Disable Bad Behavior in the plugins section of your site’s control panel. Apparently the blacklisting service used for Bad Behavior was giving a false positive to anyone actually using Bad Behavior, so you would be blocked from your own site.

To correct the issue after disabling, update to the newest Bad Behavior.

• Lux Bakery & Cafe » New Cafe that took over the space of Chooby Doo in Austin. I haven’t tried it yet, but I just noticed it last week.
• eEye Digital Security »
• WP 2.3 Related Posts « WordPress Plugins »
• Firefox 3 Beta 1 now available for download »
• Hackers Use Banner Ads on Major Sites to Hijack Your PC »
• Privacy Rights Clearinghouse »
• Joopz » free web to phone to web text messaging

• TF2 Wiki »
• Fawnt » fonts… web2.0 stylee
• WordPress Super Cache » updated chaching for Wordpress, supposedly plays much nicer with plugins.
• Steampunk Keyboard Mod »
• GlassBooth » Find out which candidate most closely coincides with your views.
• Human Body in a Vacuum » How would the unprotected human body react to the vacuum of outer space?

This is a fairly large update with many new additions. So definitely backup all your stuffs before upgrading. I will be doing so after this post!

(I’m fearful of my tag migration!)

edit: success!

Wordpress has an upgrade out, and drzy has been updated to the new version. Apparently this is a pretty major release including many new features, RPC calls, and bug fixes.

As usual, let me know if any weirdness occurs.

drzy has a new theme, as you’ve probably already noticed. I adopted the DarkMambo theme by rkcorp. It is very clean and I’ve gone back to a dark theme for the site. Very dark. Reasons for the change? My old theme was great but based on Wordpress code way prior to Wordpress 1.5. This made me have to hack it and hack it to get it to work properly or to use new features. This resulted in a cluster of unwieldy code. The choice came to be: either build a new theme from scratch, or adopt a new one.

When I first started using Wordpress, the theme choices were pretty minimal. I just chose one with all the features I wanted and adapted it to my liking. (The old theme was based off Andreas, which was based off a couple others.) I was set on making my own theme this time, but gave a look at the galleries of themes for some ideas. To my surprise the theme community has exploded, and there were tons that I tried out and liked. DarkMambo was among the best. I love its clean lines and form. It is rather “web 2.0″, but not overbearingly so.

So, over the next few weeks I will be tweaking the theme to work with everything drzy-ish. It was somewhat incomplete, but I have filled in things like a 404 page and a proper archive listing template, among other things.

Thanks to rkcorp for coding this little gem. He has some other great themes on his site that I also considered, so take a look. or peruse the very large collection at the official Wordpress theme gallery.

My bad karma must not have totally eclipsed my general luck, as the one time I decide not to upgrade immediately to the new version of WordPress is the time that the WordPress download site is hacked and the code modified to include a PHP exploit!

from WordPress.org:

This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.

It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution.

Luckily, drzy has been sitting at version 2.0.9, due primarily to laziness, and compounded by the fact that they released a trillion versions within a week.

Is version 2.0 affected?

No downloads were altered except 2.1.1, so if you’ve downloaded any version of 2.0 you should be fine.

So, if you are one of the unlucky early adopters, click the first link and download version 2.1.2 to remedy your compromised site.

Wordpress 2.1 codename “Ella” is out.

I usually upgrade right away, but this is a pretty major change, so I’m still trying to gauge whether all my plugins will work before I switch drzy over. Especially since I have slightly modified some of the files by hand.

edit: I took the plunge anyways. After all, backups are pretty easy to restore. The category-link merging has slightly messed up my left sidebar layout and the way I imagine the site to work. Also, pages are no longer connected to posts, so the “About” page keywords do not work. Otherwise, everything else seems to function.

Once again, let me know if you find otherwise.

The peeps at Wordpress decided to to fix a php vulnerability and was couple more things with a new release of version 2.0.7. They reported that 2.0.6 would be the last release before 2.1, but I guess it was severe enough that an immediate patch was warranted.

The 2.1 release is still set for the 21st of the month, so we’ll see how that goes.

drzy has been updated. Again, if anything looks screwy, see you in St. Louis send me a message.

Wordpress 2.0.6 has been released. It includes some security fixes and minor bugfixes detailed here.

Here’s what’s new:

• The aforementioned security fixes.
• HTML quicktags now work in Safari browsers.
• Comments are filtered to prevent them from messing up your blog layout.
• Compatibility with PHP/FastCGI setups.

For developers, there’s a new anti-XSS function called attribute_escape(), and a new filter called “query” which allows you filter any SQL at runtime. (Which is pretty powerful.) Thanks to Mark Jaquith for handling this release and Stefan Esser for responsibly reporting the security issue.

The Wordpress team states that this is the last update until version 2.1 is released.

drzy.com has been updated to this version. Please send me a message if anything acts up.

Wordpress has been updated to version 2.0.5. Foolishly, I immediately updated the site without more than a glance at the new features. But, luckily, aside from a few minor hiccups, everything is working as swimmingly as it had been before. Plugins and all.

If you notice any weird anomalies, let me know through email, comments, or on the forum.