More about karma point than you ever wanted to know

The main spamfilter I use is called SpamKarma, It’s no longer maintained by its originator, but continues to be compatible with WordPress and continues to do a very good job at screening out spam left by robots.

A number of regular site visitors wonder what karma they have and what they might do to risk being sent to spam.

I can’t answer that because SpamKarma doesn’t associated KarmaPoints with specific visitors. SpamKarma doesn’t care about “people”, and so doesn’t try to identify specific commenters. Instead, it diagnosis the comments with specific “symptoms”. The originator devised a method that relied on noticing things spambots do that people don’t do and then also coming up with ways to detect people. Describing precisely what it does ends up being complicated because it does a lot of checks.

Here are some examples of what SpamKarma’s default modules do:

• [[User Level]]: This check does recognize “people”. When I log in, I’m “admin”; that’s the highest user level. When Zeke logs in, he is “author”. WordPress sets and reads a cookie, to recognize me. So, I’m nearly always logged into the admin when I comment and I get positive Karma points. If you are not logged in on the admin side of the blog, your user level is “visitor” and you get no points one way or the other.
• [[Blacklist]]: This is the other way in which “people” can gain or lose points.

  The blacklist tracks IP and domain name information and tags it “black”, “white” or “grey”. The overwhelming IP and domain name majority of entries are added by SpamKarma. I can also add and delete IPs and domain names manually.

  The IP black/white lists keep a log of IPs and count the number of times a comment with that IP was approved or sent to spam. So, if you have commented a lot using the same IP, your comments will get up to positive karma points for this; the number of points seems to depend on the number of comments associated with that IP. On the other hand, if your comment was sent to spam, you will get between negative karma points for that.

  The domain list is similar. SpamKama reads urls in comments and adds them to the white or blacklist. If your “author url” or the content of your comment includes a white or blacklist domain, your comment either gains or loses up karma points. Once again, the number of points depends on the number of times that url has been included in an approved or denied comment. (By the way: This can be more than 5 karma points. If you have a blog or a favorite web page, and you often comment, adding this to the “author url” to a comment that is accepted will ensure future comments are given a extra positive karma points to future comments. This is the single best thing you can do to give yourself “good” karma– even good enough to be able to include “spamkarma words” in your comments. )

  I can also add words like “denier” or “denialist” to a blacklist or whitelist. I rarely add words and SpamKarma never does. I add words to the whitelist if SpamKarma is dinging someone and I can’t figure out why. If your comment contains a black-listed word, you lose 5 spam karma points. (BTW: The number of points you are dinged is a bit confusing for the admin because on the admin side, I enter 100. SpamKarma takes that to mean I want it to ding you 100% of 5 points.)

  Wondering what the spamkarma “words” are? This is the complete list:
  

  Notice Knappenberger is on the whitelist? That’s because he was having trouble commenting a while back. I couldn’t figure out why, so I just manually whitelisted his name, IP, author_url and other features.

  Carrot Eater was disappointed he didn’t get blacklisted by adding a whole bunch of nasty “Godwin” words. Nope. They aren’t on the list. I’ll add more blacklist words if they are used repeatedly in long running blog-spats. Otherwise adding words is a PITA and not very useful. (I could also tweak troll control to include a real blacklist of words. But I don’t think it’s worth the CPU.)

• [[Javascript Payload]]: Most spambots are not javascript enabled. Spamkarma places a code in the comment which can only be returned if your browser is javascript enabled. If your browser is not javascript enabled or you turned javascript off because of privacy concerns, you will get dinged karma points.
• [[Encrypted Payload]]: This is similar to above, but this one involves adding some encrypted info to the comments to force bots or people to actually load the comment form at the blog.
• [[Link Counter]]: Spammers often include loads of links. If you add a lot of links, SpamKarma dings you some karma points.
• [[Stopwatch]]: If click submit too soon after my server sends you the web page, SpamKarma will dub you “Flash Gordon” and ding you points. How short a time? It’s a small fraction of a second. Normal humans are never dinged by this.
• [[Entities Detector]]: This has to do with checking for improper use of html entities to avoid the blacklist filter. Normal humans are rarely dinged by this, but an html < sign can be dangerous to those who have not accumulated any positive karma.
• [[Snowball Effect]]: This hangs up new visitors or established visitors who have brand new IP addresses, especially if they appear and post 8 comments after 10 pm while I am not here to clear their comments.

  What happens is this: Someone SpamKarma does not recognize arrives, post a few comments in an hour or two. They get in a blog-argument, and suddenly all their zingers in response to the person they were talking to are in moderation. Arghh!!!

  The new visitors always think I did this. I did not. The problem is that behavior is indistinguishable from spambot which often find a blog and return if they were successful at leaving comments. (The addition of moderating first comments will actually minimize this frustration for brand-new visitors because by the time they can get into rapid fire blog argument, SpamKarma will already notice an approved comment with a date that is not extremely recent. The snowball effect module will take this into account and be less likely to think you are a spammer.)
  Update: After writing this, I figured it would be nice to fix this a little. I checked the ‘advanced’ settings on SpamKarma and tweaked this. I told SpamKarma to apply “snowball” only if someone posts more than 15 comments in 1/2 a day; the criteria used to be 15 comments in a day. This will spank enthusiastic new visitors less frequently. Based line 113 of code posted here, I think a higher “coefficient” will also apply the snowball spam to fewer comments. So, I increased the “coefficient” from 3 to 4; this should tend to spank people who have some stored comments less violently. )

• [[TrackBack Referrer Check]]: This checks trackbacks left by blogs who included links to my blog in their posts. Some of you will recall I reminded Anna Haynes that trackbacks, not email or leaving a comment, are a standard method of blog-to-blog communication. It is sufficiently standard that SPLOGs or spammers who don’t even have blogs will send trackbacks to try to get links to their SPLOG on my blog. The referrer checks that the trackback at least comes from a real blog that left a link to my blog on their web page.
• [[Post Age and Activity]]: If you leave a comment on a very old post that hasn’t gotten a comment in weeks, SpamKarma gives the comment negative points.
• [[Captcha Check]]: If you get a fairly bad, but not horrific, SpamKarma total, SpamKarma will ask you to fill out a Captcha. If you pass, it will either approve or moderate the comment. It won’t send you to spam. If your initial score was horrific, it won’t present you with a Captcha.
• [[Anubis]]: This pretty much just adds up all the karma points and decides what to do with your comment.

I also use the plugin-add in to send comment information to AKISMET, which reports back whether it thinks the comment is “spam” or “ham”. If AKISMET thinks you are “spam” you are dinged karma points. (Also, if I tell AKISMET you were ‘spam’, Akismet logs that information and it might ding you at other WordPress blogs. So, oddly, if I tell Akismet you are a spammer, Tamino, Anthony, JeffId or other WP based bloggers may discover it thinks you are a spammer when you comment over their. However, Akismet is smart enough to wait until at least a few bloggers told it you were a spammer before doing this to you. Because of this I do try to fish people out of spam if they land in there; Spamkarma then tells Akismet I fished you out. I also send duplicate comments to “trash” not “spam”. )

Why can some people submit comments that use the word “denialist”

Notice that the way the system works, a person who gets positive karma based on their IP, their “author_URL” and various other tests can survive the negative 5 karma points for including the word “denier”. Notice also that I failed to include the plural versions. (D’oh!)

On the other hand, a new visitor who uses a blacklisted word in their first comment will almost certainly get moderated or sent to the spam bin.

Are you worried you might get hung up sing a “bad” url?

Just in case you might accidentally include a bad url in a comment; here’s a descending list:

Blacklisted Domains

If you scan to the right you will see that almost all of these were added by “sk2_blacklist_plugin”. These were added by SpamKarma after their comments were diagnose as being spam. I have, on occasion, added urls manually. More frequently, I remove urls that happened to be included incorrectly. I removed goggle.com and youtube.com today.

What if you get moderated anyway?

Some of you have noticed you have been sent to spam despite doing nothing to anger spamkarma. Yep. This happens. Right now it is happening when I have some server glitches.

I am trying to track the cause of these glitches down. They were evidently due to my running scripts that drew a lot of memory–something I was doing on a personal blog I set up to tally my diet progress for myself. It has no real traffic, but anything to do with dieting gets lots of ‘bot traffic. I had thought that was a good place to test a script to let my auto-generate graphs inside a wordpress blog.

Well… it was a good place to test.

But the test seems to suggest that the memory required to load the php to create graphs exceeds the amount my hosting service thinks I should use. That means it would be a waste of time to try to create that script to run here. This is disappointing because I was going to try to autogenerate graphs here. Well, I’m obviously not going to do that!

Anyway, I no longer generate graphs at my diet blog, and now this blog seems to be throwing fewer server errors. Unfortunately, the number is not zero, so I may need to figure out whether another one of my scripts is a memory hog.

Suggestions

• If you have suggestions on existing free php scripts that I could use to auto-generate graphs– let me know.
• If you have suggestions on “spamwords”, let me know.
• If you are getting “Server errors” and ending up in the spam bin, let me know.
• If you are having other problems commenting and you are not “knittingintl/phinniethewoo/heerbommel , let me know.

One of the hilarious aspect was the method used to freshen the material to avoid copyright infringement while regurgitating the full post:

If that’s still not enough to impress you, here is another nice feature: With the translation module WP Robot can translate any post it creates before adding it to your weblog by using Google Translate or Yahoo’s Babelfish. By translating the content several times (for example from English to German to English) WP Robot can add instant unique, English content to your weblog!

What fun! Let’s see what Bablefish does to a short snippet of content from Roger’s post which quotes the New York Times:

But some advocates for women’s health tried to pressure The Lancet into delaying publication of the new findings, fearing that good news would detract from the urgency of their cause, Dr. Horton said in a telephone interview.

En français

Mais quelques avocats pour la santé des femmes ont essayé de faire pression sur The Lancet dans retarder la publication des nouveaux résultats, craignant que les bonnes nouvelles amoindrissent l’urgence de leur cause, Dr. Horton ont dit dans une entrevue de téléphone.

To Greek:

Αλλά μερικοί δικηγόροι για την υγεία των γυναικών έχουν εξετάσει για να κάνουν την πίεση σε The Lancet μέσα να καθυστερήσει τη δημοσίευση των νέων αποτελεσμάτων, που φοβούνται ότι τα καλά νέα μειώνουν τα l’ επείγουσα ανάγκη της αιτίας τους, το δρχ Horton έχει πει μέσα σε μια συνέντευξη του τηλεφώνου.

I don’t read Greek, but I bet it’s already hilarious.

Now, back to English

But have certain lawyers for the health of women examined in order to they in make the pressure in The Lancet delay the publication of new results, that is afraid that the good news does decrease l’? urgent need of their cause, Dr Horton has said in a interview of telephone.

If this software catches on (and I bet it will), bloggers following our trackbacks are going to read some rather hilarious English in the next few months! (Meanwhile, I’m tempted to download the free version and aggregate 20 blogs. The plugin I was using to compile a climate aggregator failed for some reason, and was consuming ridiculous amounts of CPU making constant requests.)

This is the “Suggest a Climate Link Interface”. It’s still in development. This is how it currently works:

1. Visitors enter a link, suggest a general ‘topic’, ‘source’, provide a brief description and a few tags that might be used to search a database. (Tags are optional. Topics are subjects like global surface temperature, sea ice, etc. Sources refer to things like blogs, newspapers, the IPCC, think tanks and etc. )
2. After they enter the link, the link is stored in a database and listed as ‘pending’. At some point, I will notice the pending link and check it. If it’s ok, I’ll approve the link (and possibly edit the topic, source or add tags); afterwards, the link will appear on the the climate links page and also be accessible from the topics list.
3. The climate links page which is currently just a flat list. I’ll write a script to sort by category later on. Creating searchable sorted lists is the point of using a database instead of just manually adding links.
4. You can already do a little drill down to see all links in a particular topic by clicking the “topic” or “source” link at the climate links page.

Bleg for input!

• You can already enter links. So feel free to do so. (I can’t seem to add Bjorn Lomborg’s site. I need to figure out why. If you don’t get the “Thanks for submitting a link” message after submitting, leave a note in comments.)
• If you have a link that doesn’t fit a source or topic category, post a comment and suggest the link along with a category or type. I can add the appropriate source or topic on the admin side of the blog.

I’m hoping a few of you will test and let me know if you have problems. (If you do, do complain in comments. That will a) let me know so I can fix the problem and b) alert other users not to enter too many links!

The blog owner (i.e. I) can select which languages to offer her (i. e. my) blog in. Then users can click to obtain a sort of translated page. Based entirely on preconceived notions of where climate-blog addicts live, I picked a number of European languages, then threw Hindi into the mix.

If you click a language you can actually understand, the results can be sort of humorous. Below, I have posted the translation into French of the first paragraph from yesterday’s post:

J’ai été bummed que je ne peux jamais scoop Roy Spencer sur les anomalies de température UAH. J’ai secoué mon cerveau à essayer de comprendre comment je peux sortir avec une sorte de “première” lecture de la température de mois. J’ai examiné un certain nombre de stratégies:

It’s interesting to learn the idioms “être bummer” and “pouvoir scooper” have penetrated the French language. And such a novel conjugation for an ‘er’ verbs!

The various translations for the first paragraph include:

1. Spanish: “He estado bummed que nunca primicia Roy Spencer “.
2. Italian: “Sono stato bummed che non può mai scoop”.
3. German: “Ich habe bummed, dass ich nie SCOOP”.
4. Russian: “Я был bummed что я никогда не совок Рой Спенсер на грн температуры”

Those of you who want to have fun learning how far the verbs “scoop” and “bummed” have penetrated foreign languages can click the other buttons.

(If you are the first to click, this warming will appear briefly, “This page has not been translated yet. The translation process could take a while: in the meantime a semi-automatic translation will be provided in a few seconds.”)

If any native speakers are disturbed by odd translations, there is a multi-click method permitting them to suggest a better translation. Find “Back to Translate” link at the top of a translated page; click. Then enter the mistranslated text. Google will translate it again, and also provide a link to “Contribute a better translation”. Click that. Then provide the improved translation.

With some luck, Google will eventually know how to translate all slang and idiom, including words like “shank-a-potamus”. Better yet, the Google translator will help us discover the correct realclimatespeak to ‘common english venacular’ translation of “a few years” particularly when surrounded by text that specifically mentions the year 2007 twice, including an introduction that emphasizes that the new report is “the most important update of climate science since the 2007 IPCC report” and, moreover, is posted on a group blog established in 2004.

Oddly, when I first read RC’s introduction, I noticed the 2007 AR4 was specifically mentioned by the RC authors, so I assumed “Some aspects of climate change are progressing faster than was expected a few years ago” would use

1. “are” to mean “are (present tense) currently observed to be progressing” rather than “can be shown to have progressing more rapidly than the 2001 TAR model hindcasts post-dicted for historic periods predating the TAR” (but oops. Our writing now suggests we did’t bother to compare this aspect of the hind cast to the existing measurements back when we wrote the TAR and disseminated our projections. )
2. “faster than was expected a few years ago”, to mean either a) faster than was actually predicted/projected in the 2007 AR4, and/or b) faster than what was readily available data disclosed in the 2007 AR4.

However, it appears the phrase means something . . . else. If anyone can suggest the correct translation for the google “realclimatespeak” to “common English venacular” robo-translator, please do.

Script Injection

Thank you Stuart and Jonathan for alerting me that their browsers warned them that my site hosted malware. Stuart was the first to alert me and Jonathan gave me the tip that the problem was somethign to do with “odmarco.com”. I hunted around, and found a link to odmarco.com after the html closes in wordpress.

I knew I had to get that out. But how?

My first bet was this was caused by a new plugin…wrong!

So, then I checked the index file of my theme. That’s editable from inside the wordpress plugin panel. I found a script injection in that index.php file. I removed it.

That should have fixed it… so I thought. But no. The script was still in some of my files.

I switched themes: Still there.

So, I went to Dreamhost and checked the fulll wordpress installation, looked at the /index.php file and found that somehow a image had been added after the closing html tag in the file.

If you are a blogger, I advise viewing your file source, and looking for “odmarco”. If it’s there, you’ll need to examine your very short /index.php file at your hosting service and your theme. If you find an iframe at the end of the file, similar to the one I circled above take it out.

For anyone who wants to search the web or help other bloggers, you can view their source and see if you find a string resembling their content: odmarco.com/arwe/?736361acd09ca9717c9462514beb5205

I don’t know when or how malware was introduced, but I suspect a Script Injection Attack. To help me detect any future hacks quickly, I have installed “Paranoid”

Update

Googling around I discovered:

1. The problem may (or may not) originate with some bug at Dreamhost that permits attacks. (People like me could be helpful and make load of files not-writable. But.. well.. customers don’t always think of these things.
2. The script supposedly tries to exploit a problem with Adobe Acrobat. I don’t know what it does.
3. The script is injected on html files and some php files. I have it totally off my blog and this site. I sent a note to Dreamhost because my knitting site is totally infested, and I’m not sure how to quickly get it off the static php files. All the html sites on my knitting blog have mod-dates of May 28, which means the script hit my sites on May 28.

Update II

You have to do more!

The script managed to add that bit of code to every single index.php and index.html file at my site. This means it’s sometimes in various plugin files, templates etc. To protect visitors, one should get them all out, no matter how unlikely they are to ever be loaded.

Fortunately, a nice script is available here. To run it, I:

1. Changed the name of the string after the bit of code that says: protected $string_to_clear = ‘XXX’; You need to put the string you want found and between the ” where I placed XXX. Odmarco is changing their string from time to time.
2. Save the file as with some useful name like “clearOutJunk.php”.
3. Upload that to the top directory of your site. (I put it right up under rankexploits.com.
4. Point your browser to http://yourdomain.com/clearOutJunk.php . The script will pause while it’s reading every file in every directory. It will echo names of files and tell you if it found anything. If it found the string you told it to eliminate, it will remove that string from the file and replace it.
5. This worked like a charm.

Update II

Other issues remained. Dreamhost advised me that I should search all my files to find anything that had been installed or modified recently. (Evidently, the hackers like to hid file with innocuous names and just re-install later!)

I found two batches of suspicious files. One set of changes were made on May 28. Those changes are what alerted Jonathan and Stuart. But another set of changes were made way back on April 7. That’s sufficiently far back that you can’t count on WordPress having old enough back ups to just replace all old files with new ones.

Anyway, I ran the script discussed above to clean out the injected script from all html and php files containing that. I also searched for all files from April 7, checked they weren’t right and deleted those. I also checked looked at everything between April 7 and today and deleted anything and everything I no longer need.

I should be totally clean now.

Is this enough to ensure the blog is properly saved? No.

Only the text for blog posts and comments are stored in the database. However, my blog (and most climate blogs) frequently display linked images. I self host most my images; this means most images are stored on my hosts server. If that server went down and neither my hosting service nor I backed up my files, some content would be lost.

Lucky for my, my hosting service does back up their servers. So, I mostly count on my host to maintain backups for the site. But, I had a problem with a hosting service many years ago which left me a bit paranoid about hosting services.

To ensure my images aren’t destroyed, I manually back up the most recent month’s entry in the wp-uploads folder in the wp-content directory for wordpress. How often? Well.. not often enough. I back up the previous months uploads the beginning of each month; I store these at home on my mac.

If my hosting service lets me down, I might, theoretically, lose 1 month’s worth of images. However, for the most part, after about a week of aggravation, the blog could be reconstituted on a new host with little loss.

Meanwhile: Let’s all hope Climate Audit gets their hardware issues sorted.

Most things worked just fine. However, the display on the admin side goes wonky. See how the sidebar extends over the text describing plugins?

Figure 1: Plugin Control for WP 7.2.1

I had no problems upgrading my knitting blog to 2.7.0. The admin panel is totally revamped but, at least in my case, upgrading went smoothly in all ways. I had no difficulties with plugins, themes, or anything. (I have read some bloggers did have problems with 2.7.0. You can google to find work arounds for that issue.)

My advice: If you’ve upgraded to 2.7.0, wait before upgrading to 2.7.1 Give WordPress time to iron out the bugs or bloggers time to report a work around for pesky issues.

Some of you will recall I wrote a first draft of a troll control plugin, which would display comments from trolls to the troll, but not others. However, I discovered that method used too much CPU when comment threads were long. So, I devised another method which used less CPU. This was given the development name of “Troll Control 2″.

The only difficulty was both methods prevented me from using the wp-cache plugin; the result was slower loading pages, and greater CPU use. So, I used Troll Control 2 from Sunday morning to Monday afternoon. Soon after… well.. ya’ know. I reactivated the plugin last night.

As I want to leave the plugin active for at least a week, I examined wp-cache, and I think I found the method of dealing with the troll. I’ve tested this by labeling and unlabeling myself a troll, and activating and deactivating cache. However, because of the vagaries of self testing which requires me to not only clear the wordpress cache but that on my local machine, I’m always afraid I goofed.

So… if you are blocked from viewing or posting comments, and you are not the troll, click the contact link and let me know.

These visitors are known as “Trolls”. They are difficulty to deal with.

To make it a little easier to deal with the occasional troll my blog attracts, I have written and inconvenient to use WordPress plugin. The benefits of the plugin are, after you upload and activate the plugin:

1. For the first “N” minutes, the comments from individual trolls will display to the troll only. After that, they will display. This permits the trolls to participate in conversations to some extent, but also gives you time to edit or delete the more egregious aspects of the comment.
2. You can add multiple trolls.

The inconvenient features of this plugin will be obvious: You need to manually edit your theme and some of the plugin code.

Steps to use plugin

1. Click to download the plugin Troll Control Plugin (zipped).
2. Unzip the plugin. Near the top of the plugin find a block of code that looks like this:

   // edit parameters in parameters in the next four lines block to match any INDIVIDUAL troll.
$the_troll_names=array('Troll','Troll Sock Puppet');
$the_troll_email=array('troll_email@gmail.com');
$the_troll_IP=array('99.99.99','77.77.88.13' );
$the_troll_opt['the_troll_minutes'] =300;
 

$the_troll_opt['IPs']=$the_troll_IP; // don't edit.
$the_troll_opt['the_troll_name']=$the_troll_names; // don't edit.
$the_troll_opt['the_troll_email']=$the_troll_email; // don't edit.
array_push($the_trolls_parameters,$the_troll_opt); // don't edit. this adds your troll with all his descriptors to the list of trolls
// END BLOCK.

3. Edit the first four lines to identify your troll. If your troll visits using the name “Mike” change array(‘Troll’,'Troll Sock Puppet’) to array(‘Mike’). Edit the emails, and IP addresses accordingly. You can have more than 1 identifier in any field.
4. Decide how many minutes you want to delay the troll. I set 300 minutes as the default. This way, I can go to bed at night and reduce the risk of troll eruptions. Don’t delay more than 3 days. To save CPU the plugin skips comments more than 3 days old. (If someone needs to be delayed more than 3 days, you should just ban them.)
5. If you have a second troll, copy the whole block, re-paste, the edit.
6. Save the edited file.
7. Back up your version of WP. (All instructions for uploading plugins say this as a precaution.)
8. Upload into your plugins directory and activate. It will seem nothing happens.
9. Visit the design to edit your WordPress theme. Open your comments.php file. Find the “foreach” statement (or whatever php command your theme editor used. Add two lines of code to set a value a variable I named $block. It should look sort of like this:
   
   foreach ($comments as $comment) :

   if(function_exists('Check_The_Troll') ){$block=Check_The_Troll();}
else{$block=0;}


   Now, find the bit of code that actually displays your comment author, email, comment numbers and the comment. Wrap an “if” statement around that, sort of like this:

   if($block!=1){
PUT All CODE TO DISPLAY COMMENTS IN HERE
}

   If done correctly, the troll control rules will now be enforced. If you don’t know any php, and can’t tell where php code starts and html code begins, get a friend to do this for you.

When this is running during the “troll time out” period, the blog owner will see the troll comments, along with some information added to let you know it is a troll comment. The troll will see the comment and will think others are seeing it. No one else will see the comment.

If you don’t answer the troll, this functionality enforces the “Don’t feed the troll” rule. If this plugin is not enough to deter your particular troll, you will need to escalate to banning the troll.

After I’ve fully tested this inconvenient plugin, I’m going to create a user interface to help bloggers add and subtract troll data more easily. However, users will always have to edit their theme a little. I’ve also modified the “get_recent_comments” plugin and “subscribe_to_comments” plugin to further isolate the troll. I’ll explain those modifications when this is perfected.

Do me a favor!

This plugin is currently running at my blog. I tested it at my testblog, but there are always limits to self-tests. You could help me test the plugin by entering a comment and claiming your name is “Troll” or “Troll Sock Puppet”. Then email a friend and ask them if they can see your comment.

Report back!

Update
1:07 pm. It looks like a number of Troll Sock Puppets have appeared. Thank you. I noticed the comments were properly “disappeared” in comments, but appeared under “recent comments” in the sidebar. I modified the recent comments plugin and now I don’t see them there either.

1:23 Comparison of comments seen by admin and by non-troll visitor. (Click for larger.)

Figure 1: Comments as seen by logged in administrator.

Figure 2: Comments as seen by non-trolls.

1. A wide center panel to show large images.
2. Three columns, each at least 160 px wide so eventually, I can shove in various ads, feed buttons, links etc. I like them even wider so aging eyes can increase the font size and still read the content. (I use the ad money to pay the server charges. It worked at my knitting blog; it’s might work here too. )
3. Recent comments / trackbacks showing.
4. An edit function so users can edit their comments for five minutes after they comment.
5. A fairly large comment entry box.
6. Comment numbers so people can cite previous comments.
7. Links to commenters’ web sites with “follows” to those who comment frequently. (I need to tweak this.)
8. Ensure images in previous posts continue to float the way I intended!
9. Include html tips for commenters. (I need to get this implemented.)

So far I have most of that implemented. But, I’m also taking suggestion (provided they aren’t to difficult to implement.)

Appearance Issues

One difficulty with web sites is they look different on everyone’s screen.

Commenter ‘fieldnorth’ kindly posted a link to http://browsershots.org/ which lets me examine screen shots from a wide range of browsers. I know my theme is fairly wide– to accomodate large images. But, at least it’s not positively broken on any I’ve examined so far. But there is no substitute for asking viewers whether or not they can read the blog!

So, let me know if it looks dramatically different on your screen. To help me fix problems, do be specific if possible. Here’s what the blog looks like on my screen.

For today, I have various “containers” outlined– this helps me identify the source of problems. They’ll go away in a few days. But, it would be great if you could tell me if you see text flowing outside those boxes. Problems with CSS can result in odd behavior– like missing sidebars, missing content, text flowing outside the boxes etc. If you see any obvious glitches, describe them– and tell me what browser you are using!

I had quite a bit of work to do, dealing with mixing from a jet emerging from cyanide containers, so I couldn’t organize a real post. But, I decided to take a little time out to write a new plugin, which has the working name: “Slow Down Boris”.

What this plugin does will do when it’s finalized is:

1. Count how many comments a known frequent commenter has left in the past “N” hours. The tally will start at “0″, increase by 1 when a comment is made by the “frequent commenter”, and decrease by 1, if someone else responds.
2. When a frequent commenters tally hits “3″, the plugin will hide the text in that comment from other users for several hours. Meanwhile, plugin will tell the frequent commenter to slow down, but let them see their own comment.
3. If another user comments, the “count” for the frequent commenter will decrease. So, this should slow down any debates involving more than one person.

I may adjust the algorithm, and I’ll be creating an option panel so other bloggers can use it. So, if you have suggestions, fire away. Meanwhile, if you notice glitches, let me know.

This plugin is dedicated to my Muse of the day: frequent commenter Boris. I value Boris’s comments, but like many enthusiasts of “climate blog wars”, he gets a little carried away from time to time and forgets to let other people take their turn posting.