EFF Newsletter – April Fool’s 2015

The funniest part is below:
Electronic Frontier Foundation's Effector Newsletter

NSA Tells Public To Reduce Use of Passive Voice In Email

Both style and national security are impacted by the use of passive voice, the NSA said today. Having spent many billions of taxpayer dollars to capture all private electronic communication, the agency is frustrated that poor writing habits are making this data difficult to analyze. We strongly prefer short declarative sentences where the actor is clearly identified, said an NSA spokesperson. Instead of writing, ‘The protest will be attended by many activists,’ it would be better to write, ‘Known dissidents Amy Goodman, Laura Poitras, and Glenn Greenwald will travel by bus to the protest in Washington Square Park, New York, and will arrive at approximately 1:04 p.m. on April 1st, 2015.’ The NSA further suggested that instead of composing private email, citizens could instead fill out a webform at NSA.gov or travel to Bluffdale, Utah and share all of their most private secrets with the NSA in person.

See the original email here: https://supporters.eff.org/civicrm/mailing/view
Ha!

I hope you guys find that as funny as I do.

Happy April Fool’s Day.
 

Referral Spammer Hitlist (.htaccess directives included)

Referral spam has been problematic for a long time; a quick search turned up an extensive list of referral spammers from 2009 on Perishable Press.

This thread from the Piwik repo on Github is more current (started in 2014) and mentions many of the sites currently contaminating my analytics reports.

My Referral Spammer Hitlist

Screenshot from Google Analytics Showing Referral Spam

The screenshot above is from Google Analytics (the last 6 months) for a site that I have access to the analytics data of but not the codebase/server (otherwise I’d have remedied the situation already). My significant other’s sister is the creator/founder/owner/president of Megan Lee Designs and, after learning of my vocation, granted me access to her analytics.

While 2.5% of traffic may not seem especially significant, it amounted to 16% (yep, 1 in 6) of their referral traffic! 42 of 143 sources of referral traffic were actually this referral spammer garbage (in the screenshot I included every website that was reported as having sent more than 1 visitor…there are another 35 domains (well, subdomains) that list a single visit. 34 of those are a subdomain of semalt.com (grumble, grumble)

When I first really noticed the problem in my analytics reports (in mid-2014) I came up with a blacklist. I called it a hitlist because, as I told my colleague Charlie, No workplace is complete without a hitlist ;-)

In the spirit of open-source, I give you my current list of directives:

Be forewarned, I’m no back-end developer or SysAdmin so while I can piece together enough RegEx to get simple things done, it is entirely possible that the directives written below are more efficient (and they are certainly more comprehensive).

My logic when I wrote them was simple:

  • I don’t care about protocols (http:// or https://)
  • I don’t care about subdomains (they often use lots of them)
  • I don’t care about case (hence the [NC] No Case [sensitivity] flag

If the domain listed as a referrer contains that series of characters (that string) I want to the RewriteRule to kill it before it hits my site (and my analytics) hence [F,L] the ‘fatal’ and ‘last’ rules on the re-write.

For anyone who might be of the copy and paste skill level (I myself was until fairly recently) be mindful of the ‘OR’ part of those directives [NC,OR], an [OR] is needed on all but the last RewriteCond, omitting it on prior conditions or adding it to the last condition will likely cause a series 500 error on your server.

A few months ago I addressed the most flagrant perpetrators—namely semalt.com—but suddenly I was getting visits from buttons-for-website.com.

Other Resources for Blocking Referral Spam

I recently tweeted about buttons-for-website.com and got a reply from @hbeckner who wrote a nice article (in German, but it translated well and the illustrations are in English so I had no problems) about it and the motivation behind it. He pointed me to this thread on the WordPress support forums.

In that thread someone shares their .htaccess directives to block these spammers and they list the following directives:

That list is a bit more extensive than mine and I also find it interesting to see how people write the directives in different ways.

I’ll try to keep this post up-to-date for my own use and yours if so inclined.

GTM & AdWords Calls From Site Conversion Tutorial

Tonight I came across a really nice tutorial covering setting up Google AdWords call conversion tracking on a website using Google Tag Manager by Red Fly Marketing.

If you end up coming across this first, go read it.You may notice I left a comment about CDATA comments. I found that blog post so useful that I am writing this and sharing it before they have replied or I have had a chance to test the code. I have every reason to think it will work but again, I have not tested it.If you’re using Google AdWords call conversion tracking on your website and using Google Tag Manager (or considering implementing it) I think you’ll find it useful.