ReadWriteWeb report today that Six Apart have announced the release of some Six Apart plugins for Wordpress at Wordcamp Mid-Atlantic. RWW think this is “shocking”. If they think that counts as shocking they need to get out more….

I was intrigued enough to zip on over the their page for Wordpress users, and yes, sure enough, there are some shocking plugins available.

On initial examination, I kind of felt there wasn’t much new to it: wow a comment spam plugin, an advertising plugin… The only one that caught my eye was the TypePad connect plugin, and even that one I kind of knew wasn’t going to be a runner.

Yes it does lots of fantastic stuff, see the above page for a feature list, but it struck me that:

• users had to go off to TypePad.com to register for your blog
• comments were no longer stored on your own blog
• the gains offered for the above are really not worth it

So I gave it the benefit of the doubt and installed the code on a test blog site. Installation itself is pretty easy, so no complaints there.

As expected, the newly activated plugin does make users go off to TypePad.com and create a TypePad account in order to become a member of your site. This doesn’t sit nicely with me: users click a link on your site and all of a sudden they are on TypePad.com being asked for their email address, set a password and their date of birth (TypePad: you don’t need my DOB, you might think you do, but you just don’t).

Ok so if you do all that and post a comment on my site it shows up and there are all the extra goodies they mention on their page.

Some points against:

• You no longer have comments stored within your own site
• Comments are harder to manage: two different sites to manage your blog, your blog site and your comment site
• Not offering much: threaded comments are available in WP 2.7.x, Comment Spam is not an issue with plugins
• The community thing: wow, you can create profiles. Not a big seller for me.
• I can’t find any option to export your comments back to WordPress if you choose to leave TypePad connect???

The very fact that comments are no longer stored within my own Wordpress database, not even duplicated there, is a deal breaker for me. Comment counts are often used in my work for listing most popular posts, etc. I see no need to have data stored elsewhere.

In short, there are some nice features here and I think it is great that Six Apart are opening up their work to other platforms, but so far, there is nothing here that makes me want to use one of their plugins.

TIP: If you think TypePad connect might be something you find useful, check out IntenseDebate also.

I admit, not the sexiest title you will come across.

I have been recently tweaking the design of my site. My first port of call, as it usually is when I need to iron out the kinks in a style sheet, is the W3C’s CSS Validation Service. I find that ensuring anything, be it html, xhtml or css is standards compliant, goes a good way to curing a number of cross browser issues, allowing you to concentrate on the stubborn ones that drive you scatty sometimes.

So off I go to validate my style sheets and um, nothing. Looks like the server is down, throwing the error I mentioned in the title.

No matter I thought, I will try another one. Put in “css validator” into your favourite search engine and you will get plenty of results. The problem it seems though, is that practically all of them use the W3C’s CSS Validator as a back-end. The same result comes back time after time:

Servlet has thrown exception:javax.servlet.ServletException: Timed out

I did find one site that has a non-W3C validator, but this is a shareware program which you must download and install. Hardly ideal and is most likely limited in functionality unless you cough up for the full version.

After about 48 hours I began to get suspicious of the fact that nobody else on the oul Interweb had reported a similar issue. Sure enough, after testing a couple of other sites, I found that the issue was specific to my own website.

On further testing, I found that a couple of other sites also had this issue. Specifically, Wordpress sites with a plugin installed called Sezwho. Sezwho is a web service that adds additional functionality to Wordpress comments, more on that in a separate article.

An undocumented “feature” is breaking the CSS Validator. Hopefully anyone else with a similar issue might find this useful. I will contact Sezwho to let them know of course.

Oh, and if you do want to validate your CSS, just deactivate the plugin, validate the css and reactivate the plugin.

I have just recently switched this website from the Drupal CMS to Wordpress. Within the last 24 hours I have had the first symptoms of an irritation I have noticed on other blogs I mangage. Almost as soon as the conversion was complete, I had two suspicious user sign-ups. Suspicious in that they occurred in very short order for a relatively low traffic website, and guess what, they both end in “.ru”, the Russian domain ending.

Now I am not in favour of tarring everyone with the same brush, I am sure most Russians couldn’t give an Abkhazia about my blog, but there is something fishy going on. Another blog I managed has over 1,500 registered users, yet over 800 of those users have emails ending in “.ru”.

So what is going on here? Initial suspicion was that this was a way of attempting to place spam comments on the blog, but does not seem to pan out. Firstly, the Akismet plugin does not seem to have a problem catching comment spam whether the user is registered or not. Not that I could find any relationship between these “dodgy users” and the comments that had been placed into the Spam bin by Akismet.

So I haven’t worried too much about them since they don’t seem to be doing any damage.

As I mentioned earlier, this is a new blog. Comments have been open on it, but I have only just activated the Akismet plugin. So there were about 24 hours during which comment spam could have been placed on the blog yet it wasn’t, even by the suspicious new users. Strange huh?

It seems then that there must be another reason for these signups other than comment spam. They may be trying to exploit known vulnerabilities in older versions of Wordpress.

In any event, to see if I can cut this out, I have installed a new plugin, Register Plus, this has quite a number of nifty features around user registration which have been a bit lacking in Wordpress to date. The features I have so far activated are:

• Email address confirmation for new users
• Users can set their own passwords
• Custom logo on the registration page

There are a number of additional features worth checking out, but so far those are the ones I will be using.

I will see how I get on over the next few weeks and if successful, I will roll out the plugin to other Wordpress sites I manage.

My suspicion is that these “dodgy signups” are driven by an automated bot and this may well not be able to use the new registration form. If that fails, then I am pretty sure the email addresses are invalid and therefore the user accounts are not activated and will be removed after 7 days.

In the last resort, there is also a captcha feature, but I would prefer not to have to use that. Hate the bloody things!

Another blogger who doesn’t think much of the fake user signups is using the Sabre plugin, but I am going to see how I get on with Register Plus before employing yet another plugin that only does one specific task. They become a nigthmare to manage them all.