How to upgrade the old All-in-One Event Calendar plugin

A few websites I manage are running then.ly’s All-in-One Event Calendar plugin. Ever since updating those sites to WordPress 3.6, a “BlockUI” error message kept popping up in admin on virtually any admin page, which was rather annoying.

Their help site doesn’t really offer much in the way of help on the subject, but after a lot of trial and error (and online research) I have discovered that you need to upgrade the plugin to the latest version, which is 1.10-standard at the time of writing.

Ordinarily, you would just update the plugin in WordPress but the plugin’s authors seem to have had something of a rebrand (changing from “then.ly” to “time.ly”), and as far as I can tell they just created a brand new plugin based on the old one, rather than updating the existing plugin in the WordPress plugin directory with the new version.

In order to fix the BlockUI error message and upgrade to the latest “time.ly” version, you will need to download the Timely Updater plugin (also available in the WordPress plugin directory), then once it is installed and activated you need to go to Events > Timely Updater from the sidebar in admin.

I would advise making a backup of your WordPress database beforehand, because if the update screws up the plugin for whatever reason, it will kill the plugin and potentially take any posts linked to the events with them! I recommend doing a backup in phpMyAdmin.

Once the plugin has been successfully updated, it should look like this in your plugins list:

timely

Stopping bad bots

If you’ve looked at your website’s access logs recently and have wondered why you have weird looking ‘spiders’ visiting your website, chances are they are probably spam bots rather than anyone legitimate.

Here are some real bots from the three major search engines which you should let on your site:

So what can you do about the others? Well one technique that seems to work well for me is to block them using your website’s .htaccess file. This file is essentially a web server configuration file that lives in the root folder on your website (for example, it may be in your /var/www or /public_html folder), and most people will be able to edit themselves using their favourite text editor and an FTP client to upload any changes.

Here is a copy of a .htaccess file which I use, it works well for me on this and other sites that use the Apache web server:

# Block visitors (bots) with no user-agent string
SetEnvIfNoCase User-Agent ^$ bad_bot
# Bad bots found accessing this domain previously
SetEnvIfNoCase User-Agent "^\*bot" bad_bot
SetEnvIfNoCase User-Agent "^bot\*" bad_bot
SetEnvIfNoCase User-Agent "^checker" bad_bot
SetEnvIfNoCase User-Agent "^crawl" bad_bot
SetEnvIfNoCase User-Agent "^discovery" bad_bot
SetEnvIfNoCase User-Agent "^hunter" bad_bot
SetEnvIfNoCase User-Agent "^LinkWalker" bad_bot
SetEnvIfNoCase User-Agent "^Netcraft" bad_bot
SetEnvIfNoCase User-Agent "^robot" bad_bot
SetEnvIfNoCase User-Agent "^spider" bad_bot
SetEnvIfNoCase User-Agent "^WebCollage" bad_bot
<Limit GET POST HEAD>
Order Allow,Deny
Allow from all
Deny from env=bad_bot
</Limit>

What all of that basically means is that if a bot identifies itself using any of these user-agent strings (i.e. “bot*” or “crawl”) then the web server will block access to it and display a standard “error 403 – forbidden” page to them.

Each website will have different bad bots accessing it, the above list is not exhaustive by any means and one or two of them are actually legitimate bots but I block them because they either use too much bandwidth or I don’t see any value in them crawling my website. You should be able to identify which bad bots visit your website from the amount of bandwidth they eat up, and perhaps a quick Google search of their name too.

Note: if you have any bots that use an asterisk as part of their user-agent string, then you will need to “escape” it otherwise your web server will throw up an “error 500 – internal server error” page. Escaping basically means putting a backslash before it – so “*” becomes “\*” like you can see in my example .htaccess file content above.