Jun 29

Banned in Google

We just wanted to share something about our Facebook proxy site, www.faceoxy.com, that seems to be under something of a penalty in Google.

We’re not suprised it was under a penalty, its rankings and organic traffic tanked last year and it stopped ranking for its own content never mind its big money keyword phrases.

We’ve gone back to basics by updating the homepage content and removing much of the over-optimization. At the same time we’ve cleaned up the link profile to remove as many sitewide text links as we can as well as detuning the anchor text because it was very  aggressive.

All this work has been completed today and as we write we don’t rank in the top 200 phrase for our top keyword phrase, Facebook proxy. If these don’t work then perhaps we’ll start trying with the disavow tool. Watch this space for details!

May 16

If you run a proxy using the phproxy script you’re very likely to receive one of these :Google AdSense ad serving has been disabled to your site” warnings from Google if you are using Adsense to pay for the running costs of your proxy website. Here we explain why and how to fix the problem.

Like me, you probably only intend to serve up ads on your home page and not your proxified pages for a number of reasons. However, there’s a flaw in the phproxy script that could well end up with you displaying Google Ads on proxified pages. If any of these proxified pages are displaying Adsense ads on pages that break Google’s terms and conditions for displaying advertiser content, then you’ll very likely soon get an email with the subject; “Google AdSense ad serving has been disabled to your site”.

In this post we describe the circumstances in which your ads can appear on pages other than your home page, and we outline a hack to fix the problem.

The problem with the script is that if the proxy is used to view pages that are somehow “broken” a copy of your home page (with your ads) can appear in a frame on your proxified pages.

First, we’ve set up a test page with a “broken” link that you can use to see if your site has this problem. Cut and paste the URL below;


If you can see your site and your ads on it, then you have a potential problem and you should follow the instructions on how to fix this below.

Firstly, download and make a backup of your index.php file. Then open it in a plain text editor such as notepad.exe and look for the following code;

function show_report($data)
include $data[‘which’] . ‘.inc.php’;

This is the part of the script that shows your ads. To make your Adsense ads only appear on your homepage, change this part of the script to;

function show_report($data)
if ($_SERVER[“QUERY_STRING”] == “”){
include $data[‘which’] . ‘.inc.php’;

What this script mod does is only allow your ads to appear on your homepage. This will stop Google ads appearing on proxified pages and will hopefully be enough to get your account restored. The problem here is that if a user makes a typing mistake and/or tries to open an invalid URL, then they will see a blank page – not good for your visitors!

You can go one step further to prevent this by making a further modification, replacing this code (but it’s a bit trickier to implement;

if ($_socket === false)
show_report(array(‘which’ => ‘index’, ‘category’ => ‘error’, ‘group’ => ‘url’, ‘type’ => ‘internal’, ‘error’ => $err_no));


if ($_socket === false)
show_error_report(array(‘which’ => ‘index’, ‘category’ => ‘error’, ‘group’ => ‘url’, ‘type’ => ‘internal’, ‘error’ => $err_no));

and you will need to create a new function with the code below;

function show_error_report($data)
include $data[‘which’] . ‘.inc.php’;

If anyone needs any further help or explanation or has a better solution, be sure to leave us a comment!

Apr 12

It’s all too common these days, but our WordPress blog was hacked again because it was an older version of WordPress version 2.8.5.

It was a nasty hack that injected hidden, pharmacy links in the footer of the page, and it was very difficult to remove. You can’t see the links because they are hidden using CSS, so unless you have a tool to swith the CSS off, you can look at a cached version of your blog in Google, using the text only option. Just upgrading the blog to the latest version of WordPress didn’t work. I’m afraid the script described here’s needs a fairly good knowledge of exporting and importing MySQL databases but there’s a pretty good tutorial on how to do that here;

Now the first thing you need to do is make a backup of of your existing blog, including downloads and the database itself.

It’s a good idea to delete your spam comments because these can make your database large and difficult to edit in a text editor.

After you’ve downloaded your files, you need to completely remove all files from your blog folder on the server (see exceptions below), including your wp-admin and wp-includes folders because the hack leaves backdoors in these (as image files actually).

For this hack, you can keep your /wp-content/wp-uploads files and your theme in your /wp-content/themes/ folder as well as any plugins in your /wp-content/plugins folder.

Then upload the latest version of WordPress editing your wp-config.php file with your server setting (but again with this hack you can use your old wp-config.php file).

Next export your database and open it in a text editor (not Word or Write).

Search for a table called wp_options (is search for that ext string and you’ll see entries such as;

(5, 0, ‘users_can_register’, ”, ‘yes’),

(6, 0, ‘admin_email’, ‘carl@tourboxantalya.com’, ‘yes’),

(7, 0, ‘start_of_week’, ‘1’, ‘yes’),

(8, 0, ‘use_balanceTags’, ”, ‘yes’),

(9, 0, ‘use_smilies’, ‘1’, ‘yes’),

(10, 0, ‘require_name_email’, ‘1’, ‘yes’),

(11, 0, ‘comments_notify’, ‘1’, ‘yes’),

(12, 0, ‘posts_per_rss’, ’10’, ‘yes’),

(13, 0, ‘rss_excerpt_length’, ’50’, ‘yes’),

(14, 0, ‘rss_use_excerpt’, ‘0’, ‘yes’),

(15, 0, ‘mailserver_url’, ‘mail.example.com’, ‘yes’),

(16, 0, ‘mailserver_login’, ‘login@example.com’, ‘yes’),

(17, 0, ‘mailserver_pass’, ‘password’, ‘yes’),

(18, 0, ‘mailserver_port’, ‘110’, ‘yes’),

(19, 0, ‘default_category’, ‘9’, ‘yes’),

(20, 0, ‘default_comment_status’, ‘open’, ‘yes’),

(21, 0, ‘default_ping_status’, ‘open’, ‘yes’),

And so on. Scroll down until you see a chunk of gibberish with 100’s of lines with text such as;


Delete that text in the quotes! Delete any lines with a transientid statement. There may be other gibberish options and you need to scroll down until the start of the next table which will start with something like;

— ——————————————————–

— Table structure for table `wp_post2cat`


When you’ve done that, import your cleaned up table and run the upgrade, and with any luck you’ll be back in business. If not let us know here via a comment and we can have a look for you. There are a lot of different hacks out there and most affect the header or footer files – this one’s unique in that it uses a back door in your wp-admin folder.

Once you’ve done this you should change your ftp, MySQL user, and WordPress passwords to be safe.

Let us know how you get on or if you need any help!

Dec 30

There’s lots of well meaning advice out there on how to add an Adbrite Zone to the footer of proxified pages but I’ve spent a whole evening getting it to work on a phpproxy 0.5 based proxy server.

The often repeated advice out there is flawed and/or out of date – but we do have a solution for you. Let’s step back a bit first.

We’re running an Adbrite Zone on our YouTube Proxy as an alternative to Adsense and have been doing so for a week. With it being the Christmas period and traffic being so low, but I’m busy at work and this was the only chance I’ve had to give it a try. So far the clickthru’s are better but the payout is awful – less than Adsense even!!

Anyway, one advantage of Adbrite is that you can place the ads on proxified pages without breaking their terms of service.

Great, so I set up a Zone with a 780×90 zone and tried pasting the code as recommended previously in Web Proxy forums and on other sites. All I got on index.php was a blank page.

The advice given was;

If you wann put ads at the bottom of your proxy pages use this code:


$pattern = "#</body>#i";
preg_match($pattern,$_response_body, $matches);
$_response_body = preg_replace($pattern, '
<!-- BEGIN STANDARD TAG - 728 x 90 - ROS: Run-of-site - DO NOT MODIFY -->
<!-- END TAG -->
</center></body>', $_response_body); //the replace function

this code goes in your index.php file (phproxy) & after this line $_response_keys[‘content-length’] = ‘Content-Length’;

When I tried this with my Adsense code inserted I got a blank page.

Firstly, the advice didn’t mention that there were two instances $_response_keys[‘content-length’] = ‘Content-Length’; code – you have to paste the code after the second instance of the code in your index.php file.

The second problem is that Adbrite are no longer using plain text for their Ads, but are using more complex code that features quotes eg ‘

That causes a problem in php code because single quotes or apostrophes are programming variables, or reserved characters if you like, so that they need to be escaped with a slash or \

In other words if you want to add the HTML code;

var AdBrite_Title_Color = ‘0000FF’;

you have to insert it in php as;

var AdBrite_Title_Color = \’0000FF\’;

Simply, escape all quotes and the code (see below) will work! We’ll report back on earnings in a month or so.

Working code to insert Adbrite banner ads on the footer or proxified pages (phpproxy 0.5);

// Mod starts
$pattern = “#</body>#i”;
preg_match($pattern,$_response_body, $matches);
$_response_body = preg_replace($pattern, ‘<center><!– BEGIN STANDARD TAG – 728 x 90 – ROS: Run-of-site – DO NOT MODIFY –>
<!– Begin: AdBrite, Generated: 2008-12-29 15:01:14 –>
<script type=”text/javascript”>
var AdBrite_Title_Color = \’0000FF\’;
var AdBrite_Text_Color = \’000000\’;
var AdBrite_Background_Color = \’FFFFFF\’;
var AdBrite_Border_Color = \’CCCCCC\’;
var AdBrite_URL_Color = \’008000\’;
try{var AdBrite_Iframe=window.top!=window.self?2:1;var AdBrite_Referrer=document.referrer==\’\’?document.location:document.referrer;AdBrite_Referrer=encodeURIComponent(AdBrite_Referrer);}catch(e){var AdBrite_Iframe=\’\’;var AdBrite_Referrer=\’\’;}
<span style=”white-space:nowrap;”><script type=”text/javascript”>document.write(String.fromCharCode(60,83,67,82,73,80,84));document.write(\’ src=”http://ads.adbrite.com/mb/text_group.php?sid=979382&zs=3732385f3930&ifr=\’+AdBrite_Iframe+\’&ref=\’+AdBrite_Referrer+\'” type=”text/javascript”>\’);document.write(String.fromCharCode(60,47,83,67,82,73,80,84,62));</script>
<a target=”_top” href=”http://www.adbrite.com/mb/commerce/purchase_form.php?opid=979382&afsid=1″><img src=”http://files.adbrite.com/mb/images/adbrite-your-ad-here-leaderboard.gif” style=”background-color:#CCCCCC;border:none;padding:0;margin:0;” alt=”Your Ad Here” width=”14″ height=”90″ border=”0″ /></a></span>
<!– End: AdBrite –>
</center></body>’, $_response_body);
// the replace function
//mod ends

Nov 30

Well as you can see, the Web Proxy Blog is back online despite the best efforts of a particularly mean set of hacks that we want to share with you to help you fix your problems and secondly to help prevent people making the same mistakes using WordPress that we did.

Firstly, this was a multiple hack across many different domains and blogs, though they all had a few things in common;

They were all run/updated from a computer that was infected with with worms, backdoors, trojans and goodness know what else. Keep your antivirus software up to date!

Secondly, they were all WordPress blogs that should have been updated. The oldest was version 2.0 and the latest was WP 2.63. We would have thought that the WordPress 2.6.3 and 2.5 installations would have been safe, but this hack is fairly new.

Finally, all the blogs were on Dreamhost. Could be a coincidence – we would be interested in hearing your comments.

The hacks manifested in a number of ways, but they all looked fine in a browser but had dozens hidden links at the bottom of each blog post. It’s only when I looked through the source code, or switched off the CSS that the links could be seen. Most of the links were real estate or lindsay lohan screensavers or something!

Another thing that was noticeable was that there were strange new files and folders in the blogs eg;

In these directories I found files with strange filenames eg. 05417e755b378ea9a91fdbe7f71712ce. These files contained links that were appearing in the footer.

Another thing I noticed was that the wp-blog-header.php file was much larger than the original and had strange coding in it;

/* r_start */
$rkeys=array(“buy tramadol”,”tramadol”,”tramadol online”,”soma”,”auto insurance”,”car insurance”,”backing up files”,”car insurance quote”,”auto insurance quotes”,”auto insurance company”,”auto insurance quote”,”fioricet”,”insurance quotes”,…………………….. religion”);
$_ip=false; if(is_array($ips)) foreach($ips as $ip) if($ip==$_SERVER[‘REMOTE_ADDR’]){ $_ip=true; break; }
if(sizeof($_COOKIE)==0 && $_ip==false && ……………………..


There was also some strange coding in the template footer.php file with a 1,000 character long, Base64 string that collected spam links from www.spamreport.ru.

I also found a backdoor file, remv.php, in the root of the WordPress themes directory.

Anyway, I didn’t fancy cleaning up that mess so I decided to make a backup via ftp, delete the old files and so a completely fresh WordPress install. The only problem was that the hack seemed to have changed the folder permissions from 755 to 555, which meant that we couldn’t delete our own files!

That was easy enough to fix; setting the attributes back to their proper value, but we did notice a few files and folders that had been modified to 777 (ie read/write/execute permission) confirming our suspicion that this was a mean hack and that the best way to fix it would be to delete everything and start with a fresh installation.

The good news is that once we had done this the blogs were back to normal, with the exception of the pre WordPress 2.2 blogs that had their character set altered so that pound signs, foreign letters etc were garbled with “Ä ±” or similar. Removing these two lines from the wp-config.php fixed this;

define(‘DB_CHARSET’, ‘utf8’);
define(‘DB_COLLATE’, ”);

You don’t need these two lines if you are upgrading from pre WP 2.2 versions because the character sets are already built into the blog.

As a final precaution I reset the MySQL database table password and the WP admin password for good measure. We also reset the ftp password because I suspect this was a hack across so many levels that just about every one of my usernames and passwords has been compromised.

So, that’s how I spent most of my Sunday! Anyone have similar experiences, shortcuts etc. they want to share?

Aug 21

It’s been said that a proxy mirror can mess a site up beyond belief in Google. I’m not sure but I have someone who owes us a substantial amount of money so we’re going to test this theory.

We’re going to create a mirror site on a proxy. The proxified site has a P R 3, the target site has a P R two.

If there’s a proxy issue in Google still, then our www.liveoxy.com will rank for searches that used to rank for the guy who still owes us money.

Let’s see!

May 26

The schools are off so hopefully you’ve got enough profit to still afford those servers when probably a large majority of your traffic is going to decrease. I’m not too worried but im prepared for my adsense earnings to plummet. Good ways to counteract the school kids defecit is by going for the likes of office workers.

  • Set up a proxy specifically for office workers
  • Do some SEO before its too late
  • Keep some of your decent earnings from other months through this summer

Not long till i post up the end of month stats, I’ve made more than $300 if anybody cares to know 😉

May 18

Im going to run off a quick list off sites or ideas to promote your proxy, pick a few, explore what to do then go and do it:

  • Squidoo
  • Digg
  • Hubpages
  • StumbleUpon
  • EzineArticles
  • USFreeAds
  • SEO
  • PPC
  • Writing Content
  • Forum Signatures
  • Email Marketing
  • Word of Mouth

Go, Go, Go!

May 15

Chad is the owner of SweetProxies, a much more enjoyable approach to proxy lists and management, a site I wouldnt mind having thought up myself. I asked Chad a few questions about his newly launched venture…

Glen: So Chad, you run and own SweetProxies.com, can you tell us a little about the site?
Chad: SweetProxies is a new proxy directory that is unique in many ways. It is a collection of php/cgi proxies, topsites, resources, and other directory sites.The initial goal or aim of the project was to have a primarily user-driven site that allowed for the collection of proxies to be easily expanded upon and affected by the users of the site, whether it be through adding or reporting sites, rating them, flagging certain sites as their top choices, etc. While sites like topsites or static proxy lists (such as proxy.org) have very little user-driven content, SweetProxies takes an approach similar to that of Digg and StumbleUpon.

Glen: You mention ratings, top choices etc. Is this one of the ways you tried to make Sweet Proxies unique?
Chad: The approach allows a more fair exposure of all sites submitted into the system, because with Proxies; sites that have high traffic and have been around for a long time are not necessarily the best. The more traffic, the slower the proxy tends to be. Also, the more popular; the higher the chance that it will be blocked by filters. With proxies, the ability to get fresh, new links is important. SweetProxies helps by randomizing links so everyone gets a balance chance of being featured, while also maintaining the ‘social’ aspects such as the 5-star ratings and ‘sweetness’ level (which is how many times the particular site has been added to a user’s favorites list).These other social aspects allow for users to quickly pick out which sites are best, and find what they are looking for.

Glen: So then, its clear that the visitors get a lot out of the proxies, finding the best for their needs. But what about the Webmasters, the proxy owners themselves
Chad: Proxy webmasters are given the ability to submit their sites to the directory under the category that best describes their site. Submissions are first automatically verified by the system, and then put into a cue to be manually checked for integrity (we look at the proxy site to ensure it works, is fast, etc). The site is then approved and added to the homepage listings. The process is usually completed within 24 hours. It is encouraged that webmasters link back to us (via link or button) but it isn’t required. Adding a button obviously helps promote their site (attracting users to visit SP and vote/rate/sweeten them). We also do button/link exchanges if webmasters are interested.

Similar to on proxy.org and other proxy lists, webmasters have the ability to make their proxy stand out from the rest by pay a small fee and ‘highlighting’ their link which puts it in a bold yellow box. There is also the option of upgrading to a PRO link in which the link appears in the top left column of every page (always seen by the user). Overall, webmasters are looking for proxy exposure and backlinks. By submitting to directories such as SweetProxies not only is it a great way for free traffic (and it only takes a second to submit), but it help you to build up a rating and get hits without needing to bring in crazy referral traffic like topsites require.To submit a site you don’t even need to register a new account, you can submit sites a guest as well as view the listings. Registration is only required if you’d like to rate/sweeten sites or build up a proxy favorites list (known as your ‘sweets jar’).

Glen: With the recent Clickbot issues surrouding Proxy.org, how can you protect the proxy owners from this type of activity affecting their Earnings Channels?
Chad: This news surrounding Proxy.org is very serious, as proxy webmasters are very dependant on their adsense accounts and revenue coming from adsense. SweetProxies will not tolerate any sort of ‘bot’ activity on our site that is unauthorized. While this issue is hard to circumvent since the bot operated by visiting regular hyperlinks (of which need to be accessable to regular users) SweetProxies has taken a preemptive step by blocking certain bots server-side.

We will also offer any site the ability, by contacting us, to turn off direct linking to their site and force the user to view their site via the ajax popup window option only. The only alternative we have to this would be to put a human-recognizing system such as CAPTCHA. I think we’re safe from this issue for now, and if something does occur in the future feel free to contact SweetProxies at any time via our clearly visible contact page and let us know of any suspicious activity. While we do monitor our logs for bot activity, our members are our most powerful resource for catching these things. That’s the power of having social user-driven sites!

To clarify; SweetProxies does NOT have any intentions to artificially increase perceived traffic or run bots on our site. We do not run any sort of advertising or promotions that are PPC or per page view. We also do not run Adsense on the site.

Glen: Sweet Proxies seems like a great alternative to Proxy.org, how did you choose the name?
Chad: I bought the name back in August of last year, it seemed to suit the vision of the site because it sounded fresh, it was catchy, and it wasn’t taken! I didn’t have a chance to actually build up the site I had envisioned until two months ago when development started.

Glen: OK Chad, thanks for your time and good luck with the site, expect some promotion and submissions from us
Chad: Thanks and good luck with your blog!

May 14

CGI Proxy

Website Description: This CGI script acts as an HTTP or FTP proxy. Through it, you can retrieve any resource that is accessible from the server it runs on. This is useful when your own access is limited, but you can reach a server that in turn can reach others that you can’t. In addition, the user is kept as anonymous as possible from any servers. Common uses include: anonymous proxies similar to The Anonymizer, other personal uses, VPN-like functionality, and others. It’s very simple to install, and very configurable.

When an HTML resource is retrieved, it’s modified so that all links in it point back through the same proxy, including images, form submissions, and everything else. Once you’re using the proxy, you can browse normally and (almost) forget it’s there

Uses up less bandwidth than PHProxy
Quick and easy to setup
Simple to use, just upload the files, type in the web address and go
Allows login to most websites

Uses a lot of CPU Processing power
Need a server that can run the CGI Proxy (may need to be configured whereas most Linux servers have PHP automatically)

If Im honest I’ve never fully utilized this proxy and some of the disadvantages may not be fully true as they are not from personal experience just from “the talk of the web”. Give it a try and see what you think.

Some others

Of course there are other scripts out there, heres some links to others you may want to check out:

PHP Proxy Script

Zelune Script