SCode captcha enabled

I’ve now enabled a basic captcha system provided by a Movabletype plugin called SCode. In order to make it work I had to do a couple of things that are not mentioned in the official installation instructions:

1. make the mt-scode.cgi CGI script executable:

# chmod a+x mt-scode.cgi

2. make sure that SCode is enabled and configured both on a MT global level and on a per-weblog basis
3. Correct a bug in

replace security code you see here\” src=\”$path/plugins/SCode/mt-scode.cgi by security code you see here\” src=\”$path”.”plugins/SCode/mt-scode.cgi

#3 is not essential, but a bug nonetheless.

Hopefully, the comment spam problem is now solved for a while by enabling this plugin. Trackback spamming is still possible, though.

Please contact me if you are visually impaired and would like to post a comment on this blog. Ideally, the captcha image should also be available as a sound file/stream, but I haven’t found the time yet to implement sth like this.

Movabletype 3.2 upgrade experiences

I finally upgraded MT 3.1.x to MT 3.2. The upgrade process was much easier than expected. The only error I encountered was sth like:

main([path to install]/mt/php/extlib/smarty/libs/core/core.load_plugins.php): failed to open stream: No such file or directory

which could be solved by simply rebuilding the whole site, as explained in

“failed To Open Stram” When Clicking On Comments” href=””>Movable Type Community Forum > “failed To Open Stram” When Clicking On Comments

The new features of MT 3.2 are very welcome of course.

New SSL/TLS certificates for

There are new SSL/TLs certificates for, valid through July 23, 2015:

SSL/TLS server certificates

Please delete the old certificates and import the new ones. Thank you.

For those who are interested in how to create TLS/SSL certificates for Gentoo, take a look at the Virtual Mailhosting System with Postfix Guide. In order to extend the validity of the certificates to 10 years, you need to edit a couple of files:

in /usr/sbin/mkimapdcert, replace

/usr/bin/openssl req -new -x509 -days 365 -nodes \


/usr/bin/openssl req -new -x509 -days 3650 -nodes \

in /etc/ssl/openssl.cnf, set

default_days = 3650 # how long to certify for

(note that strangely, the default settings in /etc/ssl/openssl.cnf override the custom settings in /etc/ssl/misc/

HTML in comments no longer allowed

As a provisional but hopefully effective additional measure against massive (24/7) comment blog spam any comments containing HTML links (<a href= etc.) will be trashed (just enter the URL instead). Thanks for your understanding.