- "Why I appreciate the Mozilla NoScript plug in!
Working during the day, teaching and tutoring at night, and writing a book on weekends leaves little time for updating this site. I usually try to add something just before an appearance on Wisconsin Public Radio, where I am now a regular "digital camera help guy."
And so it was disturbing to find that there was some code (java script) my web pages
that I had certainly not put in!
The script attempted to redirect Google web searches so they first displayed a series of ad pages instead of the search results. Generally, this attempt was defeated by any PC using antivirus protection. The script was also easily found on the HTML pages and removed.
How this happened, I am not sure. The infected files were dated April 9th, and the house was empty that day, as both my wife and I were out of town. My ISP is looking at the incident, but of course first assuming that it was something I did. This is typical!
I have since strengthened my FTP passwords and taken other measures "just in case" it was something on my end. But it happens again, I will have a very serious talk with my provider!
However disturbing this incident was, it is not the point of this story. The point is that I probably never would have noticed the violation of my site had I not been using the Mozilla Firefox plug in called No Script from http://noscript.net/.
No
Script is free, and can be downloaded and install directly from
Firefox. Essentially it allows NO scripts to run on any page without
your OK, which can be temporary or permanent. At first this
is a bit of a pain, as you will need to specify your OKs quite a bit.
Fir example, on CNN, you'll need to OK CNN.com, Turner.net and other
legitimate scripts to see the content. But you can ignore the scripts
that attempt to analyze you or place cookies on your computer! And once
the permanent OKs are entered, you don't have to do them again.In my case, I needed to allow acpress.com, but there was a second script for something like "247.28.4.197" on my page. This was obviously a numerical representation of another site. Sure enough, examining the HTML or "source code" I located a relatively unsophisticated line of coded script that placed the redirecting instructions on my page.
I strongly recommend that you add No Script to your Firefox browser. And webmasters should always keep a clean copy of their site saved somewhere where they can quickly replace files that are attacked.