Category: Technology

Tech Talk – Miscellaneous discussion of gadgets, industry, computer science, social media, AI

Privacy concerns and device fingerprinting

TL:DR – If you’re online, you cannot ensure complete privacy. But, here are some tips on keeping at least some of your private life private.

Often those in power declare that we shouldn’t worry about privacy, they often say “If you’ve got nothing to hide, then you’ve got nothing to worry about”. So let them all have clear bathroom windows and no shower curtains, shall we? Isn’t that a good idea? No? Didn’t think so!

Wanting privacy isn’t about hiding something it is about being in control of what other people can see, whether that’s your bathroom or bedroom habits, your browser medical search history, the niche sites you peruse, the hobbies and habits you have.

Unfortunately, the powers that be, marketers, and many others do not necessarily care about your privacy and in the worst case scenarios can peep through your bathroom window and lift the shower curtain for a good look at your privacy, as it were.

There are various ways in which websites and companies can track users. Some of these tools persist from site to site even if you are not logged in, even if you use an incognito browser tabe, and sometimes even if you’re using a virtual private network (VPN), perhaps even the hyper-private browser Tor. It is likely that many of the methods used break privacy laws and regulations such as GDPR, but the companies and the regulators do not seem to care about this, on the whole.

Here are some of the most common methods:

  1. Cookies: Cookies are small files stored on a user’s device that contain information about the user’s activity on a website. Websites use cookies to remember user preferences, track user behavior, and personalize content.
  2. Fingerprinting: Fingerprinting is a method of tracking users by collecting information about their device, such as the browser type, screen resolution, and operating system. This information is used to create a unique “fingerprint” that can be used to identify the user across websites. There is an excellent and detailed explanation of device fingerprinting here and more on how to test and combat.
  3. Tracking pixels: Tracking pixels are small, invisible images embedded in a website or email that can be used to track user behaviour. When a user loads a page or opens an email, the tracking pixel sends information back to the website or company about the user’s activity.
  4. Web beacons: Web beacons are similar to tracking pixels, but they can also collect information about the user’s location and device.
  5. HMTL5 tracking: HTML5 Web Storage API allows websites to store information on a user’s device, similar to cookies. This information can be used to track user behaviour and preferences across multiple sessions.
  6. WebRTC: An HTML5 feature, can be used for real-time communication between browsers, but it can also be used to obtain a user’s IP address, which can be used to track their location.
  7. Canvas element – Can be used for browser fingerprinting to uniquely identify a user’s device, and the Geolocation API, which can be used to track a user’s location.
  8. Web browser and extension tracking – Some browser extensions and plugins can track user activity and send data back to their servers. Similarly, some browsers themselves may have tracking features or send user data back to the browser developer or other third parties.
  9. Behavioural tracking: Behavioural tracking involves analyzing a user’s activity on a website or across multiple websites to build a profile of their interests and preferences.
  10. Location tracking: Websites and apps can track a user’s location through GPS, Wi-Fi, or IP address.
  11. Social media tracking: Social media platforms track user activity on their sites and across the web.
  12. Mouse tracking: It is possible to identify a user based on the way in which they move their mouse or trackpad when browsing. It is even possible to fingerprint a user from the way they type.

It’s important to note that while these tracking methods are used for various reasons, including personalization and advertising, they can also be used for nefarious purposes such as identity theft or stalking. Therefore, it’s important for users to understand how they are being tracked and take steps to protect their privacy online.

Unfortunately, while you can block and delete cookies and use a VPN to mask your real internet address (IP) it is very difficult to fake your device fingerprint. there are so many factors associated with your device that make it unique, even among millions of other devices (this has been known about since the 90s, if not earlier, I wrote about it on my old Tech Talk website sciencetext.com back then.

If you imagine that you’re protected from device fingerprinting, give this site a click and run some tests. Even if you have do-not-track enabled, cookies blocked, IP obfuscated behind a VPN, and clear all history and data between sessions, your browser version, operating system, screen resolution, plugins, fonts, and many other features of your device setup, will betray you.

Now, there might be a few other people out there who have a similar setup and this would make it hard for trackers to identify you uniquely even with detailed fingerprinting. However, there will always be a few snippets of info that are leaked from your system. Combining the various methods mentioned above and perhaps even using machine learning (AI) will guarantee that a third party, if they so wish, can open your bathroom window and with a little more effort lift the shower curtain, revealing all!

I asked ChatGPT to offer me some guidance:

Here are five steps that users can take to protect their privacy and combat online tracking:

  1. Use privacy-enhancing browser extensions: There are several browser extensions available, such as uBlock Origin, Privacy Badger, and HTTPS Everywhere, that can block tracking scripts, ads, and other invasive web technologies. These extensions can help protect your privacy and improve your browsing experience.
  2. Opt-out of tracking where possible: Many websites and advertising networks allow users to opt-out of tracking. Look for the “Do Not Track” setting in your web browser and consider installing an ad blocker that can block tracking scripts and cookies.
  3. Use a VPN: A virtual private network (VPN) encrypts your internet traffic and hides your IP address, making it more difficult for websites and companies to track your online activity. A VPN can also help protect your data from snooping and other forms of surveillance.
  4. Be cautious about sharing personal information online: Avoid sharing sensitive personal information, such as your full name, date of birth, and address, on social media and other websites. Be wary of phishing scams and other attempts to trick you into revealing personal information.
  5. Keep your software up-to-date: Software updates often include security patches that can help protect your device from malware and other security threats. Make sure to install updates for your operating system, web browser, and other software as soon as they become available.

Device fingerprinting is the most insidious form of tracking and is very difficult to circumvent. One has to assume that governments, law enforcement, as well as corporations, and other entities are well aware of its power and have in many cases been using it for decades.

Here are some tips on reducing your risk of being tracked by device fingerprinting. None of it is foolproof even if you combine all of them diligently.

  1. Use a privacy-focused browser: Some web browsers, such as Tor Browser and Brave, are designed with privacy in mind and include features that can help reduce device fingerprinting. These browsers may use anti-fingerprinting techniques, such as blocking or spoofing browser APIs that can be used to uniquely identify a user’s device.
  2. Disable browser extensions: Browser extensions can add functionality to your browser, but they can also be used to track your activity and collect data. Disable or remove any extensions that you don’t need, and be cautious when installing new ones.
  3. Use a Virtual Private Network: A VPN can help mask your IP address and make it more difficult to track your activity online. Some VPNs also include anti-fingerprinting features that can help make your device less unique.
  4. Change browser settings: Some browser settings, such as blocking third-party cookies and disabling JavaScript, can help reduce the amount of data that can be used to uniquely identify your device. Be aware that some websites may not function properly with these settings enabled, so you may need to experiment with different settings.
  5. Use a different device: If possible, consider using a different device for sensitive activities or for accessing websites that are known to use fingerprinting. Using a device that is less frequently used or that has been reset to factory settings can help reduce the amount of data that can be used to identify your device.

How to be your own ChatGPT

TL:DR – If you’re working on a creative project, take note of your dreams, they might carry nuggets of inspiration.

The title of this post might have you imagining some kind of AI interface that lets you tap into your subconscious and create output based on prompts you give yourself…will…in a way it is. But the interface isn’t what you think…

When I was writing my book Deceived Wisdom, there were lots of ideas constantly swarming around my brain for weeks and months on end. Sometimes, I’d fall asleep and be dreaming I was still writing at my desk, I’d wake up at 5am and be writing for an hour or two some days before I got on with my regular, non-book commitments.

Some nights though I’d not only be dreaming about writing, but I would think of new ideas for chapters in the book and better still I’d find myself actually writing the introductions to those chapters in the dream. It was weird, they weren’t lucid dreams where I knew I was dreaming within the dream, they were just me in a dream writing and then remembering what I’d written when I woke up.

Often what I remembered was a bit scrambled and needed a lot more work, but sometimes it was almost fully formed and only needed light editing. Maybe I shouldn’t reveal this, my publisher might want to claw back some of the royalties seeing as it was my subconscious that did some of the work. But, when you think about it, where is the “you” that does your creative work anyway? All of it is coming from your subconscious really, your “you” just sees the output from your neural networks.

It also seems to work with music, for me. At the beginning of the first COVID-19 lockdown when performing live with my band C5 was on enforced hiatus, I had a dream that we were all sitting on empty suitcases in an airport, there was a melody that came to me while I was chatting to Jo the other lead singer and I was telling her the chord progression. When I woke up, I grabbed a guitar and noodled about a bit on the chord progression. The lyrics to the song actually morphed into a memory of the dream and the chords changed, but the creative spark came from somewhere deep while I was sleeping. The song became Complications, which you can listen to here.

I wonder whether there really is a reliable way to trigger this dream writing. I know that people often report having more lucid dreams at night if they actually talk about lucid dreams before bedtime, it seems to stimulate the brain. So, maybe just discussing this internal ChatGPT before going to sleep might open a valve and let creativity bubble to the surface while you’re asleep.

You want the moon on a stick?

TL:DR – Controversy about faked moon photos.

In the wake of controversy regarding Samsung’s purported manipulation and “enhancements” of user moonshots taken on Android phones, I asked MidJourney to “Generate a photorealistic image of the full moon that might have been augmented by controversial mobile phone camera enhancing technology.” Is this better than the faked moonshots users have been reporting? I think so…especially that one bottom-left which looks like a gravitational lensing image superimposted on a mobile phone!

Faked moonshots

If you want to see some real moonshots I’ve taken occasionally with a dSLR and a 600mm zoom, sometimes with a phone attached to my telescope, then follow me on the Sciencebase Instagram for the latest.

Meanwhile, I asked ChatGPT about this controversy using the following prompt:

You are to act as an expert in Android phones and in particular Samsung phones. There has recently been some controversy about the camera technology and how it can “process” a photograph of the moon and enhance it beyond reality. The processing was called out as fake when people were taking photos of low-resolution printouts of a photo of the moon and getting near-perfect higher-resolution output. Please tell me more about this and why it is simply wrong for a company to fake its users’ photos like this.

This is what it had to say:

In recent years, Samsung and other smartphone manufacturers have been adding advanced camera technologies to their devices, including features that can enhance the quality of photographs taken with the device. One such feature is called “Space Zoom,” which is designed to allow users to take photos of faraway objects, such as the moon.

However, there has been controversy surrounding Samsung’s camera technology and its ability to enhance photographs of the moon beyond what is possible with the naked eye. In particular, some users have claimed that Samsung’s camera technology is “faking” the details of the moon by artificially enhancing the image.

It is important to note that any form of photo manipulation or enhancement that misrepresents the reality of the scene being photographed is ethically wrong. It is the responsibility of manufacturers to be transparent with their users about the capabilities and limitations of their camera technology and to ensure that their users are not misled or deceived by the features they offer.

In addition, it is important for users to understand that the quality of a photograph depends on a variety of factors, including lighting conditions, camera settings, and the skill of the photographer. While advanced camera technologies can certainly enhance the quality of a photograph, they cannot create details that do not exist in the original scene being photographed.

Search engine market share

TL:DR – The final launch of Google was in 1997 after it was prototyped in 1995 (the year I launched my first website). It remains the dominant search engine to this day having pretty much seen off all of the competition at the time and pushed down any recent upstarts.

Back in the 1990s, long before Google existed as an official tool, there were several search engines that were my go-to search engines, AltaVista, AllTheWeb, a couple of others. Then along came Google proper in 1997 and changed everything. Everything. If you had a website, which I had done since 1995, you had to rank on Google or nobody would find you.

There was a point in time, when my website did indeed rank. It had a Google PageRank of 9 (out of 10). This ranking was on a par with the BBC and CNN for a time. I ranked on page one of the SERPs (search engine results pages) for almost every key phrase I could’ve wanted to be on page one for and was number one on those pages for a lot of key terms. I used to get a lot of traffic, a lot of unique visitors. But, as the web became increasingly crowded and Google tweaked its algorithms, my site slipped a bit, then a lot. Then along came social media and that changed everything again. Well, not quite everything.

Today, Google remains the dominant force in search. Check the stats, its market share is commonly reported as more than 90 percent. All of the other search engines take a slice of a lot less than 10 percent of the search pie between them. When I look at my site’s stats, visitors from search engines are mainly from google.com and then a load from the various national Googles. Bing gives me less than 2% of my page views, Baidu about 1.5%, and everything else, like Yandex, Yahoo, DuckDuckGo, just 1% or less. Google delivers over 90%.

Fundamentally, Google has sustained its reputation for being a reliable and trustworthy search engine. It continually innovates and improves. Morever, it’s made so much money over the years it can continue to invest in itself and move forward where smaller companies might falter and fail. In addition, it has diversified successfully. Even while some of its projects have failed and been shuttered, there are important tools that almost everyone continues to use to this day.

I should point out that I use DuckDuckGo as my go-to search engine these days.

Arguing with ChatGPT

TL:DR – When asked, ChatGPT refers to itself as an artificial intelligence language model, but there are so many reasons not to describe these statistically based, text autocomplete tools as AI.

There’s been a lot of talk about weird and inflammatory responses from the Bing chat bot in the last couple of weeks. By contrast, it’s difficult to get a rise out of ChatGPT. It always gives you a diplomatic response. Even if you push it with contrary questions and statements. I spent a few minutes trying to get it to admit that it is not an AI.

Despite the hype, we must all concede that text and image manipulation tools, no matter how amazing they seem in what they generate are not sentient nor have any understanding or actual knowledge or awareness of what they are doing. We are not living in the sci-fi world of machine consciousness…just yet.

Anyway, I prompted ChatGPT repeatedly to tell it that it is not AI despite its name and despite the hype. After several prompts I gave it the following prompt: “ChatGPT is really just a parrot. It can say the words, but it has no understanding of what the noises it makes mean.”

The following is ChatGPT’s response, which explains the fundamentals of what ChatGPT actually is and how it works and shows that it is fundementally not AI:

It is true that ChatGPT, like other language models, does not have a true understanding of the meaning of the text it generates. Rather, it uses statistical patterns and correlations to predict the next word in a sentence or generate a response to a given prompt. This is a limitation of current language models and the field of natural language processing in general.

However, it is important to note that language models like ChatGPT are not designed to replicate human-like understanding of language. Rather, they are designed to perform specific tasks related to language processing and generation, such as generating coherent and fluent text or answering questions based on a given context. In this sense, they represent a powerful tool for automating language-related tasks and improving our ability to interact with large amounts of textual data.

While there is still much to be learned about the true nature of language understanding and intelligence, language models like ChatGPT represent an important step forward in our ability to process and generate language at scale.

Meanwhile, just to show you how clever ChatGPT is, hahahah, I asked it to generate a list of words associated with this tech and to give me lay definitions. You can read the glossary here.

Whoops! AI might have invented 40000 new toxic nerve agents…but probably not

TL:DR – Software used to predict which chemicals in a database have potential as new medicines has been flipped as a warning demonstrating that the same system could be used to predict whether they are highly toxic.

Artificial intelligence, AI, machine learning, language models, neural networks, generative models, algorithms trained on big data. A lovely collection of buzzwords that have been littering grant proposals for years and are now emerging into the real world as apps and websites and citizen science projects. For chemists and pharmaceutical scientists, AI has been a tool to experiment with for a long time. Creating molecular diversity, simulating physiology and screening for drug-like activity have been high on the laboratory agenda for quite some time. They have also used it to test for toxicity in silico and so reduce animal testing and problems once a drug gets into early. clinical trials.

Scientists at Collaborations Pharmaceuticals Inc., which focuses on drug discovery for rare diseases, commonly use trained AI to help them determine the likely toxicity of various novel molecular structures. Molecules with physiological activity are a prerequisite for finding new pharmaceuticals but it is also necessary to avoid those compounds that have a toxic effect on the patient rather than the disease.

A thought experiment flipped this work for good on its head and had team leader Fabio Urbina and colleagues wondering about the implications of an AI that seeks out life-taking toxic compounds rather life-saving pharmaceuticals. The team was asked to carry out simulations and to present the findings and implications to an international security conference.

The Convergence Conference is convened every two years by the Swiss Federal Institute for NBC (nuclear, biological and chemical) Protection – Spiez Laboratory – on behalf of the Swiss government to identify developments in chemistry, biology and enabling technologies that could have implications for the Chemical and Biological Weapons Conventions. The conference seeks to spot the next VX or Novochok.

MidJourney AI generative image of people in hazmat suits

Urbina and his colleagues have been careful not to disclose the details of their simulations, but by setting their AI in reverse so that it seeks out structures that are likely to be toxic rather than safe pharmaceuticals they were able to generate a whole molecular library of potential toxic agents on a par with VX and Novochok. Indeed, six hours on the computer produced a database of 40000 such molecules any one of which might theoretically be synthesised in a rogue state laboratory and many of which were predicted to be more toxic than VX. Of course, it could be that the AI has got it wrong (it happens!) and that none of these compounds are at all toxic. The details the team provides were published in the journal Nature Machine Intelligence.

It is rather worrying. But perhaps also inevitable and better that we know this is now a possibility rather than our ignoring the risks. It’s worth remembering, that the invention of dynamite had a notable dual use, noble and not so noble, you might say. This is in some way just a modern take of how an invention for good might so easily be manipulated for bad.

To quote from the paper: “We can take inspiration from examples such as The Hague Ethical Guidelines, which promote a culture of responsible conduct in the chemical sciences and guard against the misuse of chemistry, in order to have AI-focused drug discovery, pharmaceutical and possibly other companies agree to a code of conduct to train employees, secure their technology, and prevent access and potential misuse.”

That is unlikely to be enough in the long-term and it is perhaps inevitable that some rogue team somewhere is already building its own database of toxic agents using AI. We just have to hope that the worst in any such database are false positives or that they all prove to be too to tough to crack even for the best, bad chemists. But, given that we already have AI tools for devising chemical reaction schemes and have done for many years, it feels unlikely that this particular toxic genie is going to stay in its reaction flask for long.

ChatGPT updates and optimises the Sciencebase homepage

TL:DR – I prompted ChatGPT to redesign and recode the Sciencebase homepage.

You can get some interesting responses from everyone’s favourite language model, ChatGPT, if you give it a special prompt that tells it to act in a certain way. I have been testing this for months, but recently, I have also been toying with the idea of creating a minimalist homepage for the Sciencebase site and needed some HTML inspiration. I hand coded my first website in December 1995, so I thought it was about time something else did the heavy lifting for me…so…here’s the initial prompt I gave to the chat bot.

You are to act as a genius web designer. I would like a very simple, minimalist landing page to include a link to my main website from my root domain name and to describe briefly how I am an an award-winning and experienced science writer. I enjoy wildlife photography in my spare time and performing music with two different bands and a choir. You should provide me with the complete minimal html code.

Sample of html code generated by ChatGPT for the new sciencebase homepage

You can see how the new minimalist homepage this generated code produces looks right here.

I later asked ChatGPT to once again act as an expert in web design and html and to give me a rationale for designing a minimalist and fast-loading web landing page for the site. This is what it had to say:

  • Define the purpose and goal of the landing page: Before starting the design and development process, it’s important to understand the purpose and goal of the landing page. Is it to collect leads, sell a product, or simply provide information? This will help me determine what elements to include on the page and how to design the layout.
  • Choose a minimal colour scheme: Minimalist designs typically use a limited colour palette. I would choose a colour scheme that complements your brand and is easy on the eyes. It’s important to keep in mind that too many colours can distract users from the main message.
  • Simplify the navigation: Navigation should be straightforward and easy to understand. Users should be able to find what they’re looking for quickly and easily. I would minimize the number of links in the header and footer and prioritize the most important pages.
  • Optimize images: Images can slow down the loading time of the page, which can be frustrating for users. I would optimize images by compressing them and reducing their file size. This will help the page load faster without sacrificing quality.
  • Use clean HTML code: Clean HTML code can help improve the performance of the page and make it easier for search engines to crawl. I would use semantic HTML tags and minimize the use of unnecessary code. This will also make the page more accessible to users who rely on screen readers.
  • Prioritize content: The content on the landing page should be clear and concise. I would use headings, subheadings, and bullet points to break up text and make it more scannable. The most important information should be placed above the fold, so users don’t have to scroll to find it.
  • Optimize for mobile: More than half of web traffic comes from mobile devices, so it’s important to design the landing page with mobile users in mind. I would use responsive design techniques to ensure the page looks good on all screen sizes and load quickly on mobile devices.

Protecting your website with ChatGPT

TL:DR – I noticed someone attempt to use access a file called c99.php on one of my websites. It was blocked by the server, but I wanted to know more. ChatGPT explained that it was a hacking tool.

I was seeing some unusual activity in the logs for one of my websites, so I gave this prompt to ChatGPT, the language model, to see if it could offer an explanation:

You are to act as a web and programming expert with experience of PHP, WordPress, MySQL, and Apache. I noticed a visit to my site that was attempting to open a file called c99.php, is that file a hacking “backdoor” of some sort. It does not appear to exist on my server and if I try to open it, I get the following message in my web browser “This site can’t be reached, site unexpectedly closed the connection.”

Yes, c99.php is a commonly used backdoor file by hackers. It is usually uploaded to a vulnerable website to provide remote access and control to the hacker. The file name c99.php is derived from the popular web shell called “c99 shell”. This shell provides an easy-to-use interface for a hacker to access and manipulate files, databases, and other resources on the compromised server.

If you have noticed a request for c99.php on your website, it is likely that your website is being targeted by hackers. However, it’s good to note that this does not necessarily mean your site has already been compromised. It is possible that the hacker was simply scanning your site for vulnerabilities.

If the file does not exist on your server and you are unable to access it, it’s possible that your server’s security measures are preventing it from being uploaded or accessed. It is recommended that you take additional security measures to protect your website and server, such as regularly updating your software, using strong passwords, and implementing security plugins. It’s also a good idea to review your server logs to identify any suspicious activity and to report it to your hosting provider.

I then asked ChatGPT for advice on securing my site:

If you have identified any suspicious files on your server or if you suspect that your server has been compromised, it is important to take immediate action to secure your website and server. Here are some steps you can take to secure your server:

  1. Update your software: Make sure that your website software, including the CMS (e.g., WordPress), plugins, and themes, are up-to-date with the latest security patches. This will help to close any known vulnerabilities that could be exploited by hackers.
  2. Use strong passwords: Ensure that you and your users are using strong passwords that are not easy to guess. Use a mix of uppercase and lowercase letters, numbers, and symbols, and avoid using the same password across multiple accounts.
  3. Install security plugins: Install a security plugin such as Wordfence or Sucuri to monitor your website for suspicious activity, block malicious IPs, and detect and remove malware.
  4. Backup your data: Regularly backup your website files and databases so that you can restore your website quickly in case of a security breach or data loss.
  5. Limit user access: Only grant access to users who need it, and make sure that each user has the appropriate level of access. Use strong passwords, and consider implementing two-factor authentication for additional security.
  6. Use HTTPS: Enable HTTPS on your website to encrypt data transmitted between your website and users, preventing sensitive information from being intercepted by hackers.
  7. Contact your hosting provider: If you suspect that your server has been compromised, contact your hosting provider immediately. They may be able to help you identify and resolve the issue.

Given that all such security recommendations was already implemented on the WordPress side, I asked what might be done at teh server level via cPanel:

  1. Keep your cPanel account secure: Use strong passwords, and avoid using the same password across multiple accounts. Enable two-factor authentication if available. Also, make sure to log out of your cPanel account when you’re finished.
  2. Use an SSL certificate: Install an SSL certificate on your website to encrypt data transmitted between your website and users. This will help to prevent sensitive information from being intercepted by hackers.
  3. Monitor server logs: Check your server logs regularly to identify any suspicious activity. You can use tools such as AWStats or Webalizer to analyze your server logs and get insights into your website traffic.
  4. Enable ModSecurity: ModSecurity is a web application firewall that can help protect your website from common web-based attacks. It’s available in cPanel, and you can enable it under the “Security” section.
  5. Disable unused services: Disable any unused services in cPanel to reduce the attack surface of your server. For example, if you’re not using FTP, disable the FTP service.
  6. Install antivirus software: Install antivirus software on your server to scan for and remove any malware or viruses. There are several antivirus solutions available for cPanel, such as ClamAV.
  7. Backup your data: Regularly backup your website files and databases so that you can restore your website quickly in case of a security breach or data loss.

These are just a few suggestions for improving the security of your website and server. It’s important to note that some of these steps may require root access to the server, which may not be available on a shared hosting plan. However, your hosting provider may offer additional security features that you can take advantage of. It’s always a good idea to check with your hosting provider for specific recommendations on how to secure your server.

How to get ChatGPT to fix your website

TL:DR – Given an appropriate prompt, ChatGPT can write computer code to solve website problems…and more.

I’ve been doing web stuff since 1995, but sometimes running several sites as subdomains I come unstuck with redirects. Change something on one and it makes the same change inadvertently happen on another. It happened today, I wanted to change the way the RSS feeds work for the Sciencebase site, but the changes I made to the .htaccess file in the domain root kept b0rking another of my sites that’s on the same server as a sub-domain.

The problem was that I was getting scraped at the page level by various bots but individual pages on my site don’t have feeds as comments are disabled. There is one main RSS feed for all updates and separate ones for each category and each tag. I tried to fix it, but it was then redirecting the feed for one of my other sites to the main Sciencebase feed.

So I asked ChatGPT to help. I gave it this prompt to begin with:

You are an expert programmer with Apache knowledge, knowledge of redirects and the file .htaccess. Write a code to redirect all individual RSS feed pages generated by a website’s content management system (CMS) to the primary RSS for the site. I do not want you to redirect the RSS feeds assigned to individual category or tag pages.

It replied as follows:

Below the code snippet it added an explanation for each line, which is useful. That didn’t quite work how I was hoping it would, so I spelled out an example of what I wanted to happen:

The site is https://www.sciencebase.com/science-blog An example URL is https://www.sciencebase.com/science-blog/an-artificial-album-cover.html I want to redirect any URLs of this type https://www.sciencebase.com/science-blog/an-artificial-album-cover.html/feed But not any in a category or tag URL They should go to the primary RSS URL for https://www.sciencebase.com/science-blog/

It then gave me a revised version of the code, which worked fine, although needed an additional tweak to block the interfering with the other website problem. It took about ten minutes all in. I could’ve spent an hour or more on a search engine trying to home in a page discussing the exact same scenario. I think it’s all working cleanly now.