[Looking for Charlie's main web site?]

"Hidden Gems in ColdFusion 2018", a multi-part series on the Adobe Portal

Over the past few weeks I have been begun posting a multi-part series of blog entries on Hidden Gems in CF2018. This is being posted on the Adobe CF portal, rather than here (by my choice).

It's basically presenting the same info I've been offering in my talk of the same name, such as at conferences like CF Summit and CFCamp last year, and that I will at the CF Summit East 2019 in DC in April. Of course, in blog form I can elaborate things a little more.

So far I have done the following parts:

[....Continue Reading....]

Top 10 CArehart.org blog posts of 2018

Yep, I'm a bit late on this. :-) Here are what I might propose to be the top 10 posts of mine from 2018 (by my own choice, and in reverse chronological order):

[....Continue Reading....]

Top 10 CArehart.org blog posts of 2017

With the passing of each year it's good to look back and highlight some of the most interesting posts of the previous year. These aren't in order by any metric, they're just in an order I think may interest most readers.

The first several are in fact resource lists where I pulled together resources, to help people in addressing some specific topic/challenge, which is something I enjoy doing as a contribution to the community. Sometimes the posts are related to the consulting work I do, but not always (just like some of the conference presentations I do, which are nearly always about CF, but not always about CF troubleshooting).

You'll see also a couple of posts that point to resources where I've been contributing time and content elsewhere (taking away somewhat from my posting things here). First, I've done about a dozen blog posts on the new Adobe CF Community Portal. Second, I've done about a dozen webinars for the FusionReactor folks. I've debated posting each one of those here as I did them (as blog posts here, I mean, throughout the year), but for now I had instead just opted to create a post for each of them last year listing what all I'd done.

Enjoy.

[....Continue Reading....]

My recent articles on the Adobe CF Community portal

As some of my readers will know, Adobe has recently created and opened a CF Community portal, for folks to share blog posts, testimonials, showcases, and more. It's even an alternative way to participate in the Adobe CF forums.

Anyway, I have contributed several blog posts (some really article-length, and all written as standalone "articles", so I am referring to them that way here, and in my "articles" page).

I wanted to point to them out in a post here as well. I was also torn about whether to post them in their entirety here, whether before or after posting them there, but for now, I have posted the content only there.

[....Continue Reading....]

Easily finding cached/old versions of a site/page when it's down or gone

Have you ever had a web site "go dark" on you? or found that a given page on a site somehow disappeared? Maybe it's only temporary (there may even be a "we're down" message, though the site or server may just fail to respond at all), or maybe the failure of the page or site will be permanent.

The good news is that there are at least two easy ways that you may well still be able to see that content you may be missing:

  • the Google cache (to at least see the last version which Google may have cached)
  • the internet archive "wayback machine", which often lets you see YEARS back in the history of a page or entire site, including one that may be long-gone.
  • and still another couple of options

TLDR;

Try putting either cache: or web.archive.org/ in front of the URL of whatever page you're trying to visit, as in:

http://web.archive.org/https://www.carehart.org/index.cfm

to perhaps see years of archived versions of a page/site.

Or to see any Google snapshot of the most recent cached version of a page, use this in a Google search,

cache:https://www.carehart.org/index.cfm

Either may or may not work, for various reasons I explain below. And note that this works for domain names or individual web page URLs. You may find that it also works with or without the protocol (http:// or https://), but try using it the other way if one does not work.

For much more, read on, as I share tips (and gotchas) on using both tools.

[....Continue Reading....]

The 100 most interesting posts on the Adobe ColdFusion blog, the past 3 years

The Adobe ColdFusion team blog often has really some interesting content, but I find that some people are either not aware of the blog or just don't keep up on it, or perhaps they have trouble finding something they saw before or maybe heard was there.

So here I present what I feel are the 100 (technically, 105) most interesting/useful posts made there over the past 3 years (2014-16), offering information about CF and CFML which should be valuable to readers for years to come.

[....Continue Reading....]

All My Blog Entries for 2012 (all but 3 about ColdFusion)

Note: This blog post is from 2012. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.
Following up my last blog entry (highlighting the top 10 most-viewed entries for my blog this year), here's a listing instead of all the entries I've done this year, if it may help someone more easily review if they missed any that might be interesting.

I present the list in two forms: first, just a list of all the entries (31 of them), and second, broken down by category, in case some category may be more interesting to you.

The entries

Here are the 31 entries, in descending order by date.

[....Continue Reading....]

Most-viewed ColdFusion blog entries of 2012

Note: This blog post is from 2012. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.
As the year comes to a close, many bloggers take a moment to document the most-viewed entries of the year on their blog. In that spirit, here are the top-viewed entries of the year for my blog.

I have more to say about the list (and such lists) below, but for those who like to "get to the point", here's the list:

[....Continue Reading....]

Blocking comment spam in BlogCFC (or it could be adapted to others)

Note: This blog post is from 2009. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.
Want another tool to help battle blog comment spam? Here's an approach I use that may benefit others. I look for certain bad URLs being referenced in the comment, and if they exist I block the comment. Sure, there are other solutions. I've wondered for a while about sharing this code publicly like this, but I get enough people who've asked for it that I figure I may as well.

Update: Ray has clarified (in a comment) that BlogCFC does already have this functionality, in the "trackback spamlist" feature (on the Settings page of the BlogCFC Admin). I thought that had only to do with track backs, not comments. If you're using BlogCFC, you should use that feature to achieve what I describe here. But some of the thoughts and techniques may still interest some.

What's the problem, for bloggers and commenters, and why Captcha isn't enough

We all know that comment spam is the bane of our existence. How many times have we seen comments referring to wowgold or battery crap or some foreign characters we can't even read. Sure, captchas and other tools are intended to try to stop it. But some still gets by those. These are often real people typing this in, so they get by tools that try to block automated entries. (I appreciate that some tools do still more. Check out the link above to learn more of them.) For those still interested, press on.

These spammers are clever: they'll repeat words from earlier in the blog entry, or from some other commenter, or even from some entirely different blog entry, hoping the blog owner won't notice that a shifty URL has been planted in the text (or the URL field of the comment form), all trying to get a little Google pagerank love for the URL they're pimping.

So I wanted to come up with my own solution that simply detected and blocked any comments with references to those bad urls. What I did works for BlogCFC (admittedly an old edition), but the concept can be of value to you regardless of the blogging software you may use.

And to be clear, this bane of blog comment spam is not just an annoyance for bloggers themselves, but also any who are blog commenters. Most blog software is setup to send us commenters a copy of any other comment someone posts. Even if a blogger is diligent about catching and deleting such comments (so they get no pagerank love from being posted), some of the damage is done in that the fellow commenters on that entry did get the email.

My solution

Again, I wanted a solution that let me detect and prevent submissions of spammy URL references. There's no blacklist for keywords in the version of BlogCFC I have.

Even then, I realize some don't like doing blacklists of keywords anyway, since you can get false positives. Then there's the challenge that if you look for some words, the spammers just change them. But for the problem above, their goal is to get their URL listed.

So I was interested in looking only for URLs, not just any "words". Further, I want to check in both the content field and the URL field of the comment. (And if it meant I blocked someone who was merely mentioning one of these spammy URLs, in a helpful way, I'm willing to risk that false positive.)

My approach

So the way I do it is that I created a file to track the bad urls. When I get a comment that's got content that's spam, I put any domains it refers to into that file (and then delete the comment, of course).

Then before accepting any new comment, my code reads that file (yes, on each comment submission. I could optimize things, of course, reading the file for a cached period. I could also offer an interface to more easily add URLs to the badurl list file. I just haven't gotten to that. For now, I just edit it, maybe a few times a month after having gotten most of the common crap URLs under control.)

About the blacklisted urls file

Rather than post the badurls.txt file here, you can leave me a comment (which will ask for your email address which is not shared and your URL. Tell me the URL of your CF blog), and I'll send it to you directly. Don't want to give away intel to the spammers, plus by me sending it along you'll get the latest.

Another thing I could do is create a service where the badurls file is kept and accessed/updated centrally. Again, just haven't gone to that yet. Nor even creating a Riaforge project for this. I'll wait to see what people think.

The badurls file is really just one big long list (comma-separated) of bad domains. Here's just a sampel of the first few entries (it's all just on one line):

dedikodulu.net,acrobatajans.com,dosyapaylasim.net

Note that I don't bother using the full url, and I even leave off the www. part, since some spammers use sobdomains. Of course, I wouldn't add to the list a domain that looked like it could be legit. But if it looks suspicious, it's black listed.

What do the spammers see?

I don't tell the spammers that I'm rejecting them because of the spammy URL. I just report "Invalid request" as an error. I also happen to email myself when people attempt to send comments (in case they have problems with the captcha or for some other reason their comment doesn't make it), so I have fun watching how the spammers flail about trying again and again to get their crap in. :-)

I figure if it was a false positive and someone REALLY sincerely felt that their comment should be let in, despite their referring to one of these urls and getting rejected, they could just contact me directly (as I offer a contact link on my blog, or they may think to enter a plain comment. Again, these are rare instances, I think.) The benefit for cutting down on spam comments has far outweighed the risk.

Update: With regard to the BlogCFC "trackback spamlist" feature, I'll note that it doesn't offer any feedback at all if a comment has a blacklisted keyword/url. It just closes the form as if it took, but the comment is not posted.

What do I do with the badurls file? Show me some code.

I drop the badurls.txt file into the blog root directory (typically blog/client in blogcfc), in the same directory with the addcomment.cfm template. In that file, I make just the following 3 edits to that addcomment.cfm template.

First, I add the following that reads the file in:

<cftry>
   <!--- ought to cache this and refresh when file changes --->
   <cffile action="READ" file="#expandpath("badurls.txt")#" variable="badurllist">
   <!--- the next line is just to test if the data in the file is in fact a valid CF list. if not, email me --->
   <cfset listerrcnt = listlen(badurllist)>
   <cfcatch>
   <cfmail to="whoever" from="whoever" subject="failure during blog addcomment, badurl list processing"><cfdump var="#cfcatch#"></cfmail>
   </cfcatch>
</cftry>

And in the addcomment.cfm test I place some more code for adding a comment which should go inside this line:

<cfif isDefined("form.addcomment") and entry.allowcomments>)

and after the first IF test for:

<!--- tests to block spammers --->
).

I added this:

<cfif findlist(badurllist,trim(GetHostFromURL(form.website))) or findList(badurllist,form.comments)>
      <cfset errorStr = errorStr & "- " & "Invalid request" & "<br>">
   </cfif>

Sure, I could have done that in CFSCRIPT. Same with the next chunk coming up. Feel free to change it if that suits you. :-)

Needed (and created) a new UDF, FindList

You'll notice this calls a udf, findlist, which does something that surprisingly no built-in function does: searching one string for any of several items in a list. (For an explanation of how it differs from listfind and listcontains, see the version posted at CFLib. That udf is a little more complicated, as I expanded it based on some feedback from others.)

<cffunction name="findList">
   <!--- FindList, from Charlie Arehart--->
   <cfargument name="valuelist" required="Yes" type="string">
   <cfargument name="stringtocompare" required="Yes" type="string">
   <cfset var found=0>
   <cfloop list="#arguments.valuelist#" index="x">
      <cfif findnocase(x,arguments.stringtocompare)>
         <cfset found=1>
      </cfif>
   </cfloop>
   <cfreturn found>
</cffunction>

Hope all that may help someone. Feel free to comment.

If a tree falls in a forest and comments are disabled, how will you know? (COMMENTS WORKING AGAIN)

Note: This blog post is from 2009. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.
Oy, computers. Have you by any chance tried to leave me a comment here on my blog? Or tried to do a search of the blog? Sadly, neither would have worked. In the case of the search, it just never limited the results to entries with the search text. In the case of blog comments, it just kept showing the form and ignoring what you typed. I'm really sorry for any who may have been entering comments all this time, to no avail.

When I noticed I was getting no more comments, I knew something was up, and it turns out both were caused by the same thing. The issue was that a couple of weeks ago I switched my site to a new server (more on that later), and in the midst of the move I made a slight configuration mistake.

The bummer is that no one ever wrote met to tell me that their comments weren't taking. I offer my email address in a pod on the right of all pages. :-( Oh well. Problem solved now.

More Entries

Copyright ©2019 Charlie Arehart
Carehart Logo
BlogCFC was created by Raymond Camden. This blog is running version 5.005.
(Want to validate the html in this page?)

Managed Hosting Services provided by
Managed Dedicated Hosting