If you run into this issue you have 2 choices.

1. Change mod_security
2. Use a simple workaround

I opt for #2. Changing mod_security is complex and the inability to use these words is there for a reason. They are commands that can cause some serious havoc to your server if abused. So, instead of gimping your security simply do the following:

use   (non-breaking space HTML element)

To use these words in this post I did the following:

Title: curl & wget in WordPress posts
In a sentence: “…the word wget in my code examples…”

Just make sure you never have the problem word, then a normal space, then any text. It will cause the 403 error.

Originally posted at www.jaguarpc.com by thisisit3

- START

Contrary to popular belief, spam is easy to combat. All it takes is a well configured SpamAssassin running on the server. Unfortunately the definition of “well configured” is very loosely defined in this context as its completely different for every domain/server.

One such example is the average person who blocks emails that contain the word “viagra”, but an actual medical doctor may use that word rather regularly.

So here is how to make SpamAssassin block 99% of spam:

STEP 1 - Raise score for Realtime Blackhole lists (RBL)

The default scores for RBLs are set too low. For example, if an email is marked as spam by SORBS then there is no reason giving it a score of 2. Based on my tests over a two year period RBLs are very safe to use. There are some issues with SpamCop but those always resolve after a few days.

Edit your “/etc/mail/spamassassin/local.cf” and add:

Code:

STEP 2 - Raise score for BAYES

The default scores for BAYES are set to the lowest possible. These scores are automaticaly generated by a special script used by the developers of SpamAssassin and its generates the score based on all the rules. Unfortunately the high probability scores are too low, for example a 90% probability is a definit spam, so there is no reason why its score should be 2.

Edit your “/etc/mail/spamassassin/local.cf” and add:

Code:

STEP 3 - S.A. Rules Emporium (SARE)

There is a special team of commandos who track daily spam. These guys have sat down and written rules that target specific strings within spam. One such tick is to scan for telephones and addresses used in spam, thus they don’t need to look for “viagra” in all its different variations instead they look for the phone or address of the guy selling them. As a result, their rules allow a doctor to get emails with “viagra” in them, while blocking spam at the same time.

These guys go even further, they have rules for:
- Rules to detect commonly abused redirectors and uri obfuscation techniques.
- Addresses and phone numbers harvested from spam
- Bayes poison using lists of words with equal length
- HTML coding rules that detect various spammer tricks applied through HTML coding within messages
- Header rules that are not found in other SARE rulesets.
- Rule set which flags specific spam and/or spam from specific spammers
- SARE Adult rules are designed to catch spam with “Adult” material.
- SARE “BML” rules are designed to catch “business, marketing and educational” spam.
- SARE Fraud rules are designed to catch “Nigerian 419″, “International Lotto”, etc. type scams.
- LOADS OF OTHERS…

Their website is at: http://www.rulesemporium.com/

Below are the safest rule sets which can be used everywhere. Just go to your “/etc/mail/spamassassin/” directory and run the following commands from the shell, thats all you need to do, they are automatically included when SA scans that directory.

Code:

STEP 4 - Final step

Finally, make sure your required score is still set to the default 5 because all the above rules expect that it hasn’t been changed.

Code:

Once you’ve run your system with the above and you are comfortable with the results, you may automaticaly delete spam with a score of 8 or more. The safest way is to create a filter rule in cPanel (Mail -> Email Filtering):

Code:

The result is this:

$message_headers contains “X-Spam-Level: ********”

- END

I’ll add that if you have PLESK you can make this last change by editing the ’spam filter’ setting instead.

I’ve used this domain for years always keeping an eye out for one shorter. Recently I serendipitously typed in ‘trydynamic.com‘ at godaddy; to my surprise it was available. I snatched it up right away, but since then have had some doubts. The word ‘try’ could easily be the center of a marketing campaign, but would trydynamic.com be good as the main advertised domain name for the business?

So, I’m curious to hear some opinions on ‘try’ as a domain name prefix. Any high traffic domains out there using it?

Here are a few common domain name prefixes to ponder as well:

Domain Name Prefixes :

• 2
• 4
• the
• my
• i
• me
• we
• you
• e
• top
• pro
• best
• super
• ultra
• all
• cyber
• simply
• free
• 1st
• smart
• cool
• hot
• fast
• fresh
• first
• daily
• sharp
• light
• classic
• great
• quick

What kind of blogger do you want to be?

#1 The Guide - Not much original content but provides a resource by bringing info on a topic together in one place.

Upside: Can become a great resource by organizing information in new ways.
Downside: Runs the risk of becoming a repeater (below).

#2 The Expert - A guru in their topic of interest.

Upside: Readers flock to the expert in aspiration of greatness, answers to tough questions or to just stay informed.
Downside: Delusions of grandeur. Some ‘experts’ think a little more of themselves than others do.

#3 The Journalist - Provides topical news with insight where appropriate.

Upside: Just like the offline variety, blog journalists can become a reputable source of information.
Downside: Be careful of spin - unless its part of what makes your blog!

#4 The Muse - Gets readers to think about something in a new way.

Upside: Bloggers with true insight into a topic will find much success.
Downside: True insight is very rare. Unfortunately passionate rants are more common.

#5 The Reviewer - Writes reviews on the latest and greatest.

Upside: People are always curious about others opinions before they buy. Often they will read many reviews before making a decision.
Downside: A lot of competition; especially in popular items.

#6 The Narcissist - All about themselves, readers be damned!

Upside: This sort of self obsession can be entertaining.
Downside: The entertainment gets old very quickly due to lack of new material.

#7 The Rambler - Uses personality and wit rather than content to entertain readers.

Upside: There are some truly entertaining people out there. A rambler’s blog can be a fun pastime.
Downside: Getting long winded or going on a rant gets old.

#8 The Repeater - Is there an echo in here? Repeats content, often without permission, from elsewhere on the web without adding any value.

Upside: Bloggers do this in hopes of getting some traffic.
Downside: Without permission, this is copyright infringement. With permission you may have some hollow success. If you are going to write about someone else’s post or comment it’s best to add some value to the repeat.

#9 The Celebrity - Well known before starting their blog, celebrity’s blog popularity stems from past fame.

Upside: Allows fans to feel ‘closer’ to the stars.
Downside: Can have shallow content or celebrity may be unresponsive to fans comments.

#10 The Reporter - Reports on happenings in life or business. Reporters range from the practical company news reporters to the obsessive. An example obsessive reporter? A blogger who posts what they eat (complete with pictures) at every meal.

Upside: Great information for those interested.
Downside: Make sure someone is interested.

All in all, to have a successful blog always write for your readers and pay attention to your comments!

Have a blog that doesn’t fit? Let me know below!

When you ‘ping’ you notify blog indexing services that you have made an update to your blog. Ping-o-matic is used automatically by Wordpress at install but there are others you should take advantage of. Use the following list to make sure your content is represented by these services.

Not sure where to put these? In the current version of Wordpress (2.5.x) click on ‘Settings’ in admin then ‘Writing’ and paste them into ‘Update Services’ at the bottom of the page. Click ‘Save Changes’ and you are in business. Now Wordpress will notify these services automatically.

If you are familiar with pinging services you already know that there are plenty more pinging services available than the ones listed above. This list is researched and optimized for efficiency. Credit for the research goes to Instant Info Online. You can check out the research here.