Sunday, April 26, 2020

Un-Plugin

When I first started Flush Twice back in 2003, I was hosting the site on a very simple web server in my basement. Because my internet connection was a dynamic IP address, I had to use a rapid DNS updater. This was a manual process that I had to go through whenever my IP address changed. Typically, my IP address changed on a random day every other week or so. I also hand coded the HTML, and manually updated the pages via FTP every single day.

As some of my long time visitors might recall, in 2005 I ran away from home and joined the circus. (Actually, it was the Army, but same concept.) Since I was no longer at home, I was not able to keep updating the DNS server. Flush Twice quickly went offline, but a couple months later I shelled out the money for a web hosting provider. Now the site would reliably remain online without my constant hovering, but the pages still had to be manually updated.

My original web server in the basement didn’t support PHP or MySQL, but now that I was paying a web host for my server needs, I felt it was time to make use of the added benefits. That is why in 2008, I installed Movable Type to my site. That lasted only a few months before I switched it over to WordPress, and that’s how I finally entered into the world of “Content Management Systems”.

The stock install was not very attractive, so to make WordPress look better I had to install a theme. I honestly don’t remember the name of it, but I really liked the way the sidebar overlaid on the header. I really miss that detail. That theme got an update, which kind of broke a few things, then something else went wrong with it, and finally the author abandoned it. Long story short, I had to switch to a new theme.

Another feature of WordPress is the plethora of plugins. These are “extra features” written by independent programmers to add more functionality to WordPress. I think I originally started out with about 4 or 5 plugins, but today I have about 32. Things like posts in the sidebar? That’s a plugin. The submission page that no one uses? That’s a plugin. Lazy loading images (images don’t actually download till you scroll down the page to where they would be visible) is a plugin.

Most of the plugins are more for back-end stuff. There’s a backup and migration plugin, an XML sitemap plugin, a plugin to clean up the database, a plugin to prevent brute force attacks, and a plugin to remove the privacy invading Google fonts that WordPress insists on using. Heck there’s even a plugin to automatically update the plugins when updates are available… And that’s where things get dicey.

So every now and again, an author of a plugin sees dollar signs. The plugin updates, and now the latest version is… something else. The plugin becomes bloated and intrusive. It has slick, eye-catching graphics that persist on all the admin screens, and encourages you to upgrade to their “Pro” package, and install their “other” plugins. It also comes with new terms and conditions that feel a little invasive as well.

Of course I don’t frivolously install plugins, so when a plugin goes rogue like that, it really hurts. There’s a trust violation. The scary truth no one talks about is that the author could upload something outright malicious, so when they upload something vaguely “spammish”, you really want that shit off your site ASAP.

Fortunately in this instance, I had a backup of the offending plugin. I was able to delete the bloatware and upload an older version from before it all went pear-shaped. I then had to tell the auto-updater not to update that hot mess.

Unlike the various star rating plugins, this is an essential back-end component, and there is no immediate substitute. It does look as though the backup is of a manageable size, so one option is to go through every file and gut the all references to original author from the plugin. It ain’t easy, but I have done this before.

In the meantime I have to look at that ugly red circle notification whenever I log in, taunting me that there’s an update available… An update that is toxic and would poison my site.


Kudos

OK, so we have reached the point where I say thanks to Glenn and George because they email jokes to me, and then I beg for viewers like you to visit our submission page and drop off a joke or two. You could also email jokes to me at flush2x@gmail.com.

“Coding, like poetry, should be short and concise.” ― Santosh Kalwar

Pax,

-f2x

Bookmark the permalink.

Leave a Reply

Please do not use URL's. Comments with links will not post.
The "Name" field is optional. Feel free to post anonymously.