AKA Marketing.com Logo            VISIT THE BLOG            

Blogged thoughts, is our web blog. Expect views, opinion, rants and tirades about everything and anything 

« Home / Forums »        

 


Subscribe to our SEO / IT related blog by entering your email address below

Blogged thoughts

| by the www.akamarketing.com team

Archive for the 'Internet' Category


Introducing Google Analytics API with asp.net / C#

Saturday, April 25th, 2009

Recently Google released it’s Google Analytics API into public beta, which means any old joe soap developer can give it a go without having to apply. Despite the fact I didn’t apply for the private beta I’ve been looking forward to this API for a long time… I know, I know get a life. Seriously though this opens the door to some pretty tight integration between web / mobile / desktop apps and analytical data, the possibilities are endless.

Google Analytics Data Export API
The API is easy to use and works with standard HTTP requests which return XML feeds so you can use it from any programming language. I’m going to explore the API more over the next while but I’ve used it below to pull the top 20 content items from an Analytics profile along with pageView counts for each.

Before you dive in please have a look over the developer guide but the Protocol page in particular.

http://code.google.com/apis/analytics/docs/gdata/gdataDeveloperGuide.html
http://code.google.com/apis/analytics/docs/gdata/1.0/gdataProtocol.html

Using the Analytics API mostly centers around 3 key tasks which include Authentication, Account Authorization Query and finally profile Query. Account Authorization Query is not required if you know the numeric ID of the account/profile combo you need to access. All these steps include (in a nutshell) loading a webpage and examining the response for what you need. I’ll go through these steps with code later on but here’s a plain english overview of what’s involved first.

Authentication

You need to tell Google which user your app is representing/requesting data for. Google offers three ways to authenticate your app for access to a certain Google Analytics profile. These are AuthSub, OAuth and ClientLogin.

AuthSub means Google manages the entering of the username/password of the account you want to work with. This will be reassuring to a lot of people as they login via Google.com and your app will get access to only the services they explicitly approve (in this case Google Analytics). Drawback is you lose a bit of control and Google displays nasty warning messages of differing severity depending on a number of things.

OAuth is kind of an open standard version of AuthSub which can be used for authorising the use of data in many apps (not just Google ones). A security certificate corresponding to your app must be uploaded to use it.

ClientLogin on the other hand is more traditional and requires your app to request username/password from the user or manually define (perhaps in the web.config file) it if it is static. If it is static and your working with the same account (your or your clients account) all the time this is not a problem but if your application works with arbitrary accounts, users of those accounts may be uneasy about giving you their Google login details as you might use it in an unethical way or store it stupidly and later be hacked. Additionally when they give your app their user/pass combo they are giving you access to their entire range of Google services which they use (not just Google Analytics).

Therefore depending the type of app your building one authentication mode may be more appropriate than the others. I’ve written C# code which utilizes both AuthSub and ClientLogin authentication which I’ll step through later but if you want to read more about OAuth please visit OAuth Authentication for Web Applications

Account Authorization Query

After your app has ‘logged in’ (authenticated) you need to retrieve the profile ID of the account/profile combo which you want to query for certain data as this is required in the next step. If you intend querying the same profile(s) all the time then you can manually retrieve IDs for these profile(s) via the Google Analytics GUI, simply login and click the ‘Edit’ link listed beside all your website profiles, you will then see the ID listed on the next page. You can hardcode one or more profile IDs into your web.config if you like. If you will not know which website profiles your app will query ahead of time you must run an account query first from which Google will return all website profiles your authenticated user is authorised to work with.

Profile Query

When you are authenticated and have the ID of the profile you want to query you can then do just that, query. This step like the others before involves submitting a HTTP request (asking for a webpage). The response from that request is an XML feed with all the data you asked for. You define the data you want by configuring query params for your aforementioned HTTP request.

Step through - Top 20 page titles by pageview count for March 2009

OK lets actually see how to get our hands on some data. I’m going to grab the top 20 pages (by pageviews) for March 2009 and just output that data in plain text. A rough demo I put together is located at http://www.davecallan.com/analytics/, source code is available at the end of this post.

How to make a HTTP Request (with specified headers) with ASP.NET/C#?
The whole API is HTTP request based so you’ll need to know how to do this. I’m using the below method as a kind of helper when I need to interact with the API at all. The main classes of interest here are HttpWebRequest and HttpWebResponse (if anyone cares these are (roughly speaking) equivalent to using Curl in PHP). Both of these classes are located in the System.Net namespace.

public static string GArequestResponseHelper(string url, string token, mode mode)
{

HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(url);

 //will always be a token of some sort required in the header but the format
 //it is passed in will depend on what type of authorization is being used
 if (mode == mode.ClientLogin)
 {
     myRequest.Headers.Add(”Authorization: GoogleLogin auth=” + token);
 }
 else if (mode == mode.AuthSub)
 {
     myRequest.Headers.Add(”Authorization: AuthSub token=” + token);
 }

 //obviously you need some kind of try/catch here
 //but OK to bubble auth/connection failures up for demo
 HttpWebResponse myResponse = (HttpWebResponse)myRequest.GetResponse();
 Stream responseBody = myResponse.GetResponseStream();

 Encoding encode = System.Text.Encoding.GetEncoding(”utf-8″);
 StreamReader readStream = new StreamReader(responseBody, encode);

 //return string itself (easier to work with)
 return readStream.ReadToEnd();

}

The above code requests ‘url’ and returns the response to the calling code. You’ll need to import System.Net, System.I0 and System.Text to use it. The Google Analytics API requires (well not always but mostly) authorization tokens to be included in headers which are sent along with requests to the API. An example of how an authorization key is included via HTTP headers when AuthSub or ClientLogin mode is used is also included above. You’ll notice the expected format of the Authorization header changes slightly based on what authentication mode your app is using.

How to authenticate (step 1 of possible 3) using AuthSub. (ClientLogin can be used here instead)
As outlined by Google on the Protocol page regarding AuthSub authentication:

AuthSub proxy authentication is used by web applications that need to authenticate users to Google Accounts. With AuthSub, the website operator and the client code never see the user’s username and password. Instead, the client obtains special AuthSub tokens which it uses to act on a particular user’s behalf.

To use this mode your app must first direct users (via a standard link) to the Google site to login securely. After logging in takes place Google will redirect users back to your app with a query param named ‘token’ embedded in the URL. Your app then in turn needs to upgrade this once off token for a session token, it does this yes you guessed it via a HTTP request.

Click on the ‘AUTHSUB REMOTE LOGIN’ link on http://www.davecallan.com/analytics/ to see what the process is like (notice the address bar when you get redirected back to my site). Notice also the structure of the link which directs users to the login page on Googles site in the first place. In my case it’s

https://www.google.com/accounts/AuthSubRequest?
&next=http://www.davecallan.com/analytics/default.aspx

&scope=https://www.google.com/analytics/feeds/
&secure=0
&session=1

The most important param here is ‘next’. It is used by Google after authentication to determine where to redirect the user to. Please read http://code.google.com/apis/analytics/docs/gdata/1.0/gdataProtocol.html#AuthSub for an explanation of the other params.

In terms of upgrading the once of token in the address bar to a longer term session token, well I’m using the method below for that

//used when you have authenticated on Google (via AuthSub & query params) & have a temp token
public static string getSessionTokenAuthSub(string tempToken)
{

string response = GArequestResponseHelper(”https://www.google.com/accounts/AuthSubSessionToken“, tempToken, mode.AuthSub);

 //temp (once off) token will have been exchanged for session token, return it
 return response.Split(’=')[1];

}

Following the API reference on the analytics developer site I know what URL to ask for. I also specify the authentication mode so the HTTP request/response helper method will know what format of header to include.

How to get a list of website profiles which authenticated user is allowed access (step 2 of 3).
This step is not needed if you know the ID of the profile you want to work with. The method I’m using is below

public static NameValueCollection getAccountInfo(string sessionToken, mode mode)
{

string response = GArequestResponseHelper(”https://www.google.com/analytics/feeds/accounts/default“, sessionToken, mode);

//response will contain an XML formatted string similar to
//http://code.google.com/p/ga-api-http-samples/source/browse/trunk/src/v1/accountFeedResponse.xml

//we need to convert it to proper XML for parsing
XmlDocument accountinfoXML = new XmlDocument(); accountinfoXML.LoadXml(response);

//each account/profile combo the current user is authorized for will have an ‘entry’ element
XmlNodeList entries = accountinfoXML.GetElementsByTagName(”entry”);

NameValueCollection profiles = new NameValueCollection();
for (int i = 0; i < entries.Count; i++)
{
    //profile name, profile ID - profile ID is needed for ID what data you want from the API
    profiles.Add(entries.Item(i).ChildNodes[2].InnerText,entries.Item(i).ChildNodes[7].Attributes["value"].Value);
}

return profiles;

}

Pass in the token (now a session token) aquired in the previous step. This method parses the XML response to get website profile name and profile ID which I have bound to a dropdownlist (see the demo) so the user can select the relevant profile to query (in the next step). You need System.XML namespace for the above to work.

How to actually query an account (step 3 of 3).
Authentication this, authorization that… it’s time to actually request and get some real data. Specifying what data you want is all done by configuring query params in the URL which you request from the Analytics API. The Retrieving Report Data section on the protocol page has a wealth of information (but there’s more to be had on other sections of the analytics developer site too) so get it open in another window if you haven’t already done so.

As before it’s all based around a HTTP request (asking for a webpage) so we’ll be using our friend GArequestResponseHelper again. The base request URL is https://www.google.com/analytics/feeds/data however we need to add a load of query string params to that URL to instruct Google what type of information we want. First I’ll show you the URL I have hardcoded (for the purposes of this demo only) which gets me the top 20 page titles by pageviews and then I’ll explain it somewhat. Please refer to the retrieving report data section linked to above for more.

https://www.google.com/analytics/feeds/data?ids=ga:202020
&metrics=ga:pageviews
&dimensions=ga:pageTitle
&sort=-ga:pageviews
&start-date=2009-03-01
&end-date=2009-03-31
&max-results=20

IDs is required and allows you to specify the profileID for the profile you want data for (you got this ID previously). The last four params should be fairly obvious. Metrics are the actual values you want to get hold off. In this case I’ve requested pageview counts. Dimensions relates to metric contexts or breakdowns (or cross sections) . Without dimensions specified the metric value reflects data in an Analytics account as a whole (1 aggregated value only) however if you specify that you want to see a metric (or metrics) broken down by a dimension, you get a breakdown of dimension->value combos. In this instance I don’t just want a count of total pageviews in an Analytics acccout, I want total page views for each (top 20) individual pagetitle in the account.

What’s returned from the API is completely dependent on what you ask for in the request parameters (assuming you have any data in the first place of course). An excerpt from the XML returned by the above request (on the Google Analytics website profile for akamarketing.com) is below:

<entry>
<id>http://www.google.com/analytics/feeds/data?ids=ga:459940&amp;ga:pageTitle=dynamic%20URL%20rewriter%20tool%20%7C%20mod%20rewrite%20tool%20%7C%20convert%20dynamic%20urls%20into%20static%20urls&amp;start-date=2009-03-01&amp;end-date=2009-03-31</id>
<updated>2009-03-30T17:00:00.001-07:00</updated>
<title type=’text’>ga:pageTitle=dynamic URL rewriter tool | mod rewrite tool | convert dynamic urls into static urls</title>
<link rel=’alternate’ type=’text/html’ href=’http://www.google.com/analytics’/>
<dxp:dimension name=’ga:pageTitle’ value=’dynamic URL rewriter tool | mod rewrite tool | convert dynamic urls into static urls’/>
<dxp:metric confidenceInterval=’0.0′ name=’ga:pageviews’ type=’integer’ value=’409′/>
</entry>
<entry>
<id>http://www.google.com/analytics/feeds/data?ids=ga:459940&amp;ga:pageTitle=Google%20Analytics%20-%20exclude%20your%20visits%20even%20with%20a%20dynamic%20IP&amp;start-date=2009-03-01&amp;end-date=2009-03-31</id>
<updated>2009-03-30T17:00:00.001-07:00</updated>
<title type=’text’>ga:pageTitle=Google Analytics - exclude your visits even with a dynamic IP</title>
<link rel=’alternate’ type=’text/html’ href=’http://www.google.com/analytics’/>
<dxp:dimension name=’ga:pageTitle’ value=’Google Analytics - exclude your visits even with a dynamic IP’/>
<dxp:metric confidenceInterval=’0.0′ name=’ga:pageviews’ type=’integer’ value=’389′/>
</entry>
               

Each dimension (pagetitle) is separated into ‘entry’ elements. In this case each ‘entry’ element has only one dimension and metric however sInce you can request multiple metrics and multiple dimensions in the same request this will not always be the case. You will therefore have to alter your XML parsing code depending on what exact data your requesting. It is important to note that not all metrics can be combined with all dimensions, some data relationships just don’t make sense. If you request a bad combination Google will throw a ‘bad request’ exception.

I’ve used AuthSub method for step 1 above. Step 2 and 3 above are the same regardless of which authentication mode is used. I won’t go through the ClientLogin mode much as it’s simple enough and the code is available & commented. Basically to use ClientLogin you need to POST username/password details to a specific URL (as defined in the API reference), if they are correct you will get back a session token which you will use exactly the same way as if the token had originated from AuthSub authentication.

I’ve put all code helper segments into a class called GoogleAnalytics for you to see the full source. It’s by no means production ready code, so please don’t comment me bringing that to my attention. If you want to see the full code for what’s located on http://www.davecallan.com/analytics then I’ve created an analytics.zip file which might be helpful. The code behind for the default page is quite simple and really just makes use of the static helper methods in the GoogleAnalytics class but if you’ve any questions let me know. The main thing for you, me & everyone else to do at this stage is to just play around with the new API and eventually I’m sure lots of excellent resources, tutorials and walkthroughs will appear to enable it to really take off.

If your not an ASP.Net developer heres some PHP resources about the new Analytics API
Similiar to this blog post only targetted towards PHP programmers
http://www.alexc.me/using-the-google-analytics-api-getting-total-number-of-page-views/74/

Using PHP & CURL to authenticate against ClientLogin
http://www.electrictoolbox.com/google-analytics-login-php-curl-username-password/

PHP Class for doing common API thing.
http://www.electrictoolbox.com/php-class-google-analytics-api/


Web developer tools included with Internet Explorer 8

Sunday, March 22nd, 2009

I downloaded the latest version of Internet Explorer the other day and although at this stage I can’t comment too much on the browser as a whole I was pleasantly surprised by the developer tools included with Microsoft’s latest release. I’ve used the developer toolbars for IE 6/7 & for Firefox but it’s good to see something like this included in the core IE program.

Common developer tasks such as viewing pages in different resolutions, quickly viewing outlines of pages (CSS classes, DIVs, tables, image containers etc.), validating pages and measuring elements are all included. In fact pretty much everything needed to decompose & desect webpages is available including a nice Javascript debugger which means you won’t have to switch to Firefox to see meaningful JS related messages anymore. I’m also liking the CSS profiler which enables a developer to turn CSS element definitions ON/OFF and have the page update to reflect changes without a page refresh, this is quite powerful as it allows developers to quickly see what works best in their pages.

Although not part of the developer tools as such, IE 8 also includes a compatibility mode which will allow surfers view pages in IE7 mode. This is important as IE 8 is now a standards based browser where previous versions where not and thus pages designed with IE 7 in mind mightn’t look correct in IE 8, if this happens a user can emulate IE 7 with a simple click of a button. This is going to create a small pain for developers as they might have to change their CSS to make pages look the same on IE 7 & 8, however in the long term it is the best thing Microsoft could have done as going forward cross browser compatibilty should become less of an issue for developers/designers.

There’s some good content about IE 8 itself and its developer tools around the web including the below: 

Why are standards based browser ‘better’?
http://samanathon.com/internet-explorer-8-passes-the-acid2-browser-test/ 

Review of developer tools
http://coolwebdeveloper.com/2009/03/fantastic-new-javascript-debugging-tool-with-ie-8-and-its-list-of-features-hard-to-live-without/ 

Extensive review of developer tools
http://www.code-magazine.com/Article.aspx?quickid=0811082


Top 25 dangerous coding errors ‘revealed’

Tuesday, January 13th, 2009

I usually spend a lot of time on BBC.co.uk (so rescuetime tells me anyhow) each day and while on it today I came across an interesting piece in the technology section relating to the publication of a near universially agreed document which lists the top 25 programming errors that us so called professional developers occasionally let creep into our systems & applications.

According to the The SANS Institute (a leading contributor to the document) who issued a press release yesterday (12th Jan 09):

the impact of these errors is far reaching with just two of them leading to more than 1.5 million web site security breaches during 2008.

Contributors to the document who include SANS, MITRE, Microsoft, the US National Security Agency, the Department of Homeland Security and Symantec believe it will have four major impacts:

  1. Software buyers will be able to buy much safer software.
  2. Programmers will have tools that consistently measure the security of the software they are writing.
  3. Colleges will be able to teach secure coding more confidently.
  4. Employers will be able to ensure they have programmers who can write more secure code.

In regards to the 3rd point above I know that with the exception of a passing remark or two about the need to validate input I was not taught a lot about writing secure code during my computer science degree in college. I think in this day and age (Web based/Cloud Computing), teaching secure coding is the way to go so I think this list will definitely help.

Reading through the list, I notice a lot of the usual suspects are listed such as input validation, cross site scripting, SQL injection and that old chestnut hard-coded passwords which I must admit gave me a chuckle just by its very inclusion in such a list, but I guess if developers are still doing this then it must be included.

The fairly detailed press release from SANS is available at http://www.sans.org/top25errors/ while the document itself is located at http://cwe.mitre.org/top25/. There’s a printable PDF version available too which I suggest every software development manager or team leader makes compulsory reading for his or her programmers.


Risque company names, clever for branding or bad, bad, bad?

Wednesday, September 10th, 2008

While on my way back from Naas today I noticed a van for a company called ‘Doggie Style‘. The company actually provides mobile washing and grooming services for dogs, but the first thing that caught my attention was the large words ‘Doggie Style’ on the side of the van so initially I thought the company must be in a different industry altogether. Near the company name was more ‘word play’ with what I guess is the company’s attempt at a tag line… ‘good clean fun’. The company therefore has a lot of connotations associated with its name and branding but are these risque (some would say controversial) connotations good or bad?

Of course when people are trying to come up with company names, one of the requirements is for the name to be as memorable as possible for branding purposes. Company names such as ‘Amazon’, ‘Pink Elephant’, ’Pigs Back’ and ’Xtra Vision’ are unlikely to be forgotten too easiliy so in that respect a company name of ‘Doggie Style’ is right on the mark. I wonder though do the (perceived) negative connotations associated with this name outweigh the advantage of it being clever & very easy to remember, I mean I sure as hell wouldn’t want a van with ‘Doggie Style’ written in large lettering on its side pulling up outside my house… what would the neighbours say? :-) Additionally does it make the company appear tacky or unprofessional?

I guess that’s only one example (send me any examples you know of) though, but I’m looking for your thoughts on the topic title, so what do you think?


Is 02 mobile broadband worth it for a fiver a week?

Thursday, August 14th, 2008

I’m a laptop user these days, so to keep with the whole ‘work anywhere’ gig I’m trying to perfect I decided to invest in one of the mobile broadband offerings from 3G, O2 or Vodafone. Truth be told 3G were out before they were even in… I’ve heard a lot of negative things about their overall (speed, reliability & customer care) service, in both the online and offline worlds so I wasn’t going there. As for Vodafone well reliability is meant to be top notch, however it’s €30 a month and has a data cap is 5GB which 02 beats on both counts, so I said I’d look into 02 more…

While I was researching the mobile broadband offering from 02, one of the most important things for me was speed, reliability too of course… but that’s a given. I needed decent download speed but perhaps as important (well not quite) for me was upload speed as being a developer I’m uploading this, that and everything via FTP on a daily basis. 

Speed for the 02 mobile broadband service is currently listed as 7.2Mbps for download and 2.0Mbps for upload although they must have upgraded upload capabilities within the last few days because when I ordered last week upload speed was listed as 1.4Mbps, which is good in itself. Those speeds where more than adequate for my needs. I was aware however that these listed speeds are the theoretical max speeds one can achieve given absolutely perfect network conditions, so I wasn’t expecting to get anywhere near them in reality. The truth however is that higher theorectical speeds generally mean higher ‘in the wild’ speeds too so considering it has a 10GB data cap and after a little checking on it’s reliablity I said I’d give 02 mobile broadband a go.

I bought it online (by the way - no sim pin number is included when the modem is bought online for security reasons - you need to call, email or post in their support forum to get it) and it cost €49 for the E270 (the E220 is less powerful upload speed wise) modem and then €20 a month as part of a 12 month contract. I got it the other day and am very happy with it so far, below is some snapshots I got from Speedtest.net. The 1st one is the max I’ve achieved so far while the 2nd one is what I got earlier today.  

Both are decent results in terms of download and upload speed. I found 2.5-3.0MB is usually average territory for download speed, while upload average is about 800-900kbs mostly. Quality of service is good too - I’ve made about five long Skype calls since getting this lad in and no problems at all, call quality was as good as DSL based calls. By the way Blacknight have a nice VOIP simulation test at http://www.irishisptest.com/runmyspeed.php which you can use to check how your Internet connection will perform (roughly) using VOIP. As far as I’m aware VOIP call quality has a lot to do with Ping speed (as well as upload/download speed obviously), which above is 159ms and 162ms respectively from left & top which is good for mobile broadband. Call quality on Skype etc. may be a bit hairy on Ping speed of I’d say 270+.

Although I haven’t had it long I’m very happy with it to date, I’ve heard it can be very location dependant (I’m based in Santry, North Dublin) though so depending on where abouts in Ireland you are it might not work as well for you as it is doing for me. On that note check out the Speed Test Thread on the 02 support forum for a load of Speedtest.net result snapshots from various parts of the country. You’ll notice that some of them are not that flattering, but most are decent and considering that mobile broadband is still really new in this country ‘decent’ for five euro a week should be good enough for most people. Word on the wires is that they have plans to upgrade to 14.4Mbps sometime in the next year or so which when it happens should really stir things up.

I wonder though will us Irish ever have it as good as our UK counterparts, the variety of packages and special offers for home, mobile and other broadband services is massive, for instance (and since we’re talking about 02) check out this deal from 02 in the UK which offers free home broadband when you buy mobile broadband.

Resources:
Apparently the software that comes with the 02 modem does not accurately track data usage, I’ve yet to notice but Shane O’ Sullivan has written a tool which logs in to the 02 website and gets your 100% accurate figures.

Another recent review which includes figures from a couple of different locations around Ireland by Conor O’Neill.

Keith Bohanna’s review of 02 mobile broadband from September 07 includes more sample speeds from various different locations, notice the sometimes huge differences between location A and location B so do your research before investing.


Using Wordpress? Check the text only version of Google’s cache for hidden spam links

Thursday, July 31st, 2008

I’m up to my eyes programming another adwords API system at the moment so when I discovered that my Wordpress installation had been hacked, I wanted to strangle someone (ideally the person responsible) because I really didn’t have time for this.

Wordpress hidden spam links hack
The hack didn’t shutdown my blog but it might as well have because it made all my posts unfindable on the major search engines for any of their related keywords (and exact string searches). The hack I fell victim to involves some waste of space making secret changes to Wordpress source files and the Wordpress database enabling him to output a tonne of hidden links on all blog pages via a hidden Wordpress plugin. The links were complete keyword stuffed spam with anchor texts such as ‘viagra’, ‘xanax’ and ‘teeth whitening’ common among them so needless to say the search engines don’t like my blog pages anymore.

What makes this hack hard to detect is that fact that the links only get outputted when a major search engine visits a page from an ‘infected’ Wordpress installation so blog readers will likely not notice until a lot of damage is already done to your Google, MSN and Yahoo rankings. I myself only stumbled upon it earlier today when I seen all the links near the bottom of Googles’s text only cache of my last post about converting to PDF from within PHP so it was by pure chance. The links where present on the regular cache too, however they where contained in a hidden div so could not be seen by anything except the search engines… unless you viewed the page source.

Want to see an example? Well right now there a lots of cached examples on Google of what this hack did to my pages, but I’m hoping they will be gone soon so here’s a copy of the text only cache of http://www.akamarketing.com/blog/109-php-to-pdf-conversion-with-tcpdf.html from today (31st July 2008).

How can I tell if my Wordpress blog has been hit with this?
Easiest thing to do is to just visit Googles text only cache page for a couple of your blog posts (and perhaps your main blog page) and keep an eye out for about 50 spam links towards the end of the page. If you have caching by search engines disabled you can use something like Curl and ‘fake’ your user agent string to appear as if your Google (and then check the page source). I’ve done it already for you though with a iamgoogle.php script, visit http://www.akamarketing.com/iamgoogle.php?url=http://www.akamarketing.com/blog/&google=1 while replacing my URL ‘http://www.akamarketing.com/blog/‘ to the URL of one of your blog pages. When the parameter google is equal to 1 the user agent is ‘Googlebot’, when it’s anything else a regular ‘human’ user agent is used. If your checking your blog main page be sure to add the trailing slash after your blog folder as Wordpress implements a redirect from the non slashed URL version to the slashed URL version so you’ll just get a ‘Moved Permanently’ message without the trailing slash. The code of iamgoogle.php is available for those of us that are ‘into’ PHP.

If I’ve been hit with this hidden link hack how to I get rid of it?
After discovering this hack my first port of call was Google to try and search for some good information. I found three particularly good articles about what this hack is and how to get rid of it so I’ll just point you in the direction of a couple of existing posts if you don’t mind (it’s been a long day) rather than go through how to remove this in detail. The posts below all helped me:

Wordpress exploit giving backlinks, redirects and headaches but no visitors ;)

Wordpress exploit: we been hit by hidden spam link injection

Has Your WordPress Been Hacked Recently?

The above links will fill you in on the complete story but in essence fixing this hack for me involved doing a bit of fiddling with the Wordpress database, deleting some files with strange extensions and upgrading Wordpress from version 2.0.2 to 2.6. On that note I must say hats off to the Wordpress development team, it was pretty much the most pain free web application upgrade I’ve ever be done… (although I did backup everything twice just to be safe). If you already have the latest version of Wordpress I’d still recommend replacing your source code with ‘fresh’ code just in case it’s been edited (which is very likely for this hack).

How can I detect something like this in the future?
After I upgraded Wordpress I was pretty certain that my installation was now clean, however I asked myself how can I detect something like this more quickly (I have a hunch that this hack was ‘active’ since April) in the future if it happens again? I came to the conclusion that I needed some sort of file integrity checker similar to Tripwire to alert me when any of my www space files change. 

Tripwire and many other similiar systems are not usually available on shared hosts but they all essentially take a sha1 (or md5) hash of all watched files, store the hashes and then periodically compare the stored hashes against regenerated ones to check if any files have been edited so writing something custom specific to my needs wouldn’t be that hard to do.

OK that’s enough rambling for today, here’s hoping you have a had a better day than me.

HOME | ABOUT US | CONTACT US | SITEMAP | GOOGLE SITE SEARCH | TOP
12 Lorcan Crescent, Santry, Dublin 9, Ireland +353 87 9807629