Facebook, do something about fake accounts!

facebookI want to talk about something that has bothered me for some time now. Occasionally, I get a friend request on Facebook from older people that I know and after checking, I’m already connected to them. I report all of these accounts and I never really noticed the reply messages from Facebook until recently.

Last week, I received a friend request from an older lady in my church who lives in a nursing facility. I saw about twenty of our mutual friends had connected to her, so I joined in the friendship circle. I was skeptical though, however, I left it be. Two days ago, I got a private message that said, “Hi”. I said, “Hello, did they get you back to your normal room?” and didn’t get a response. Yesterday, I received a message back that said, “No, not yet, but hopefully soon.” Then, I knew I had them. The lady had been placed back in her normal room early this week. So, I waited for their scam. The next post said, “This kind nurse helped me get a grant for $50,000 and all I had to send was $750.00.” I told them I was reporting them and subsequently blocked them.

I thought that I would handle this for this lady who doesn’t even get on Facebook anymore, so I went to report the account. I reported that this person was imitating another person and had messaged me trying to get me to send money. My jaw dropped, not because I clicked on one of those click bait links, but when I read Facebook’s response. They said the account did not violate their community guidelines. How can stealing someone’s profile pic, their name, and connecting to all their friends not fit the criteria of violation of community guidelines? After attempting other means, I gave up and notified others about the fake account. It still exists at this time.

Then, yesterday, I saw a post from a friend alerting others to someone who had stolen their identity since 2012 (she just found this out). They maintained identical profile pics, though they changed the name on the profile. They posted nearly identical statuses for years. They stole photos and posted them as their own. They renamed family members in the photos as their own. They created a fake GoFundMe page for a funeral that never happened. The lady’s husband also tags the fake profile of my friend constantly calling her his second wife. It’s a conspiracy of absolute idiocy. They are stalkers and they have escalated this to a level way beyond identity theft. This is not a parody account, it’s a literal stalker using the account in a malicious way. This is causing emotional stress, and I would imagine a level of fear for her safety.
Continue…

WordPress Data Migration with MySQL

WP-CLI is a great tool for migrating data within WordPress from the command line, however it’s not always the appropriate or most efficient way to move data around. My rule of thumb is if I am working with unserialized data, I try to use MySQL queries first.

A simple migration script with WP-CLI could take up a lot of I/O and could take minutes or hours to complete depending on the data set. The same query in MySQL can take mere seconds. For example, if you wanted to take meta values from a specific post type, and move them to a new key, the WP-CLI script might look something like this:

Continue…

Installing WordPress and HHVM on Heroku For Beginners

For someone not familiar with Heroku, it can be a bit daunting to get WordPress and HHVM running on a Heroku web dyno after working on a traditional LAMP stack. That’s why I titled this for beginners because I are one and it took me a while to wrap my head around it. Let me also say that I am not a Heroku master and this tutorial most certainly will be agnostic of some of the more technical aspects of Heroku.

This tutorial is also just a means to get WordPress running on a single dyno (server) using the free tier and has not been tested on an enterprise installation. As a point-of-reference, though technically savvy, I do not use https://github.com/mchung/heroku-buildpack-wordpress because the template they use has actual distribution code committed to the repo which relies on a human to continually update. At this reading, some of the plugins are out-of-date, and I prefer to pull distributions from the source using Composer.

Continue…

Redirect www to non-www via DNS

Apps rise and fall on single characters. One misplaced character can tank ten thousand lines of code. The same is true with URL redirection. Most DNS providers have a GUI for redirecting URLs. I’ve learned the hard way that the forward slash character is of utmost importance when using these features. For example, if I want to forward all www traffic to http://coderrr.com (sans slash), all of my traffic for www will end up only on my homepage which is no good for SEO, analytics, user experience, etc…. If I want the DNS provider to forward the entire request, I have to have a trailing slash (http://coderrr.com/).

Using HTTP Auth Basic in WordPress

I was posed with the question as to how to protect a BB forum with a general user/pass for students at a community college. Since the segment that needed securing was not a standard post, but a custom rewrite, there was no way to use the native post password feature. Using .htaccess was also out as that protects entire directories.

Fortunately, PHP allows you to implement auth headers to handle this. Let me first say that I understand that HTTP Auth Basic is not a secure authentication solution, but it is a privacy gate which is all that was requested to help reduce spam, malicious posts, etc.. With the proper hooks, I was able to target the specific URI segment and it worked like a charm.

Continue…

Find all sites on server by IP address

I don’t advocate using the following to hack other sites. I found it interesting that my host was serving pornography from the same box I was using, so I switched to my own cloud server. There are two ways to go about finding other sites on your server. If you don’t know your server IP, you can search

whois yourdomain.com

and there are plenty of sites that will expose the server domain.

Bing IP Search

This seems to be pretty reliable and up-to-date. Bing has an IP operator that allows you to specify an IP address when searching.

Example Search:

ip:70.32.68.69

Hackers will use this operator to find sites running WordPress using the images tab. Once they identify several domains, they can easily ascertain your WP version with the generator meta tag. A hacker can know all of the WordPress installations and versions of those sites without leaving a probing footprint. If there is a known vulnerability with one of your versions, it’s a cinch to attack it. Keep your software up-to-date and your back-doors closed friends. Bing is not your friend with this horrid search operator.

Example Search:

ip:70.32.68.69 wp-content

Continue…

Create a WordPress admin user with MySQL

If you’ve ever been locked out of a WordPress installation, but have access to the database, here’s a nifty snippet to grant you administrator-level access. There are a couple of things you need to do before using this MySQL code. First, set the variables to your own information. Next, if your WordPress installation is based on a non-standard wp_ table prefix, you must find/replace ‘wp_’ with your current table prefix.
Continue…

Mac: Copy the current SVN URL to the clipboard from command line

If you are still using SVN (WHY HAVEN’T YOU SWITCHED TO GIT??), here’s a simple alias you can drop into your ~/.bash_profile . Then type `source ~/.bash_profile` on any current terminal windows to load the alias. Here’s how it works. Navigate to your SVN working copy and type `svnurl` and viola! it’s copied to your clipboard. This is extremely useful for copying/deleting/switching/merging branches via command line.
Continue…

Generate a custom _s (underscores) WordPress theme from command line

I’m building out a new theme for my blog using the _s theme. It’s an exercise in building out a responsive grid. _s is a great theme starter. Underscores.me has a nifty little tool to generate the starter theme with namespaced functions, title, description, etc… for the theme. I wanted to generate the theme directly from command line. Here’s what I used to generate the theme directory with one line (your pwd should be wp-content/themes/):

curl --data "underscoresme_generate=1&underscoresme_name=Coderrr&underscoresme_slug=coderrr&underscoresme_author=Brian+Fegter&underscoresme_author_uri=http%3A%2F%2Fcoderrr.com&underscoresme_description=A+custom+theme+for+coderrr.com." http://underscores.me >> coderrr.zip; unzip coderrr.zip; rm coderrr.zip;

There are four things that happen here:

  • Curl http://underscores.me and send post data
  • Tell Linux to place all returned data into a zip file
  • Unzip that file and create the theme directory
  • Remove the zip file

Continue…

Why My ISP Kicked Me Out

UPDATE: Before reading this, I wanted to note that the ISP made good on a refund. I was refunded the entire amount of installation and two months of service ($686.09). They actually corrected their error and gave me back my cash. I’m satisfied with their actions.

It was early Saturday morning and I was working on some personal projects when my connection started flaking out. I took to my Verizon tethering via iPad and didn’t think much of it until I tried logging back into my home wifi. Everything seemed in order until I tried to browse the web. I was redirected to a hacker radio website and all Google searches were popping off a 404 error at another malicious website. I tried browsing on several devices and the same thing was happening on each. I immediately disconnected all devices from the internet thinking my router had been compromised.

I quickly unplugged my router from WAN and flashed it with a fresh load of DD-WRT. I knew that would destroy whatever was hijacking the router. After about 40 minutes I plugged back in and to my shock, the same thing happened again. I check my /etc/hosts and nothing was out of the ordinary. So, I pulled out my dusty Windows laptop which hadn’t been used in ages and plugged it directly into the ethernet connection from my ISP. The same thing happened on the laptop. I should have started with that, but now I knew that it was coming from WAN.

I contacted my ISP and their 24 hour support line sent me to a voicemail several times. I sent an email to them (via tethering) and went to bed. I woke up at 7:30am and it was still redirecting to malicious websites. I sent another email and asked for a callback. At about 10:00am, the manager called and left a messaging saying they had an ‘outage’. I contacted several people I knew who use this ISP and they confirmed the same at all of their locations. For over 9-10 hours all customers in my city were being redirected to malicious websites from this ISP.

I sent another email asking them to inform their customers of the following:

  • Was handed over to the proper authorities?
  • What happened?
  • How was it fixed?

Continue…