Wednesday, August 21st, 2013

Web logs, dealing with bots, and an AutoHotKey tip

I've written about my site’s log files before, noting some strange activity and popular search terms. Every time I check my log I find attempts to break into an admin area on my site or to post something, even though I don’t allow comments on my blog. Sometimes I take time to add offending IP addresses to a blacklist, although that’s like trying to plug a leak in a dike.

One such log entry that caught my eye today was one from someone looking for the page “/blog/tag-Whining Goto: Forum List "Attach a file ..." illumination&ct=clnk.” I do have a Whining blog tag but there’s no place on my website where people can attach files. This entry came from, which belongs to, which seems to host a lot of spambots.

Another log entry was from, an Avante Hosting Services address assigned to Ryan Wilson. This entry had POST data for a spammy comment (“Me and my neighbor were just preparing to do a little research about this. We got a grab a book from our area library however I think I found out more clear from this post.”). I won’t include the URL but will mention that it was for a domain that is not even registered. Perhaps this spammer was just testing to see if a comment would go through, although a quick glance at this site would show that there are no comments.

Another set of interesting log entries were from IP addresses and, both of which belong to the Polish cable company Vectra. Someone from Poland wanted to log into my website’s WordPress admin page but wasn’t able to. If you’d like to try, visit Why don’t I care if you try to get into WordPress on my site? Because WordPress isn’t installed on my site. I do have a WordPress login page, but it’s just a dummy page I set up after I realized people were trying to hack into WordPress here. I don’t doubt that there are hackers who could get into WordPress if I had it installed, which is why they look for it, but it’s not really here to be found.

I used to block unwanted IP addresses using my site’s .htaccess with rewrite lines like:

RewriteCond %{REMOTE_ADDR} 192\.119\.154\.162
RewriteRule .* - [F]

but a couple years ago I switched my site’s DNS to CloudFlare, which blocks a lot of abusive bots and crawlers automatically and also makes it much easier to block additional IP addresses, either individually or by entire ranges (e.g., CloudFlare offers free and paid accounts, but the free account’s been sufficient for my needs and has drastically reduced the amount of hits on my site from bots, although some, like the ones mentioned above, do still get through.

Images used in AutoHotKey macro
I visit CloudFlare about once a week to block some more IP addresses. That’s often enough that I wrote an AutoHotKey macro so that I can press F1 on CloudFlare’s threat control page to activate the IP address field and then F1 again to click on the block button. If you have AutoHotKey, you can copy the macro below (click on the to expand it). You’ll also need to copy the two images to the right.

 myImageSearch(ByRef X, ByRef Y, X1, Y1, X2, Y2, options, image) {
Wednesday, July 24th, 2013

Proven SEO Stategy and SEO Results

From: Jane R. Villarreal
To: David Lauri
Date: Wednesday, July 24, 2013 5:02 AM
Subject: Proven SEO Strategy and SEO Results

While doing some research on your industry I have come across your site and decided to run an analysis on your competition and your current search rankings. I’m very impressed with your company, but there are some real opportunities for growth that you currently are missing.

Would you like to understand several strategies used for Search Engine Optimization (SEO) which have lead to better traffic, driving higher sales, increased leads and more revenue! We are rated as one of the top SEO and digital marketing companies in the US. In 20 minutes I can show you how to fuel your brand and generate more revenue from search engines and social networks.

All I’d like to do is follow up this with a quick phone call and see if we can arrange a time where you can see how this works online in real time. Can I call you this week to discuss your campaign?

Thank you
Best regards,
Jane R. Villarreal
2719 Romrog Way, Grand Island, NE 68801.

I get shit like this all the time, both regarding my personal website and my employer’s website. Someone must actually pay for SEO services from “top SEO companies” who send out SPAM like this, because these SPAMmers wouldn’t do this if they didn’t earn any money from it, but really, how stupid are the people who respond to these emails?

As you already know, is not the website for a business. I don’t have any competitors. And my website is already the top search result for my name.

But these SEO SPAMmers don’t care. They just know I have a website and that is my email address. (Yes, yes, if I really cared, I’d try to hide my email address, but it’s been out there a long time, and Gmail has pretty good SPAM filters, though one or two SEO SPAMs do get through every day or so.)

A funny thing about SEO SPAM is that for my employer the SPAM is addressed to our “” address. If these SEO SPAMmers cared about any pretense, they’d at least look at our staff listing to figure out who’s responsible for our website (hint: me).

Earlier this week I found out that SEO SPAMmers also try to pitch their services via cold calls. Our receptionist let such a call get through to me. Usually she’s pretty good about screening calls, but this time someone asked to talk to whoever was in charge of our website, and our receptionist just transfered the call. An Indian woman launches into her spiel after first asking if I was in charge of our website. I said no thanks and hung up on her.

Here’s the deal: If you can’t find out from the info on our website who is in charge of our website, you’ve no business talking to the person in charge of our website.

Besides which anyone who pays for SEO services is stupid.

Wednesday, June 5th, 2013

They succeed, at sending SPAM

Back in February I got two emails from Jessica Walters of WeSucceed Solutions.

Jessica’s first email was to ask to speak with me about how WeSucceed could assist me with Microsoft Office SharePoint 2010 (MOSS 2007 & SharePoint 2010), Custom Application development using .NET, and Quality Assurance and Testing services. I ignored this email because my employer doesn’t use SharePoint or .NET.

In Jessica’s second email, she said, “I am following up with you on the below email send [sic] to you on Wednesday” and that she would like to “share our success stories and value adds we could bring forth working with you.”

Um, yeah, I’m not really interested in hearing about “value adds,” thanks.

I sent Jessica a reply, saying that we didn’t use SharePoint or .NET and that we weren’t looking for any outside consultants. I got absolutely no reply, which was fine.

In April I got another two emails, this time from Sandra Phillips. The first was an exact duplicate of Jessica’s first message, and the second was also a duplicate of Jessica’s followup message, including the typo of “below email send to you on Wednesday” (see “[sic]” above).

Late last month and then today I got another set of these same two exact messages again from Sandra.

I’m taking the same action I took the last time I got ongoing SPAM from a company wanting my business:

  1. Setting up a Gmail filter to delete all messages from the SPAMming company.
  2. Writing a blog post to let people know about company’s SPAMmy practices
Monday, May 20th, 2013

Ineffective SPAM

Ring, ring! Pick up the clue phone, RingCentral!
RingCentral won’t leave me alone.

On May 6th, Bryan McDonald sent me the following email:

I am doing some research on your company to determine if there is any interest in a cloud business phone system. Your business will benefit from more control, more features and 50-70% lower telecommunications costs.

Fair enough. Technically, because this is unsolicited email, it's SPAM, but it didn’t seem outrageous, so I sent a short reply:

We already use 8x8 for our phone system and have no interest in switching.

So I was a bit annoyed when Bryan McDonald sent another message on May 9th, saying, “Just following up on the last email I sent you about your business phone system.” Yeah, if you’d actually read my reply, you wouldn’t have needed to send a followup message.

So I filled out RingCentral’s online contact form (no use replying to Bryan McDonald), saying again that we weren’t interested in switching from 8x8.

I got a reply back from Rheychelle N, apologizing and saying, “we assure that we will inform Brian McDonald or other account representatives not to contact you anymore.”

Today I get an email from Jenny Lindgren. Surprise, surprise, the email has the exact same text that Bryan sent.

I am doing some research on your company to determine if there is any interest in a cloud business phone system. Your business will benefit from more control, more features and 50-70% lower telecommunications costs.

Um, no. Just no. I’ve set up a filter to automatically delete any messages from anyone at, which is what I should have done in the first place.

And I’ve also written this blog entry, so people searching for info about RingCentral will know what kind of marketing practices they endorse (hint: the kind that guarantees that people won’t want to deal with RingCentral).

Update 6/24/2013: Today Denny Merrow sent RingCentral’s standard boilerplate SPAM message to the finance director at the company I work for. We’re still not going to buy hosted VoIP services from RingCentral, even if they send their SPAM to each one of our employees.

Wednesday, February 9th, 2011

Really out-of-date SPAM marketing lists

I just got an e-mail that made me laugh out loud, from someone working for Roam4Less logo
Logo of a clueless corporation
What made me laugh was the line, “I'm sure that  The Mazer Corporation 's executives are looking for ways to reduce IT costs and diminish international cell phone roaming charges.”

Mazer Corporation logo
Logo of a dead corporation
Two problems with this e-mail from

1) I haven’t been concerned with reducing IT costs for the Mazer Corporation for about ten years now.

2) No one at all at Mazer has been concerned with reducing IT costs or anything since the company abruptly shut its doors the last week of 2008.

Looks like the folks at Roam4Less need better marketing intelligence.

Blog tools
SPAM (5)
AJ Wagner (2)
Amazon Kindle Fire (4) (2)
American Express (2)
American Family Association (3)
Amy Grant (2)
Berlin (4)
Books (15)
Candi Cushman (1)
ChMS (3)
Christianists (16)
Christianity (21)
Christmas (2)
COM101 (4)
Computer tips (20)
Conservatives (6)
Cross Creek Community Church (28)
Cute actors (4)
Dan Savage (3)
David Esrati (9)
Dayton (52)
Dayton Art Institute (3)
Dayton Christian High School (2)
Dayton City Paper (5)
Dayton Daily News (16)
Dayton Dialogue on Race Relations (4)
Dayton Gay Mens Chorus (11)
Dean Lovelace (3)
Derek (9)
Dick Chema (2)
Diversity Dayton (2)
Driving (4)
Drunkenness (6)
English (2)
Epiphany Lutheran Church (3)
Exodus (2)
Facebook (13)
Fairborn High School (6)
False prophets (2)
Feeding Friends (2)
Firefox (2)
Flash (2)
Frankfurt (3)
French films (3)
Gary Leitzell (11)
Gay (85)
Gay bars (2)
Geekiness (5)
German (3)
Germany (34)
Good Friday (3)
Google (2)
Government forms (6)
Grafton Hill (4)
Greasemonkey (2)
Greek Orthodox Church (2)
Hamburg (2)
Hebrew (3)
Issue 1 (5)
Joey D. Williams (2)
Köln (3)
Ken Blackwell (2)
Kiva (1)
Lüneburg (20)
Library (2)
München (2)
Mark Luedtke (1)
Marriage (23)
Mary Cheney (2)
Mazer (4)
MeetFred (3)
Microsoft (10)
Mike Turner (3)
Movies (14)
My stupidity (5)
Nan Whaley (1)
Natalie Barney (1)
Neon Movies (10)
Occupy Dayton (4)
Ohio (2)
Olive (2)
Oregon District (4)
Panera (7)
Park Layne (3)
Parking (5)
Parties (2)
Paul Noah (1)
Paul Pyle (4)
Photos (49)
Politics (36)
Proposition 8 (2)
Racism (3)
Remembering (34)
Republicans (4)
Reviews (9)
Scams (5)
Sean Harris (1)
Sirius (1)
Snow (6)
Stivers (2)
Teaching (6)
Telemarketing (3)
Tomatoes (2)
Travel (12)
TV Guide (2)
Typing (6)
Uncle Bill (10)
Verizon (5)
Web design (bad) (17)
Web hosts (4)
Whining (61)
Wright State University (6)
Writing (5)
Yellow Springs (2)