Yesterday was an interesting day for ShanKri-la. I started out fixing broken feed and ended up fighting annoying popups that had creeped into my blog. Read on, if you are into things like that.
Broken Feed
Vinod kindly pointed to me that my feed was broken. Here is what went down if it’ll help someone else avoid the mistakes I made.
After my upgrade to WP 2.2.2, my 301 redirect stopped working. My link juice was getting diluted with shankrila.com not getting redirected to www.shankrila.com. So, I added some entries in my .htaccess file to achieve the same result. Good news: 301 redirect works now. Bad news: RSS feed is broken.
I started out by checking my blog’s source feed with Feed Validator. Checking your feedburner feed link may not help you much. I checked my http://www.shankrila.com/feed/rss.xml. Feed validator told me that this feed url is actually a web page and not a feed.
You can tell I was sratching my head rather hard at this point. So, I just type the .xml feed address into my trusted Firefox and bam I could see it redirecting loyally to www.shankrila.com because my source feed address did not have the www in it. It is one of those leftover things from when I started without the www and decided to go with it.
While troubleshooting this and identifying the cause of the problem, I was disabling some feed related plugins and I noticed this morning that the feeds weren’t the full text feeds. I have read that it could be a caching issue with Feedburner and hoping the full text feed will return with this post. If not, please hang in there and I will try to fix it ASAP. I hate partial feeds myself.
Paypopup ads
As I was working to fix the feed problem, I noticed this annoying popup ad with same overlay effect as a Lightbox script for viewing images.
I had that feeling of having been careless and let someone exploit a window left open by me. I thought some malicious code had ben inserted into my WP pages that showed these ads. I was about to change all my passwords to my hosting server, WP admin accounts, etc. I was about to disable a bunch of plugins that I had installed over the last month.
But, I took a deep breath and decided to look at the source of my home page in Firefox to see where the ad serving code was inserted instead of looking at each and every file in my WP install.
That’s when I found the offending Paypopup code right before the start of the content. The giveaway in this instance was a line with mediagridwork code that seemed out of place.
I just went ahead and removed AdGridWork code from my sidebar and the annoying popup ad stopped appearing.
Rationale
AdGridWork is a free service where you can advertise your site for free. Your ads will be shown in other blogs in the network depening on how many ads you show. I am not sure if AdGridWork intentionally serves these ads or if their code just got compromised by someone. I just looked at the metrics from displaying their ads and it doesn’t seem to generate a lot of clicks anyways. So bye bye AdGridWork for me.
I’ve experienced the same problem on my blog. Thanks so much for finding the cause for me, I’ll have to send an email to the adgridwork guys.
Hey K-IntheHouse –
I found your blog through Troy Deck who just contacted me about PopUp ads originating from the AdGridwork network. I wanted to paste in the email that I wrote to him for you and your readers to clear up any confusion:
Hey Troy -
Thank you for contacting me, and yes, we received a handful of emails
regarding the popups that were appearing on our network. Apparently our servers were compromised sometime over the weekend and a script
was added to our Ad Serving code that caused the popups for a day or
so. We have removed this problem and notified the appropriate people
to deal with this situation and was hoping to keep the situation under
wraps but unfortunately a lot of bloggers have already reported on
this as some type of foul play on our part. It's very tough building
trust in a free advertising network and situations like this hurt
every site that is participating. Hopefully this will be the last
occurrence of this type of problem :)
Whether you choose to use our service again in the future is for you to decide, however I wanted to inform you and your readers that neither Kyle and I endorse any type of PopUps and have taken the necessary steps to eliminate future compromises in our servers.
Nick Mazza
http://www.adgridwork.com
Troy, thank you for the comment and I’m glad it helped you out.
Nick,
It looks like Troy beat me to it and I’m glad he did. 🙂
I appreciate you taking the time to clarify what really happened. You have confirmed my suspicion that your server might have been compromised. This wouldn’t stop me from your using your service but I just haven’t had much luck with it.
Feed validator is a good site to check feeds, I too check it often. Good that you removed the pop up, its better to have reader satisfaction than earing a few bucks. 😀
Nirmal.. I do check it anytime I come across that site. Popups are the worst form of ads, IMHO. It’s an absolute no-no for me and so would be for my readers. I feel bad enough for serving Adsense ads. 🙂
I also am adverse to popups, inline ads (those double underline things), and intersitial ads. I think they degrade the user experience to the point of driving some people away.
Even worse, the money from these paypopup ads went to the hacker rather than to the webmaster, so I’m really happy that the problem is over now. For those who still need clarification, I’ve decided to write a full report of what happened on my blog, you can read it here.
Troy.. thanks for the great write up of the whole thing. That clarifies a lot of things for me and hopefully others too.