Turkish WordPress?

OK, WTF has happened to WordPress?  Why does it suddenly think my blog is in Turkish?  Not of course the contents, but all the template stuff, and – far worse  – the settings and preferences that should (I guess, though I never actually tried it) enable me to switch to my choice of language.

Confirmed it’s not my browser playing sillybuggers by accessing it from three different browsers[1] on three different computers.  Chrome offers to translate this page, but that’s not going to help with a bunch of clientside-scripted menus!

OK, try another tack.  ssh in to a remote machine on another continent and check the blog with lynx.  Aha, it’s now in English!  Hmm, could that difference be because I’m not logged in?  Try to log in, but fail because Lynx rejects WordPress’s SSL certificate and refuses to talk to it.

OK, what happens if I fire up a spare browser that’s never logged in from a local desktop?  It’s in English.  And when I log in with Safari, it’s still in English.  This is getting silly!

Resolution: when I reload this composition page in Chrome, it’s reverted to English.  Someone or something was playing sillybuggers but got fixed.  Was WordPress hacked?  Did some sysop at WordPress screw up?

Or could it even have been some sysop at my ISP running a supposedly-transparent proxy that messed with browser preferences?  That’s the most worrisome: I got email from them recently inviting me to “protect” myself, and I suspect they’re implementing some Endarkenment.  A glitch in something more sinister?  My next test would’ve been to route my (turkish-infected) desktop browser through another network, but the return to English pre-empted that.

I don’t know when whatever caused the Turkish first appeared, only when I first saw it – which was a little before 09:00 UTC.  Anyone else see Turkish wordpress in recent hours?  Or even – if you’re a Virgin broadband user – other sites unexpectedly in Turkish?

[geek note: I could also have tested for a rogue browser preferences setting by visiting a multilingual site like Apache server docs that display in Turkish if your browser asks for it.  But that would’ve left open the possibility of misdiagnosing a glitch associated with an ISP-run database having different routing/rules for different sites].

[1] Iceweasel, Firefox and Chrome, in that order.

Posted on June 30, 2014, in Endarkenment, wordpress, wordpress.com. Bookmark the permalink. 5 Comments.

  1. Flaffed upgrade would be my guess.

    If you have SSL in place it is unlikely to be a proxy, as whilst people can and do intercept SSL, I’ve never heard of an ISP having the means. Of course if your blog is accessed over HTTP when you’ve logged in, or the cookies not marked “secure” all security bets are off.

    Recently subverted block at Vodafone by changing URL from http to https, let’s hope the kids don’t understand SSL, on seconds thoughts let’s hope the kids understand it better than us.

    Sounds like time to switch ISPs to me, many of the smaller ISPs actually think messing with users traffic is a bad thing.

  2. Good point about SSL (I wasn’t thinking SSL at the time – don’t regard blogging as high-security!), but not applicable because ‘normal’ use is not SSL, even when logged in.

    As for ISPs, I’m too far from the telephone exchange: Virgin (cable) appears to be the only choice for modern broadband.

  3. p.s. as for moving … I’m actually somewhat reassured by Virgin asking me. Much better than covert censorship (though I suspect that takes place now as then), and rather better than requiring me to jump through hoops to “opt out”.

  4. It may be the paranoia of the new job getting to me, but my blog is over HTTPS, and I’m moving the other sites (email already was).

    None of them are especially sensitive, but since it is on a personal server, and WordPress admin means “can run arbitrary PHP”, their WordPress password is one weakness away from a root shell. All too brittle, probably not so true of “WordPress.com”‘s hosting. And I expect some of them reuse passwords because they haven’t been on the receiving end of bad things often enough.

    Discussing “should vanilla http on-the-wire die” with my security friends. Although I expect YouTube can make a good case for delivering some content that way….

  5. A thought: Turkey is currently on the fringes of, and occasionally being dragged into, two active cyberwars being fought alongside the more headline-grabbing wars in Syria and Iraq. It’s very likely that several Turkish ISPs and domains are actively involved in those, and under attack.

    And WordPress might, from time to time, feel they should take steps to protect their innocent-ish users in Turkey from becoming collateral damage. Maybe someone accidentally included your blog in a protective measure meant for them. Or something. I’m making this up as I go along.

    I just Googled “turkish wordpress glitch”, and this blog is the only relevant result. Tried the same search in DuckDuckGo (because Google probably knows I come here often), and it was the top (and, still, only relevant) result. So it seems likely it’s just you. But I did discover something that might interest you – you know there’s a Chinese site that echoes this blog? http://www.tuicool.com/articles/I7FfEb

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: