Latest News

The Internet Has Created Various Opportunities For Conflict

Most physical threats used to require physical proximity, to be seriously considered by the authorities.

Before the Internet became a reality, if you were to report a crime which involved a physical threat to you or some one whom you knew, chances are that you would be reporting a friend or relative - or at least a neighbour or somebody geographically close to you.

Now that the Internet is part of our daily lives, many Blogger blog owners, readers, and comment publishers - all of who use the Internet for various networking activities - have no idea of the possible international challenges involved in their activities. With the Internet involved, these dangers can come from somebody in another city, state, or country, who is a complete stranger to the potential victim.

Many people, offended or threatened by an abusive comment or post in a Blogger blog, immediately report their concern, in Blogger Help Forum: Something Is Broken.

The assumption made is that Blogger, when informed in the forum, will immediately remove the offensive or threatening content.

Not everybody realises that the varying nature of any given abuse, even when expressed in a Blogger blog, won't always be the responsibility of Blogger / Google to provide action. Some abusive content will require contact, with somebody in your local area.

Some abuse can be handled by your reporting it to Blogger / Google - and other abuse must be handled by the courts system - lawyers and judges, or by law enforcement.
You are responsible for reporting any offense accurately, and to the right agency - not solely to Blogger / Google. The above list is based upon USA legal terms. Other countries may use different definitions.

You need to understand the differences between Defamation and Impersonation, and other abuses, before attempting to report any threat to Blogger / Google. And, take action depending upon the medium used by the threat. Blogger / Google won't accept complaints about comments - as comments are jointly the property and responsibility of the blog owner, and of the comment publisher.

If the courts are involved - and the judgement is in your favour, you will need to submit a court order to Google.

The bottom line here is that some Internet conflicts may take time and effort to resolve. The courts system, which is currently based locally and nationally, may have to evolve, as the Internet brings strangers together - and creates opportunities for conflict.

>> Top

The Missing / Invisible Pages Index Gadget

Occasionally, a blog owner wants to add the Pages Index gadget to the blog, but just can't.
I go to add it - and I see "Already Added" - but where is it?

The first thing to check, when this happens, is the "Show pages as" option in the dashboard Pages display. Sometimes, you'll find "Don't show" selected. Other times, you'll find "Top tabs" - but the template may lack the code which houses the "Top tabs" gadget. This will be a problem for older templates, installed before the Pages index gadget was offered - as well as some third party templates.

Try selecting "Side links" (or change from "Side links", to "Top tabs", and back to "Side links") - and see if the gadget shows up, in the sidebar. Each time you change the setting, hit "Save arrangement".

After each change, view the blog, to verify success. Remember to clear cache, and restart the browser, each time you view the blog.

Once you get the gadget to show up in the sidebar - and if it matters - change the option to "Top tabs", and see if it shows up there. If not, you'll have several options.
>> Top

Services Offered by Amarjit Singh as a Freelancer

Hi Friends...Freelancing is tough. It can be very difficult, in fact. It can wear people down, making them lose sight of what they used to love because they have to do everything else just to get by.

No matter how much experience I have, how many degrees I have, or how well known I have become — there is always something new to learn. According to me if you do nothing to improve your skills, you won’t stay where you are.

Finally I am proud to announce all below services/solution as a freelancer:
Contact Me for free quote

After You Publish Your Blog To A Custom Domain, Should You Update Internal Links?

One interesting question, which comes up from time to time in Blogger Help Forum: How Do I?, is about Custom Domain Publishing - and what to do, after Transition completes.
Now that my blog is successfully transitioned to the domain URL, should I update the internal blog links, in the post contents?
This is a question that deserves some thought. From an aesthetic sense, it makes sense to do this - hoping that you will be paying for the domain, for eternity. But, is it worth the effort?

There are several issues, which may be relevant, when considering updating internal blog links.

Remember that updating the internal links is a manual effort - this has to be done on a post by post basis.

  • How much time do you have to spend, updating the link URLs?
  • How much effort will this take? How many old posts do you have, with how many internal links?
  • How likely are you to go ever back to the BlogSpot URL?

Remember that one of the features of custom domain publishing is the DNS Based redirect, of the BlogSpot URL, to the domain published URL. This is an automatic feature, it's total and immediate - and it will continue to work, only as long as the domain continues to work.

New posts will use the updated published URL, and the domain.

As you continue to publish posts in your blog, your new internal links will use the domain URL - unless you manually convert each one, as you edit each post.

If you ever opt to publish back to BlogSpot, all of the links, pointing to the domain URL, will be problems - when the domain stops redirecting. If you spend time manually updating each link now, that's the same amount of time that you'll have to spend reverting the updated links, when you publish back to BlogSpot.

The BlogSpot URL will redirect to the domain, forever.

Remember that your BlogSpot URL continues to operate, forever - regardless of the domain published URL.

From what I can tell of the DNS infrastructure used by custom domain published blogs, the domain DNS settings are cached locally, for all readers of any given custom domain. If the BlogSpot to domain redirect is similarly cached, it's unlikely that there are any reader experienced performance issues, from people reading blogs and clicking on BlogSpot targeted internal links, that redirect to custom domain URLs.

Other than the aesthetic issues, updating internal links may not be necessary.

As far as I can tell, when thinking about this carefully, there is no real reason - other than aesthetics - to ever update the BlogSpot based internal links, to directly point to the domain URL. Spend your time, after Transition has completed, profitably. Work on the blog, and get it re indexed, under the new URL.

Your Blog Address Is Unique - Some Details Are Not

Occasionally, in Blogger Help Forum: Something Is Broken, we see signs of people who don't understand the concept of unique Blogger identities - or contrarily, Blogger identities which won't be unique.

I can't publish my blog to the name that I want.
or

Another blog is using the same name as mine!
or

Someone is impersonating me!!

Some of these complaints are reasonable - and could keep a team of judges and lawyers very busy, for a while, when properly reported.

Other complaints come from people who don't quite understand what identities in our Blogger blogs are uniquely our property - and what identities are not uniquely ours.

When you first setup your blog, choose the address with care.

When you setup a Blogger blog, one of the first things that you must choose - and choose carefully - is the blog Address. Once you have chosen the Address for your blog - and until you successfully give up this Address, the chosen Address is yours, for eternity. Nobody else can use this Address, in publishing their blog.

You can change the Address (also known as the URL) of your blog, whenever convenient to you - but any change that you make is subject to availability, based on Addresses which may have been chosen by other people. And it is worth your while to plan any Address change, carefully.

Your address will be unique - your template and title may not be.

When you setup a Blogger blog, and choose the Address, you also choose a blog Title, and Template. Anybody else, setting up their blog, may choose the same Title, and / or Template.

Many people will choose the same Template as you do (and later customise their template, using the Template Designer). Similarly, anybody is free to choose any Title (and later change the title, whenever convenient to them).

A blog which simply uses the same Title as yours is probably not Impersonating you. A blog which contains content scraped from your blog, and with the same Title, may constitute Impersonation.

Contrarily, a blog which simply contains content scraped from your blog, without impersonating, may constitute a copyright, or DMCA, Violation.

Conflict, between you and other blog owners, is not impossible.

The Internet, in its ability to bring people together, is going to cause conflict. Some conflict will come from many different people, simply not understanding other peoples lifestyles and traditions. Other conflict will come from people intentionally abusing you.

You need to understand the differences between the various abuses, before attempting to report any perceived offense. You are responsible for reporting any offense to the right agency.

It's up to you to report impersonation, copyright violation, or other abusive content to the right agency - and it's up to each individual agency to decide whether or not to act upon your complaint. You must report any problems properly, for any action to be taken.

Comments are your responsibility to allow / approve - or not.

Comments, posted to various blogs, are handled differently. Blogger / Google considers comments published to blogs (and not dismissed as spam) to be a freedom of speech issue. Comments are jointly the property of the blog owner, and the publisher of each comment.

If someone else, publishing a comment, offends you, that is a concern which can be handled only by the blog owner. Blogger / Google, without a court order, will not get involved.

If the blog owner permits anonymous comments, anybody can use any identity that pleases them. This may lead to apparent impersonation - but any impersonation conflicts will be up to the blog owner to resolve.

The bottom line here is that some Blogger / Google hosted problem content may require discretion and patience by you, for you and other people to receive appropriate treatment.

---

Your Blog Address Is Unique - Though Many Other Identities Are Not
http://blogging.nitecruzr.net/2012/11/your-blog-address-is-unique-though-many.html
Your Blog Address Is Unique - Other Details Are Not

Blogger Magic - Verifying A Blog Feed URL

It's a fairly simple matter to determine the newsfeed URL, for any given blog, by examining the blog template code.

Besides the base feed, a blog may publish an extensive array of additional feeds, which won't be listed directly in the blog template code. You may use any given feed, in networking your blog, with any Google or non Google service.

Starting with any feed URL, what do I do? I could just open my favourite feed reader, or social networking web site, and paste the URL in place. But what if the feed reader or web site wasn't working properly, or I misunderstood the instructions? What if I see
Invalid URL
or the like, what do I do?

The smart thing to do, before you setup a FeedBurner feed or any complementary non Blogger service, is to test the feed.

Many modern browsers (Firefox or Internet Explorer, for instance) will give you a formatted display, when you are loading a feed URL.

To Republish A Custom Domain, You Do Have To Add A Second "CNAME"

One of the challenges of using Blogger involves following the instructions.

Blogger / Google personnel provide Help instructions which are not always updated - sometimes they simply write a new Help instructions document, leaving the old Help instructions in place.

The policy of leaving old Help instructions in place - and sometimes conflicting with new displays and procedures - occasionally causes confusion. One scenario where this causes a problem is in publishing or re publishing a blog to a custom domain.
I've seen instructions that when you buy a domain from Blogger / Google, using "Buy a domain", you won't need to create a CNAME record.

One of the advantages of using "Buy a domain" is the ease of setup. If you use "Buy a domain", you don't have to bother with any of the details. This is generally - but not always - true.

(Update 2013/09): The second "CNAME" won't be required, in all cases. If you don't see instructions for adding a second "CNAME", focus your efforts on getting the domain working, with righteous base DNS addresses,

Sometimes, even using the "Buy a domain" wizard can later present a problem.

One of the known problems with "Buy a domain" results in a partially setup domain - and with a partially setup domain, you may have to re publish the blog to the domain, to get the new domain to work completely.

To re publish the blog, you have to verify your ownership of the domain - even if you previously used "Buy a domain". And the additional step of adding a second "CNAME" overrides the old Blogger Help instruction
If you bought your domain name from Blogger, you won't need to create a CNAME record.
When you are instructed to re publish the blog using "Advanced settings", that 's what you must do. And, when "Advanced settings" contains instruction to add a second "CNAME", then please - add a second "CNAME".

>> Top

Redirecting The Traffic From Your Blogger Blog

Some Blogger blog owners are confused about their ability to redirect traffic to, or from, their blogs.

Sometimes this leads to problems, as in the need to report a problem with spam classification, in Blogger Help Forum: Something Is Broken
Why was my blog just deleted, for "Malicious JavaScript"?

Other people will want to know why, after renaming their blog, all the search engine references now point to a dead URL. Still others may want to rename specific posts, and yet have the post URLs match the new titles.

Blog URLs, and Post URLs, are complex details, for Blogger blogs. By default, both are managed for you. Not everybody understands how to manage blog and post URLs, when necessary.

Not every blog owner understands that ones readers are not possessions, to be manipulated at will.

Spammers would appreciate the ability to use Blogger blogs as starting points.

Many spammers would love to use various Blogger blogs as gateways, redirecting their readers either to other Blogger blogs, or to non Google controlled websites. In order to discourage spamming activity, neither type of redirect is permitted, by the Blogger spam classifier.

Even if automated redirection was permitted, many redirection techniques may not work for everybody. Modern browsers, designed to prevent abusive activity like hacking and spamming, may have filters which explicitly block DNS settings, and scripts, designed to redirect traffic from one website to another.

If you migrate a blog, then redirect, you may not see consistent results.

If you design your URL migration strategy to require automated redirection - and even if Blogger / Google does not delete the blog for abusive technique - you may still not see a consistent transfer of existing traffic, to your new URL.

You can redirect a Blogger blog, to a non BlogSpot URL, using properly setup custom domain publishing - "CNAME" referral. That is the only valid way to redirect a BlogSpot URL, to a non BlogSpot URL. Any other method will eventually leave you posting, in Blogger Help Forum: Something Is Broken
Why was my blog just deleted, by Blogger?

If you migrate to a new BlogSpot URL, use a Welcome post in a stub blog.

If you rename your blog - and publish to a new BlogSpot URL, your only recourse is to publish a "stub" (empty) blog to the old URL, and visually redirect your readers.
This blog is now published as "blogger-status-for-real.blogspot.com". Please update your bookmarks.


Blogger does not offer ".htaccess" features, such as redirection.

One disappointment, experienced by non Blogger webmasters, is the lack of ".htaccess" based redirection. You do not have access to the "blogspot.com" root folder - and you cannot use ".htaccess" based redirection.

You can redirect the feed - after you setup a new feed.

You can, if you wish, redirect the blog feed, after renaming the blog - but this should be done only when necessary.

There are several specific cases where the blog feed should not be redirected.

Custom redirects does not provide BlogSpot to BlogSpot redirection.

Blogger recently provided us the option to redirect traffic from one blog post to another - but the syntax used by the custom redirects wizard explicitly prevents redirection outside the base blog URL. That said, we have seen some imaginative redirections, between different URLs in the same blog.

Use of the custom redirect feature can generate interesting problems, not all of which can be prevented, easily. You can redirect some URLs - but you need to understand what you can, and cannot do - and why you cannot do everything that you would like.

How Google Pakistan Was Hacked?


Today morning, when i accessed google.com.pk, I was surprised to see the defacement page of turkish hackers, Later on i came to know that other websites such as Microsoft.com.pk were also defaced this morning. On checking the name servers with nslookup, the DNS servers were pointing towards another website, It was clear that the hacker compromised the DNS server and changed the DNS servers to their own, where they had their defacement page. The above image appeared on major .pk domains, when users were trying to access them.
Some time later the page started pointing towards google.com instead of google.com.pk, However the name servers of all .pk domains are still pointing towards freehostia.

           

How was Google Pakistan Hacked?

So as i mentioned earlier that it looks to me that the registrar that was responsible for Google's DNS records may have been compromised and the records were changed, so when users went to google.com.pk they were redirected to different website which was setup by Turkish hacker to make it look that google.com.pk has been actually compromised. 



By a quick whois search i came to know that the registrar that is responsible to PKNIC domains is MarkMonitor, The is a huge chance that the turkish hackers may have gained access to MarkMonitor and then would have changed the DNS servers. Another possibility is that the hackers may have used an attack called "DNS Cache Poisoning" in order to change the DNS servers. I will update this page as soon as i have more updates regarding this attack.

Update: Here is the Full List Of Compromised Domains:

google.com.pk
microsoft.pk
biofreeze.com.pk
blackstone.pk
blogspot.pk
itunes.pk
gmails.pk
zynga.com.pk
chrome.com.pk
chrome.pk
visa.com.pk
bx.com.pk
abbvie.com.pk
abbvie.pk
cgma.pk
chacos.com.pk
cimacpa.pk
cisco.pk
ciscosystems.pk
blogspot.com.pk
cpacima.pk
cpaintl.pk
cpaldglobal.pk
cpalwglobal.pk
drivealliance.pk
eastman.biz.pk
eastman.net.pk
eastman.org.pk
ebay.pk
monatin.pk
everyblock.pk
youtube.pk
3com.web.pk
hp.web.pk
revlon.pk
streetwear.pk
windows7.pk
windows8.pk
windowsrt.pk
yahoo.pk
yahoomaktoob.pk
zynga.pk
firstdirect.com.pk
flickr.pk
fordgofurther.pk
gbuzz.pk
gmailbuzz.pk
gmail.pk
googlebrowser.com.pk
google.pk
googlebuzz.pk
googlechrome.com.pk
abbviepharmaceuticals.pk
abbviepharmaceuticals.com.pk
hewlettpackard.pk
hexagon.com.pk
hsbcamanah.biz.pk
hotmail.com.pk
hpcloud.com.pk
hp.com.pk
hpscalene.com.pk
hsbc.biz.pk
hsbcadvance.com.pk
hsbc.pk
hsbcpremier.com.pk
hsbcprivatebank.biz.pk
hsbcamanah.com.pk
hsbcdirect.com.pk
hsbcnet.com.pk
hsbcpremier.biz.pk
hsbcpremier.pk
hsbcprivatebank.com.pk
investdirect.biz.pk
investdirect.com.pk
ipod.pk
jaiku.pk
kellyservices.com.pk
maktoob.pk
markmonitor.pk
microsoftsmartglass.com.pk
microsoftsmartglass.pk
xboxsmartglass.com.pk
xboxsmartglass.pk
msn.org.pk
windowsstore.pk
windowsstore.com.pk
opteron.com.pk
parkplaza.pk
paypal.pk
postini.pk
scalene.com.pk
schwab.biz.pk
schwab.com.pk
sonystyle.com.pk
streetwear.com.pk
theworldslocalbank.com.pk
genapp.pk
genapp.com.pk
generationapp.pk
generationapp.com.pk
windows.com.pk
windows7.com.pk
windows8.com.pk
3com.biz.pk
3com.fam.pk
3com.net.pk
3com.org.pk
gchrome.com.pk
aicpacima.pk

Update 2: Due to the Propogation of Google's name servers to Freehostia's nameservers, It made attackers to create any non-existing subdomain under compromised websites, For example rafaybaloch.google.com.pk. All the attacker would need to do is to register the non-existing subdomain under freehostia and add an index.

Update 3: It seems that Google.com.pk has been finally restored and the nameservers are again pointing to dns.google.com.pk.

Use A Well Protected Browser, To Block Redirecting From Misbehaving Code And Gadgets

Regularly, in Blogger Help Forum: Something Is Broken, we advise people about problem code or gadgets in their blogs.

Generally, this follows reports by blog owners, that their readers are being redirected to unexpected and unwanted blogs and websites, from their blogs. Sometimes, we get the reply
I can't remove the code. Every time I login to Blogger, I am redirected, just as my readers are being treated!

When we see the latter complaint, we recognise yet one more blog owner who does not know how to properly protect himself, from malicious code and websites. Most people, who know about Layered Security, know that proper browser security is an essential complement to a properly chosen and maintained anti malware filter.

Many people, who care about browser based security, use Firefox with NoScript.

This combination provides Unix level security, "deny by default, permit by exception". Simply install NoScript as an add-on, to Firefox, to get started. Alternately, you may use Chrome with ScriptSafe, or Opera with NotScripts.

When using your browser with a script filter, there will be specific Blogger / Google websites which you should trust, and others which you should not trust.

Every time you surf to a different website - and decide that the owners of the website, which you are now viewing, have your best interests in mind - configure NoScript to allow that website, to display properly on your computer. When you find that a trusted host website does not display properly, examine the NoScript taskbar and the list of websites used by the host website. Look at the NoScript Options menu, carefully. Allow specific websites which you trust, and Forbid all other websites which you do not trust.

Deciding which websites to trust, based on their presence in the NoScript Options menu, will be a learning experience for a while. For some host website pages, which use a large number of unfamiliar websites, you may have to carefully select to "Temporarily allow all this page" - or you can "Temporarily allow" each single website, one by one, until the host website page displays properly.

When you decide to (permanently) "Allow" any website, that website will be "Allowed" on all other host websites where you may surf. Conversely, any website which you never select to "Allow" - such as the problem website which is providing the misbehaving code - will never execute on your computer again. This will prevent redirection on your computer, allow you to safely use the Blogger dashboard, and edit or remove any dodgy code which may be part of your blog.

After removing any dodgy code from your blog, always clear cache and restart Firefox, to test the effects of your editing.

>> Top

Add A Simple "Recent Comments" / "Recent Posts" Gadget To Your Blog

The recently observed problems with some third party gadgets, previously added by many blog owners to their blogs, leaves these blogs lacking various accessories.

One of the gadgets identified is the "Recent Comments" / "Recent Posts" gadget pair. For many blog owners, this gadget is not impossible to replace.

Blogger provides us with a native accessory, called a "Blog Feed" gadget, which will provide acceptable "Recent Comments" and "Recent Posts" functionality, for many blog owners.

Look at the sidebar of this blog, for "The Real Blogger Status - Comments", and "The Real Blogger Status - Posts". Those are "Recent Comments" and "Recent Posts" gadgets, which are based on the Blogger supplied "Feed" gadget - which is not a third party accessory, and is not subject to future third party peccadilloes.

To make your new gadget, start with the URL of the blog feed desired.

Add a Blogger supplied Feed gadget, using the "Add a gadget" wizard, in the dashboard Layout display.

This is the URL of this blog.
http://blogging.nitecruzr.net

This is the URL of the blog comments feed.
http://blogging.nitecruzr.net/feeds/comments/default

This is the URL of the blog posts feed.
http://blogging.nitecruzr.net/feeds/posts/default

Setting up a "Blog Feed" gadget is simple enough.

  1. Add a "Feed" gadget (Only select the "Feed" gadget, "By Blogger"!!!), using the "Add a gadget" wizard.
  2. Plug in the Feed URL (see my examples above), and Continue.
  3. Review / change the options offered, and Save.
  4. Test your new blog accessory - provided by Blogger - with no future hacking activity anticipated.

Avoid any similarly named gadget not "By Blogger" - distributed from "Add a Gadget", or from a private blog or non Google website.

And, you're done. Wasn't that simple?

Improved Spam Review / Undelete Option In Blogger

One of the more positive changes in the "New GUI" involves an improved ability to find, and correct, deleted and locked blogs.

Finding deleted / locked blogs, under earlier versions of Blogger, was always a challenge - both for the person looking for the necessary display - and for the people trying to instruct how to find the necessary dashboard display.

In the current Blogger dashboard, one simply logs in and looks for the "Deleted Blogs" button - right beneath "New Blog", when the blog owner has any self deleted blogs, or any blogs deleted or locked by the Blogger abusive blogs classifier. Clicking on "Deleted Blogs", we see a list of blogs - with either an "Un delete" button (for self deleted blogs), or a "Restore" button (for spam classifier locked / deleted blogs).

Neither the "Restore" or "Undelete" button produce an immediate or universal result - both are still subject to previous limitations.

It is simply now far easier to find the spam review / un delete mechanism, than it was under the previous GUI.

If your blog was deleted by you - or deleted by Blogger for hosting malware, you should be able to hit "Restore", and the blog will be restored while you wait. If the blog was deleted or locked by Blogger for suspected spam hosting, you will probably have to solve a CAPTCHA - then wait 24 to 48 hours, while the blog is reviewed. In the long run, you will probably find this extra effort will be worth your time.

In some cases, the owning Blogger account may be locked, following unusual account activity - generally, brute force password guessing attempts, in an effort to hijack control of the account and any owned blogs. After submitting an account restore request and / or changing the account password, the blogs owned by the account will be restored - generally 24 to 48 hours after the account is restored. This is a normal, and unavoidable, result of Google, protecting your account and blogs from hacking activity.

Just be aware that not all blogs will be listed by the "Deleted Blogs" wizard.

Please be aware of the limitations of the restore process. This process serves blog owners who have been spuriously classified. If you request restore - and Blogger confirms that you are a spammer - you will be best advised to start over, or to find a different platform for publishing.

If you do start over, you should be very careful, and avoid making the same mistakes - lest you be subject to more strict punishment. Spammers simply are not welcome, in Blogger / Google - sorry.

>> Top

Website Hacking With CSRF Attack


Cross Site Request Forgery Attack is also known as CSRF or XSRF in short. Do not confuse it with Cross Site Scripting attack because it is totally different from that. Like SQL injection and XSS, CSRF is also one in top 10 OWASP web vulnerabilities for many years.



What is Cross Site Request Forgery Attack?

Cross Site Request Forgery or CSRF is an attack method in which attacker exploit users' active session in the browser without the permission of innocent user. By using victim's browser session, attacker sends valid requests to a website that perform some action in users' account. User will not be able to know that the request has been sent from his browser. An Attacker uses some third party innocent websites to generate these valid requests from user’s browser.

EX: If a form on a website can also be submitted from some other website, It is vulnerable to CSRF. Suppose there is a form on a vulnerable website

(http://www.vulnerablesite.com/vulnerable.php)

<form action=”action.php” method=”post”>
</form>
And I made a duplicate form on my local host
<form action=” http://www.vulnerablesite.com/action.php” method=”post”>
</form>

I am able to submit the form by using the form on my localhost, the website is vulnerable to the CSRF attack This attack uses user's session to perform malicious task, so it is also known as "Session Riding attack."Sometimes it is hard to understand how this attack works in real life. So I am explaining it with the help of a example.

Suppose if an online payment website like Paypal has CSRF vulnerability. Attacker A want to exploit CSRF vulnerability of this website and attack on victim B. For this he use some third party website. Innocent User B login into his account to do check the balance and then switch to a new tab without logging out from the older tab. Session is active on the browser.

Attacker A had posted a link or image in a website that on load submits the payment transfer form to transfer money to the attacker's account by using active session. As the request came from user's browser by his session, CSRF vulnerable website will transfer the fund.

How CSRF is different from XSS

Many people have confusion inn between CSRF and XSS attack. In XSS, attacker exploit the trust of users on website. So we inject malicious script and user believes on it just because he see a valid website URL. Unlike XSS, in CSRF attacker exploits the website's trust on the browser. In this, a website thinks tha a request camre from the user's browser is made by user itself.

Both vulnerabilities are dangerous enough.

Protection against CSRF attack:

Many people thinks that limiting against XSS also limits CSRF. But this is not true. We have to make so many things to limit the attack.
There are many ways to protect the CSRF attack. Some important ways are given below:

  • Checking the HTTP Referrer header website. If it is a different domain, deny the request.
  • Limiting the lifetime of authentication cookies. If user is inactive for some fixed time, the session must be expired.
  • Limit the damage by authenticating each request made by user. 
  • Use of random token for each session
About Author:
Deepanker Verma is a security researcher and tech blogger. You can read his security blog at HackingTricks.

Using The Google Apps Domain Root Redirect Setting

Recently, Google Apps added a setting to the domain administrator desktop GUI, which controls the redirect of the domain root (aka "naked domain"). We initially observed this setting, as an option in working around the problem of setting the domain root redirect, in the Blogger Publishing "Advanced Settings" wizard. It's also possible that this setting should be used in recycling the domain settings, when faced with the "dreaded "Another blog ..." error.

Use of the Google Apps Domain Redirect setting is not complicated. It starts with setup of the domain administrator account. For any newly purchased domain - as well as for domains purchased directly from a registrar, it's a fairly simple matter to setup a Google Apps domain administrator account - then to set (or reset) the redirect.

Having logged in to your new Google Apps account, as the domain administrator, you simply click on "Domain settings", then "Domain names". Under the Status column for your domain, you'll find the link to "Change redirect". Hoping that you have a standard asymmetrical DNS configuration for the domain, already setup, you can ignore the warning
To enable this redirect, you must change the A record with your domain host.
and simply click on "Redirect your naked domain" (for a new domain), or "Change redirect" (for an existing domain).

This is a new domain, with the domain root not yet redirected.
This is an existing domain, with the domain root redirected to "www.nitecruzr-test.net".
If the domain DNS addresses are not setup with both the source and target of the redirect (the "naked domain" and alias) pointing directly to the proper Google servers, as in either the symmetrical or asymmetrical DNS address configuration, the redirect setting is useless. The redirect only works within Google servers. This is another scenario where DNS addresses which use forwarding will not work.


The "Change how your naked domain is redirected" display simply lets you designate the "www" (or any alternate) alias as the target for the naked domain redirect.
Designate a web address to direct your users to when they access your naked domain.
Entering the target (defaulting, simply, to "www"), then hitting "Save changes", you are done with this procedure. Now, the domain root should redirect to the alias of your choice.

If you are recycling the domain settings, you'll want to change the redirect setting to something other than "www" - let us say "test" - then change back to "www".
  1. Set the redirect to "test", and hit "Save changes".
  2. Set the redirect to "www", and hit "Save changes".
  3. You're done with this exercise.
If you are clearing the setting, so you can continue with the Blogger Publishing process, you may shorten the exercise a bit.
  1. Set the redirect to "test", and hit "Save changes".
  2. You're done with this exercise.
In either case, you now continue with the main task at hand, if necessary.

>> Top

Blog Owners Seeing "Error 14" Or Similar Symptom, When Attempting To Publish To A Custom Domain URL

We're seeing a small but steady flood of reports, in Blogger Help Forum: Something Is Broken, from blog owners attempting to publish their blogs using a custom domain URL.
I am not able to redirect my blog from blogspot to my own domain! Blogger is giving me the error
We have not been able to verify your authority to this domain. Error 14.

This specific problem has been observed numerous times in the past, ever since Blogger added the domain ownership verification process to the custom domain publishing feature. Problem reports require careful diagnosis, involving examination of the basic DNS addresses setup with the registrar, to verify the "Error 14" as the primary problem.

Because careful diagnosis is required, for each case reported, we're not adding a Rollup Discussion in the forum. Instead, we request that each blog owner, observing this problem, post her / his problem report in a topic started for that purpose, by himself / herself only. This will allow us to inventory this problem properly, and assist Blogger Engineering in isolating and fixing this problem promptly, so the blog owners can get on with the after publishing process.

Reports of this problem appear to have started in volume late Saturday, 11/17, Pacific time - though some reports, examined in detail, mention the problem initially observed several days ago. The initial volume of the problem appeared to come from SouthEast Asia - but as additional reports were posted, we see Europe and the Americas apparently represented.

Blogger Engineering is now aware of the problem, and will investigate. We'll continue to monitor the forum topics, and to post an initial advisory FAQ, as a response to the reports observed - when reports contain clear evidence of the "Error 14" being a primary symptom. Please monitor that FAQ, and this post, for any ongoing updates.

>> Top

Windows 8 AIO 18in1 Download Free x64/x86 2012



Windows 8 AIO 18in1 NetFx3 x64/x86 2012

Windows 8 AIO 18in1 NetFx3 x64/x86 2012 | 5.53 GB

This will NOT fit on a 4.7GiB DVDR. You need a Multi-Layer DVDR or USB - There are no well established activation bypass as of yet, so I have not included them. Every activator available to date uses old legit keys and kms servers with outdated blacklists. If you manage to get your copy of Windows 8 activated, I highly recommend backing up your activation with Advanced Tokens Manager 3.5 beta 3 or later from Josh Cell Software.


No Windows 8 Settings were harmed in the making of this ISO.
No Programs are added.
No Unattended Settings were added to the installation.
No Registry Settings were modified.

Either burn the included .iso file to a dvdr or use a usb flash drive.
I have included diskpart instructions and the win7usb tool.
I personally use diskpart and winrar, but the tool may be easier.

32 bit Build 9200 MSDN Sources:

en_windows_8_x86_dvd_915417
en_windows_8_pro_vl_x86_dvd_917830
en_windows_8_pro_n_vl_x86_dvd_918877
en_windows_8_n_x86_dvd_916097
en_windows_8_enterprise_n_x86_dvd_918707
en_windows_8_enterprise_x86_dvd_917587
64 bit Build 9200 MSDN Sources:

en_windows_8_x64_dvd_915440
en_windows_8_pro_vl_x64_dvd_917699
en_windows_8_pro_n_vl_x64_dvd_918677
en_windows_8_n_x64_dvd_916091
en_windows_8_enterprise_x64_dvd_917522
en_windows_8_enterprise_n_x64_dvd_918052

Installations included:

Windows 8 32-bit, Windows 8 N 32-bit, Windows 8 Pro 32-bit,
Windows 8 Pro N 32-bit, Windows 8 Pro VL 32-bit,
Windows 8 PRO N VL 32-bit, Windows 8 Pro with Media Center 32-bit,
Windows 8 Enterprise 32-bit, Windows 8 Enterprise N 32-bit
Windows 8 64-bit, Windows 8 N 64-bit, Windows 8 Pro 64-bit,
Windows 8 Pro N 64-bit, Windows 8 Pro VL 64-bit,
Windows 8 PRO N VL 64-bit, Windows 8 Pro with Media Center 64-bit,
Windows 8 Enterprise 64-bit, Windows 8 Enterprise N 64-bit

Tools used:

imagex for image extraction
dism for file package addition
oscdimg for iso mastering
SXS folder for x86 and x64 merged

KB Files added via add-package dism:
KB2712101, KB2756872, KB2758994, KB2761094, KB2764870, KB2768703
NetFX 2.0-3.5.1 added with DISM using SXS folder.

I have personally tested every install on this ISO. It should not require a setup key as there is a skip button, but if it does, I have included some default install keys. I have not verified them as working. Use them at your own risk.

These MSDN iso sources have pre-release EULA on some of the installations.
All reports indicate that the binaries are exactly the same as the ones in the retail dvds. If you don't like it, don't use it. If you want to use a retail version, you need a retail key. The programs are the same.
Download:

http://extabit.com/file/279leb5w67j9u/Windows 8 AIO 18in1 NetFx3 x64 x86 Oct31 2012-DCVN.part1.rar
http://extabit.com/file/279leb5w82yki/Windows 8 AIO 18in1 NetFx3 x64 x86 Oct31 2012-DCVN.part2.rar

Mirror:

Microsoft Windows 7 Black Fusion AIO x86/x64 New Updated 2012


Microsoft Windows 7 Black Fusion AIO x86/x64 New Updated 2012

Microsoft Windows 7 Black Fusion AIO x86/x64 New Updated 2012 | 6.05 GB

Windows 7 Black Fusion Edition.

This is an All In One version (X64 and X86) of windows 7 BF Edition.
There is OEM activation integrated for several brands.
Updates integrated till october 2012
Integrated several languages: English, Dutch, German, French, Arabic and Spanish
Added a few tweaks and a custom theme, removed nothing from the original ISO though.
Added some custom gadgets, that belong to the BF theme.


INSTALLATION:
================

- Burn the ISO to a double layer DVD (Slow Speed)
- Boot from DVD and do a fresh install
- Just follow the instructions on screen.


IMPORTANT:
=============

- If it didn't activate with OEM, use the w7e-loader in the folder "activator" provided in the torrent.
- To display the custom theme properly (and to install 3rd party themes afterwards) use the system resource patcher in the "activator" folder
Be sure to use one that belongs to your OS (X86 or X64)

Windows Post Install Wizard will pop up after install, giving u the option to install several apps.

This release can be updated safely.
Microsoft Windows 7 Black Fusion AIO x86/x64 New Updated 2012

Microsoft Windows 7 Black Fusion AIO x86/x64 New Updated 2012

Microsoft Windows 7 Black Fusion AIO x86/x64 New Updated 2012

Download:

Mirror:

Download Microsoft Office 2013 Professional Plus (64-Bit) and Activator Free



Microsoft Office 2013 Professional Plus (64-Bit) and Activator

Microsoft Office 2013 Professional Plus(64-Bit) and Activator | 803 MB

Microsoft Office 2013 is the latest Office Package for Windows 7 and Windows 8.


Install Instructions:

1. Run the setup file for Office 2013 and skip the product key part of the installation process.

2. Run the setup file for Microsoft Toolkit

3. Activate Office 2013 with Microsoft Toolkit

4. Restart your computer

5. Play with your new software

Reminder: Support the torrent by seeding so other people can download it faster.

(All below links are interchangable. No password)

Buy a Premium Account Rapidgator & Uploaded = High speed + Parallel Downloads!

From Uploaded (Premium Recommend)

http://uploaded.net/file/hdsdei6w/Microsoft%20Office%20Professional%20Plus%202013%2064%20Bit.part01.rar
http://uploaded.net/file/ddva04pl/Microsoft%20Office%20Professional%20Plus%202013%2064%20Bit.part02.rar
http://uploaded.net/file/t6dags4e/Microsoft%20Office%20Professional%20Plus%202013%2064%20Bit.part03.rar
http://uploaded.net/file/hrwi6fez/Microsoft%20Office%20Professional%20Plus%202013%2064%20Bit.part04.rar
http://uploaded.net/file/wd8hu5nt/Microsoft%20Office%20Professional%20Plus%202013%2064%20Bit.part05.rar
http://uploaded.net/file/motdj4x9/Microsoft%20Office%20Professional%20Plus%202013%2064%20Bit.part06.rar
http://uploaded.net/file/nlw4950x/Microsoft%20Office%20Professional%20Plus%202013%2064%20Bit.part07.rar
http://uploaded.net/file/5549ufb9/Microsoft%20Office%20Professional%20Plus%202013%2064%20Bit.part08.rar

From Rapidgator (Premium Recommend)

http://rapidgator.net/file/56991660/Microsoft_Office_Professional_Plus_2013_64_Bit.part01.rar.html
http://rapidgator.net/file/56991654/Microsoft_Office_Professional_Plus_2013_64_Bit.part02.rar.html
http://rapidgator.net/file/56991659/Microsoft_Office_Professional_Plus_2013_64_Bit.part03.rar.html
http://rapidgator.net/file/56991669/Microsoft_Office_Professional_Plus_2013_64_Bit.part04.rar.html
http://rapidgator.net/file/56991703/Microsoft_Office_Professional_Plus_2013_64_Bit.part05.rar.html
http://rapidgator.net/file/56991708/Microsoft_Office_Professional_Plus_2013_64_Bit.part06.rar.html
http://rapidgator.net/file/56991714/Microsoft_Office_Professional_Plus_2013_64_Bit.part07.rar.html
http://rapidgator.net/file/56991711/Microsoft_Office_Professional_Plus_2013_64_Bit.part08.rar.html

How to Recover Lost or Formatted data, emails, photos & documents: Download TotalRecovery Pro



TotalRecovery Pro 8.3.20120914 + Keygen

TotalRecovery Pro 8.3.20120914 + Keygen | 373 MB

TotalRecovery 8 Pro is all you need to completely protect your data and computer from an unexpected disaster. TotalRecovery Pro ensures your digital photos, music, documents, and other important files are well-protected and can be easily recovered. TotalRecovery Pro's comprehensive recovery features allow you to restore a crashed computer or a single file.


All-in-One Data Recovery Software. Recover data, emails, photos, documents and even, Windows in just a few clicks!
- Easily recover data and computer from hard disk failure, virus, data loss, theft, flood, or other unexpected disaster
- Intuitive user interface lets you recover your precious photos, videos, music, emails, documents, and other important files in no time
- Migrate or upgrade to a new computer -- including all files, photos, music, application settings, registry and your operating system

What's new in V8?
- UEFI-based System Support
- GPT/Dynamic Disk Support
- Free Dissimilar Restore
- VMWare/VHD Support
- Password Recovery
- Domain Controller Support
- Enhanced RAID Support
- Hot/Cold Imaging

Home Page - http://www.farstone.com/

[INSTALL NOTES]

Step 1: Please use 7Zip/WinRAR/Universal Extractor to EXTRACT FILES.
Step 2: run the setup
From Uploaded (Premium Recommend)

http://uploaded.net/file/t8tneq0t/TotalRecovery%20Pro%208.3.20120914%20+%20Keygen.part1.rar
http://uploaded.net/file/6ixi8mvb/TotalRecovery%20Pro%208.3.20120914%20+%20Keygen.part1.rar
http://uploaded.net/file/7n7u5m9g/TotalRecovery%20Pro%208.3.20120914%20+%20Keygen.part2.rar
http://uploaded.net/file/fshz13ev/TotalRecovery%20Pro%208.3.20120914%20+%20Keygen.part3.rar
http://uploaded.net/file/j8z3ly93/TotalRecovery%20Pro%208.3.20120914%20+%20Keygen.part4.rar

From Rapidgator (Premium Recommend)

http://rapidgator.net/file/56993060/TotalRecovery_Pro_8.3.20120914___Keygen.part1.rar.html
http://rapidgator.net/file/56993115/TotalRecovery_Pro_8.3.20120914___Keygen.part2.rar.html
http://rapidgator.net/file/56993120/TotalRecovery_Pro_8.3.20120914___Keygen.part3.rar.html
http://rapidgator.net/file/56993127/TotalRecovery_Pro_8.3.20120914___Keygen.part4.rar.html

The Free Domain Registration Service "co.cc" Appears To Be Down

Some Blogger blog owners, trying to save a few dollars while publishing their blogs to a non BlogSpot URL, have used the free service "co.cc" for registering their domains.

As "co.cc" increased its base of "customers", their reputation for providing free registration grew - and they became popular with scammers and spammers.

Last year, Google, weary of the overall poor search engine reputation of co.cc customers, de indexed all websites registered by co.cc. This week, co.cc apparently stopped serving DNS information for its "customer domains".

Strictly speaking, "co.cc" was not a registrar - and the blogs and websites published by its customers were not using registered domains.

"co.cc" was the domain "co", registered by its owner, and providing subdomains.

The "Top Level domain co.cc" - which by its name implied an Internet service operating from the Cocos (Keeling) Islands - was in fact the domain "co", operating out of Korea, and registered in the Cocos (Keeling) Islands. All "domains" given out by "co.cc" were in fact sub domains to the domain co.cc - and this is where the problem started.

All blogs and websites, published to a "co.cc" subdomain, were aggregated by the search engines as the "co.cc" domain. As the number of co.cc registered scammy and spammy websites increased, their search engine reputation dropped.

Non spammy blogs and websites either went out of business, or were transferred to legally registered domains, because of the low reputation and lower search engine originated traffic.

The owners of "co.cc" realised that their scam had been outed, and closed down.

Finally, the owners of co.cc - supposedly "JONG SUNG, KIM" of "GOYANG,GYEOUNGGI" - realised that their run was over, and that they could no longer hide their scams and spams behind legitimate blogs and websites. Apparently, they have now shut their doors.




The old adage comes to mind.
You don't get something for nothing.

If you published to a "co.cc" subdomain, you have to publish back to BlogSpot.

If you registered your custom domain using co.cc - and your blog is now offline - you're going to have to publish the blog back to BlogSpot, to get it online again. If you want to use a domain URL, you have to repeat the custom domain setup process - starting with a new, properly paid for, domain URL.
(Update 2015/02): We now have more of the same, from "co.vu".

A free ".co.cc" "domain", when it was working, was worth precisely what you paid. Now, it's worth less.

Blog Owners Report Mysterious Blogs Added To Their Dashboard Blog List

We are seeing a small but steadily increasing stream of problem reports, in Blogger Help Forum: Something Is Broken, from Blogger blog owners, wondering where these mysterious blogs, being added to their dashboard "My blogs" list, are coming from.
Is anyone else experiencing random blogs being added to their dashboard? I login, and I notice that many blogs have been made - and they're all with names that are just a jumble of letters and numbers, but no posts. All of them lead to the same blog though.


Here's a random list of the names of 7 such blogs, which were recently created in the "blogspot.com" name space. If you wish to examine these blogs, and these have not yet been deleted by the Blogger anti spam processes, I strongly advise that you use a proxy server, or similar isolation technique. Never examine any hacking / spam attack component, unprotected.
yyxfkfgpiy
x24xd2wtu1
4o4fq0rqp9
26djmc3xyh
m9s5tdor2l
h62wo5uthr
bsojvu43gk

Some blog owners are seeing dozens of these mysterious blogs. Adding to the confusion, a couple owners have even thought that their legitimate blogs have been replaced. Fortunately, what is happening is that the legitimate blogs are still there - just not visible in the noise.

When queried for details, many owners report having received, and accepted, an offer involving FaceBook, and the suggestion to "Change your colors". Apparently, if logged in to both Blogger / Google, and FaceBook, this mysterious "FaceBook app" will simply setup quantities of BlogSpot hosted spam blogs, frighteningly reminiscent of blogs created as part of the long ago observed Russian Business Network spam blog farms.

Each blog created has the same initial content - a display, with the offer to "Change your FaceBook colors". The link to accept the offer then leads to a non Google website, which installs the malware, which creates the mysterious spam blogs, in mass quantity. For your examination, here is one example spam blog - which may or may not currently be online, using a proxy server link.
http://anonymouse.org/cgi-bin/anon-www.cgi/http://yyxfkfgpiy.blogspot.com/


We don't yet know what, if anything, is being installed on the computer used in the blogs creation - nor how malicious the virus is, when installed on one's own computer. Our advice is simple - avoid becoming a victim. If you are receiving invitations for this service, it's possible that your FaceBook friends, supposedly sending the invitations, are the current victims. If you ignore the offer, you should be safe.

It's possible, too, that this attack is enabled by the massive attacks of seemingly purposeless spam comments, being published on various blogs.

If you are concerned about this situation, you might want to check all of your blogs for unfamiliar code - then review your current protection, and even consider using Google 2-step verification.

>> Top

Blogger Comments Being Posted Using Anonymity

Some Blogger blog owners use their Blogger blogs as the center of their peer to peer networking life.

Many blog readers are expected to post comments - and to leave their email addresses, as part of their message or profile, to allow direct contact. Long ago, I used the email address of my commenters, as part of an easy "Contact Me" form, on this blog.

Recently, we've been noting that Blogger comments don't always include a useful email addresses - many comments simply describe the commenter as
noreply-comment@blogger.com
Not all blog owners - and readers - appreciate this change.
When I leave a comment using my google profile, it isn't linking my profile with my email address. How do I get my email address properly displayed?
and
Why do so many comments, published to my blog, show the email address of "noreply-comment@blogger.com"? How do I email my readers?


For some time, we've known of the dangers of revealing your email address to the world, in general.

Blogger blog owners have been a known special risk, with their email addresses. Google developed Google+, with the Google+ profile, to allow everybody to network with their friends - both old and new - without the risk of revealing one's email address.

Google+ replaces email completely. You can share comments, messages, photos, and videos with anybody, in a self contained universe - and you can define your own, personal universes. This leaves the need to reveal your email address completely unnecessary (though you can use email, if you wish, without knowing anyone's address - or revealing yours).

After Google+ became popular, Blogger added the option to link our Blogger blogs with our Google+ profiles. Blogger profiles, based on Google+, are cleaner, and use the Google+ displays to update.

To encourage people to use Google+ for peer to peer networking activity, and to make our Blogger accounts and blogs safer, Blogger has eliminated our email addresses from all outside correspondence - including when we publish comments on Blogger (and non Blogger) blogs, using a Google+ based Blogger profile.

If we publish a comment on somebody's blog, and the blog owner has enabled comment moderation or notification, our comment shows up in the email inbox of the blog owner - but with our email address displayed as "noreply-comment@blogger.com".

With email addresses not displayed, this helps protect our Blogger account names from becoming unnecessarily revealed. Blog owner - reader comment communication is still possible - but again, without the email address of the reader being known.

By eliminating our email addresses from our comments, Google is helping to protect our accounts and blogs, while letting us continue to comment on each others blogs - and to eliminate one type of unnecessary spam from our blogs.

Google+, which replaces email for networking, uses a "Friend of a Friend" relationship to let you expand your universe infinitely, with each comment, message, photo, and video that you share. It lets you control the expansion of your universe - if you wish. And, it helps keeps your Blogger blog under your control.

All About Keyloggers - FAQ

A keylogger sometimes called a spying software is a small program which is used to monitor a local or a Remote PC, Keyloggers now a days are so easy to use that a person with even a basic knowledge of computers can use keylogger.Once a keylogger is installed in your computer it can monitor each and every keystroke typed on your computer, thus you can see how dangerous a keylogger can be.

Types of Keylogger

There are two types of Keyloggers:

1.Hardware keylogger
2.Software keylogger

Hardware keyloggers are rarely used now a days since you can monitor a Remote computer, Software keyloggers are the most widely used keyloggers as some of them support remote installaiton which means that you can monitor any computer anywhere in the World.


Can the victim detect it's presence once keylogger is installed in his/her computer?

Well it's really difficult for the victim to detect keylogger's presence as it runs in complete stealth mode, It hides it self from task manager, startup etc

Can I the victim trace you back?

Once the keylogger is installed, I think it's almost impossible for the victim to trace you back

How can I protect my self from keylogger?

A simple keylogger can be detected by even a lame antivirus, but sometimes the attacker can use methods like Crypting,Binding,Hexing etc, that make it harder for the Antivirus to detect the keylogger. So to counter that you should use a piece of software called sandboxie, Sandboxie runs the choosen computer program in an Isolated space so if the file you receive is a keylogger, You need no to worry because it won't affect your other programs, Firefox users can use the free version of keyscrambler which encrypts each and every keystrokes you type, so even if a keylogger is installed in your computer, You need not to worry as the attacker will receive the encrypted keystroke


Which Keylogger is the best?

With my experience of more than 4 years in the field of Ethical Hacking and security I suggest only two keyloggers which I think are best and have a comparatively low antivirus detection rate:

1.Sniperspy
2.Winspy


How do I find if a file is binded with a keylogger?

Keylogger can be binded with almost any file so how do you know if the file is binded?, You can use Bintext or Hex editor to find out, But Bintext and Hex editing method do not work effectively if the server is crypted so alternatively there is a great piece of software named asas "Resource hacker" that can tell you if the file is binded or not

Hope you had enjoyed reading the article.If you have any questions feel free to ask.

Blogger Won't Censor Comments, Or Accept Abusive Comment Reports

We have seen this question, periodically, in Blogger Help Forum: How Do I?
When will Blogger provide me with the option to block an abusive commenter, from my blog?
This is a request that simply cannot be fulfilled.

The issue of blocking individual commenters won't be solved by a new Blogger feature.
  • It's technically impossible.
  • It's contrary to Blogger policy.

Any abuser of Internet services (aka "hacker", "spammer", or "troll"), with any ability, knows how to create multiple Google accounts without effort. Blogger Engineering is unlikely to spend time developing a new feature ("Block this comment publisher") that will simply provide you with a false sense of security, have no effect in the long term, and require an unproductive use of their time.

If you realistically feel that a comment publisher represents a legal and physical threat to you, you should report the threat to your local police agency. Other than physical threats, Blogger regards comments as a "freedom of speech" issue. Comments published on your blog are jointly the property - and the responsibility - of the comment publisher, and you.

As the blog owner, you are allowed to choose which comments publish, or remain published, on your blog. You can moderate before, or after, comments are published.

If any comments offend you, moderate or delete them promptly. Concentrate on publishing your blog, and ignore the abuse. Eventually, the person abusing you will get bored, and move on.

>> Top

Observe DNS Address Entry Conventions

One of the more frustrating steps involved in setting up a custom domain comes with entry of the DNS addresses, into the domain host or registrar's DNS dashboard aka zone editor.

Whether you are setting up a new domain, just purchased directly from a registrar - or re publishing an existing domain, purchased using "Buy a domain" - the addition of the proper DNS addresses is essential to successful custom domain publishing.

Sometimes, you just can't get the zone editor to accept what you are provided by "settings instructions". Other times, you enter the proper values, your update is accepted by the zone editor - and the Blogger Publishing wizard rejects your attempts.

Even after repeated attempts to publish your blog to the domain, you can get another "Another blog ..." error - maybe an "Error 12" or variant.

You may see "Another blog ...", in spite of your efforts.

This may be in spite of the fact that you are retrieving a new "Name" / "Destination" periodically from "settings instructions", and dutifully adding or updating the domain ownership verification "CNAME" Alternately, you may just be adding the base DNS "A" or "CNAME" addresses.

There are syntax conventions, for both "Name" and "Destination".

Every blog owner needs to realise that the zone editors have conventions for entry of both the "Name" ("Label" / "Host"), and the "Destination" ("Target" / "Points To") values in the DNS address records ("Zone Entry"). The conventions used will vary, from zone editor to zone editor - and the differing conventions will affect the success of your domain publishing attempts.

You may see the results of an error immediately, or later.

In some cases, the zone editor will immediately reject your entry, if you mis enter the value. In other cases, the entry will be accepted - but Blogger will reject your attempts to publish. Either scenario can be caused by mis entry of either the "Name" or "Destination" value, and your overlooking the differences between "absolute" vs "relative" addresses.


GoDaddy adds the trailing ".", automatically!


This problem is observed by some as the mysterious "period" / "full stop".

  • If you omit the period, and it is required, the Zone Update may take place - but the Blogger Publishing wizard will overlook or reject the resulting DNS address.
  • If you add the period, and it is not allowed, the zone editor will reject your attempt.

This can happen for either the "Name" or "Destination" value.

The problem cannot be resolved by Blogger / Google.

Here, I will note that this problem is one which neither Blogger nor Google can resolve. Whether you purchased the domain using "Buy a domain" - or directly from the registrar - if you use the DNS dashboard / zone editor wizard provided by the DNS Host / Registrar, your understanding of the conventions observed by the zone editor are your responsibility.

You, the domain owner, must determine the syntax requirements.

There are requirements for entering the "Name" and for entering the "Destination" values - and you have to find out, and adjust to, each requirement.

For some zone editors, with a domain of "mydomain.com", you will probably enter the published address - "www.mydomain.com" - as "www". This says that the "Name" value is "relative" to the domain URL.

You can't enter the domain root, "mydomain.com", as "mydomain.com" - as this would give you a DNS address of "mydomain.com.mydomain.com" - and yet another "Another blog ..." error. You will probably need to enter the domain root as "@" or a similar special character. This, too, is your responsibility to verify.

With other registrars, "mydomain.com" is entered as "mydomain.com". Nobody but the registrar can tell you which case affects your domain.

If you require assistance, be prepared to provide details.

If you are asking for help in Blogger Help Forum: Something Is Broken, and I am advising you, I'll be asking you for three essential values.

  1. The BlogSpot URL.
  2. The domain URL.
  3. The "Name" / "Destination" values provided by the "settings instructions" document, or "Error 12" et al display.

None of these values are optional - and strict attention to accuracy and detail, in your reply, is essential.

If you redact any portion of what you provide, I'll only ask you again, to not redact details. And I'll repeatedly advise you to always copy and paste - never type by eyeballing - both the long and short tokens ("Name" / "Destination") in the "Error 12" et al displays.

Contact Us

24x7 online , we happy to answer you
tamilcypc@gmail.com

Disclaimer

This Blog and its TUT's are intended for educational purposes only, no-one involved in the creation of this TuT may be held responsible for any illegal acts brought about by this Blog or TuT.



Featured Post

Custom Domains And HTTPS Redirection Code