecurity was blocking access and can continue to narrow the scope of the problem by adding the WordPress whitelist rules in the link above.

Another note, service apache2 start, failed in a non-obvious way to me anyway. For me if I use sudo it works fine. If I don’t it gives odd errors which lead me on a 10 minute wild goose chase before remembering to try sudo.

Related: Upgrading VPS Web Server from Ubuntu 10.04 to 12.04Keeping Your Hosted Ubuntu Web Server Software Up to DateLinux/Ubuntu File and Directory Permissions

Very Simple Process to Claim Authorship of Pages with Google

Update: August 2014 Google abandoned this project so there is no point wasting your time on it. As I have stated elsewhere Google’s efforts are so unreliable (Google nearly always fails and then closes whatever you invested your time in) that you should careful consider if you bother with their stuff (much mores than any other company). This has been true since Larry Page became the CEO and means that I avoid Google initiatives. I also abandon, or at least don’t waste more of my time investing in anything Google buys. Without a strong extra case to justify bothering with something from an organization proven to be so unreliable it just isn’t sensible to treat Google efforts as reliable.

With authorship I figured the odds were that even with Google’s poor track record this was something worth bothering with. Oops. I have to re-calibrate to assume even less chance of Google making something that won’t just be a waste of my time for future efforts.

There are lots of posts explaining how to claim authorship of pages with Google. I find them very complex, by and large.

I was able to use this simple process.

  1. Include by author text with a link to the author page using rel=”author” In WordPress you can just edit the theme page to have the author link include the rel=”author” tag.
  2. [html]<a rel="author" href="http://johnhunter.com/">John Hunter</a>[/html]

    For WordPress blog with multiple authors here is the syntax to use (this pulls the author url from their profile. The author can update their web site url when logged into the blog.

    [php]<a rel="author" href="<?php the_author_meta(‘user_url’); ?>"><?php the_author() ?></a>[/php]

  3. Then connect author page to Google+ profile. You can make this most any page (Google may exclude some free sites). Most people use the about page or author pages on the same blog they are trying to claim authorship of. But all that really matters is linking this page to your Google+ profile (obviously substitute your url), I have many sites with my material so my home page is what I used, I just added the following to that page.

    [html]<a href="https://plus.google.com/u/0/123" rel="me">Google+</a>[/html]

  4. Then link your Google+ profile to the authorship page you want to use. You can add it under Other profiles or contributor to. This is the trickest part do to very bad UI of Google+ you have to go into edit mode and then click on the areas (there is no indication they are editable until you click – extremely bad UI, Google seems to very much like this hard to understand hidden UI elements lately, hopefully that will end soon). Likely Google will fix this at some point so this part will no longer matter.

To test out whether things are working you can go into Google webmaster tools to the rich snippets area. Test out a url you claimed authorship of and you should see something like:

search result with photo

Google can now use your Google+ profile to include a photo (from your Google+ profile) next to search results

With those simple changes over 1,000 posts on my blog were updated. It took far longer to search for and read a bunch more complex ways of accomplishing this than actually doing this once I was able to see what little had to be done. Writing this post took way longer. Now I just have to do step one for other sites and blogs and they will all be updated to show my authorship (for those I already had on my Google+ profile, if they were not listed there yet they have to be added).

There are many benefits to establishing authorship through Google.

  • Google can include your photo next to search results. Especially until people get tired of this, it will likely increase clicks on your links. And even after people are tired of it, if they notice your photo (and respect you) that may well increase clicks.
  • Builds your personal brand
  • Google can use authorship as an additional factor in calculating the worth of a page for a specific search.
  • Google can get a feel for what areas you are an expert in. First by just analyzing what your write about. But more importantly they will be able to use this extra layer of information to determine AuthorRank (similar idea to PageRank) by seeing links to your authored material.
  • Hopefully this can allow for RSS feeds by author (no matter where the content is published) eventually, if it doesn’t already.

Knowing authorship will allow Google to improve search result quality, so I can understand why they are pushing for it. It is a bit annoying how they keep pushing Google+ but this implementation seems tolerable. Some posts make it sound like you have to make your “authorship page” the Google+ profile, but really you can decide the authorship home page (for me johnhunter.com). They do pull your profile photo from Google+ to use, which is less than ideal.

WordPress: Multiple Blog Network on One Server – Overcoming Conflicts

I ran into a problem when I added a second WordPress blog network to my server. I had the Curious Cat Blog Network up and running for quite some time with sub-domains for each individual blog in the network. WordPress automatically dealt with routing the sub-domains and having urls work. It really is very nice how easy it is to create a new blog and have everything up and running – just add it in WordPress, no need to touch the server directly. Blog networks are a new feature in WordPress 3.0 (I think) which are very nice. I would imagine it builds on effort with Wordpres MU but it is just part of regular WordPress now.

When I added the second blog network however the new faux-sub-domain that should be used affordable-funeral.moneyite.com would instead be redirected to curiouscatnetwork.com and since no such domain existed on curiouscatnetwork.com it gave the standard error message WordPress generates for the case where a sub-domain url is not recognized.

The main domain for the new site was working: moneyite.com. I tried searching around for some solutions to this problem online but couldn’t find any. I am not sure if multiple wordpress blog networks should work on the same server without any special needs. But it wouldn’t for me. I found a solution that did work so I will share what worked for me.

I created new sites-available records for each of the sub-domains and once you reload Apache everything seems to work. I am not sure their isn’t some problem with doing things this way that I haven’t uncovered yet. But it is working for me so I wanted to share this in case it can help anyone else trying to use multiple wordpress blog networks on one server.

Related: Checklist for moving an existing WordPress site to a new web hostWordPress error: Image could not be processed. Please go back and try again

WordPress error: Image could not be processed. Please go back and try again.

If you get an error saying

Image could not be processed. Please go back and try again.

when you try to put a new custom header image for WordPress theme 2010 on a server using Ubuntu the following may help:

[bash]apt-get install php5-gd[/bash]
once it installs then
[code]invoke-rc.d apache2 restart[/code]

This will provide php the ability to manipulate images that WordPress is trying to use.

Code to Display text only on WordPress Blog Home Page

Cut and past php code to determine if it is the wordpress blog home page (and only the home page itself).

[php]<?php if (is_home() && !is_paged()): ?>[/php]

Example, to print john if it is a “homepage” templated page and jill otherwise:

[php]<?php if (is_home(); ?>

<?php
if($name == ‘john’){
echo ‘Hi John’;
}else if($name == ‘jill’){
echo ‘Hi Jill’;
}else{
echo ‘Hi’;
}
?>[/php]