Security Detail
So it turns out that TextDrive turns on the “mod_security” application firewall by default and this is what is leading to all of those “Error 412: Precondition Failed” messages on Zero to One-Eighty. Most notably, this error message is appearing when you try to use any of the navigation links from the “Say What You Want About the Tenets of National Socialism Dude…” post. Something in that title “pollutes” the HTTP request to the server, triggering an anti-spam rule and causing it to reject the page request. Offsite links are not affected by this problem.
Basically it seems that mod_security is a catch-22, at least from a user perspective. If I leave it on it will prevent a ton of comment spam without me having to lift a finger. On the other hand even some of my own posts (e.g. in comments) will be rejected. Whatsmore, its not exactly easy to tell whether something you’ve written will trigger one of the rules. If I turn it off on the other hand, anyone will be able to post anything, and then, presumably, the comment spam will have a much easier time getting through.
Probably the answer will be to turn mod_security off and install a WordPress anti-spam plugin, but until I decide on an appropriate course of action the bottom line is this: If you try to contribute something to DR and you get one of those annoying messages, please head on over to the Contact page and drop me a line to let me know. Meanwhile, I’ll be looking into what others have found to be effective solutions. I would certainly appreciate your feedback if you encounter problems.
Addenda (April 25)
A.M. Update
Since I’ve been having trouble here and there with error messages all over Zero to One-Eighty I’ve decided to turn the SecFilterEngine for mod_security off and see if that makes things more livable. The site should now be navigable without all of those annoying dead ends for pages that are actually there. Sorry for any troubles you may have while I adjust to the new environs. As I said earlier, please let me know if you’re having trouble with anything at ZTOE and I’ll look into it pronto.
P.M. Update
I returned to the Tamba2 WordPress Guides in the search for answers and found some more good advice from Podz. And so it is that Dead Reckoning now employs the Strike Team of spam-fighting: Michael Hampton’s Bad Behavior administers crowd control, and Dr. Dave’s Spam Karma 2 springs out of the shadows to pistol-whip any gatecrashers that manage to sneak through. I checked the Bad Behavior logs about 30 minutes after I’d installed it and it had already beaten off 4 spam attempts. Those Strike Team boys get results. I’ll let you know how it goes.
Crowd control. I like that. Mind if I use it? :)
April 29th, 2006 at 8:06 pm #
Be my guest, it’s the least I could do. Bad Behavior is doing an awesome job—delivering 81 stinging rebukes in just four days of operation at Dead Reckoning—and I shall be recommending it far and wide. Thanks for providing such an effective solution. (You should ask Michael Chiklis if you can use his picture.)
April 29th, 2006 at 8:23 pm #
Only 81? I get more than that in a MINUTE sometimes. :) By the way I’m hard at work on version 2, a major rewrite. Be sure and follow its progress.
April 29th, 2006 at 8:42 pm #
Yes, well, hmmm. It’s early days. I’m still bracing for take-off, it should be any day now. Let’s hope your version 2 is ready when my little baby hits the big time. Thanks for the update, I’ll be checking in.
April 29th, 2006 at 8:52 pm #