PrintFriendly Button

In the bottom left-hand corner of each of my postings, the reader will see a little icon that has a printer-symbol on it, and the word “Print”. This icon can be used either to print the posting in question, or to save it to a PDF File, on the reader’s computer. In fact, the reader can even delete specific paragraphs from his local copy of my posting – since plausibly, the reader might find some of my postings too long to be printed in their entirety.

Some time ago, I had encountered a situation where Not code belonging to this plug-in, but Rather the URL which hosts the service, was showing me a warning in my browser, that ‘unknown URLs’ were trying to run scripts.

My own Web-browser has a script-blocker, which will display scripts to me which a page is trying to display, but which I did not authorize.

Certain features which I use on my blog, are actually hosted by the Web-site of 3rd parties, whose scripts may run, just because my page includes their widget.

The first time I noticed this I went into an alarm-mode, and removed the button from my blog quickly, thinking that maybe it was malware. But some time after that, I installed an additional extension to my blogging engine, called “WordFence”. This is an extension that can not only scan the (PHP-) code present on my own server for viruses and other malware, but that can also just scan whatever HTML my blogging engine outputs, for the possible presence of URLs to sites that are black-listed, regardless of how those URLs ended up being generated by my blogging engine.

Once I had WordFence installed, I decided that a more-Scientific way to test the PrintFriendly plug-in, would be to reactivate it, while WordFence is scanning my site. If any of the URLs produced by this plug-in were malicious, surely WordFence would catch this.

As it stands, the PrintFriendly button again displays URLs which belong to parties unknown to me. But as it stands, none of those URLs seem to suggest the presence of malware. I suppose, that the hosts of PrintFriendly rely on some of those scripts, to generate income? Since I’m not required to pay, to use their button.



The PrintFriendly Button Is Back.

One of my less-commendable habits, is to add plugins to my WordPress blog, which might not be necessary, but which might OTOH be useful after all.

There is now a button at the bottom, left-hand side of my postings, which has a little printer icon, which my readers can click, in order to obtain a printable version of my postings.

There was an earlier point in time, when I took this plugin to be potential malware, because its presence in the browser causes scripts to run from other domains, and I did not think it wise, to be inviting scripts to run as part of my blog, which I do not know the purpose of, and which exist, because the Web-site of a plugin, includes another Web-site I know nothing about, which runs a script. So at that time, I went into high alert for no other reason, installed a whole security suite named “WordFence”, and removed the “PrintFriendly” plugin from my site.

Since then, my confidence in the security of my own site has improved – in spite of the fact that I’m still installing plugins – and I’ve come to think that my reaction back then might have been a bit unscientific. After all, even though I could know for certain that this unidentified script was being loaded onto my browser – which subsequently blocked it – I had no sure way of knowing it contained malware. The script in question may simply have had as purpose, to provide some sort of funding to the site that hosts PrintFriendly.

If the reader clicks on this icon, he’ll see that a floating window pops up, from which he can choose how – or if – he wants to print my posting. That floating window will only appear, if the reader allows his browser to run scripts from ‘’. That floating window is still hosted on the other party’s server – belonging to PrintFreindly and not to me – and because that floating window is being hosted on their server, it also represents a resource which they need to pay for in some way, even though I’m not paying them.

Now, WordFence has a feature (enabled on my blog), that is called a ‘Front-Side URL Scan’. In short, instead of only scanning my plugin folders for trouble, this feature examines all the URLs which the home-page of my blog sends to the would-be browsers, and compares those URLs to blacklists of known malware. I will next be able to see, whether the URL in question was actually blacklisted – by anybody other than me. If it was, this plugin will disappear again from my blog.

But for now, I’m giving this plugin another chance.



Malware Alert to all my Readers!

Even though my Blog is hosted on a supposedly-secure Linux machine, on which the core WordPress Files have permissions set such, that the Web-server cannot write to them, there is always some slight danger, that an infection can make its way onto my blog, through plug-ins which I have installed, which come from the WordPress site, but which are not under the scrutiny of the Debian software team, who created my WordPress core files. My Web-server can also self-install updates to those plug-ins, from their respective owners, because the write-permissions of the plug-ins directory are such that it can. ( :1 )

The reader may have noticed that there used to be an icon in the bottom of my postings, which allowed him either to Print the posting, to Save it as a PDF, or to Email it elsewhere. This icon was due to the ‘PrintFriendly Plug-In‘.

This plug-in did not even install any suspicious code on my server, but is cloud-based, in that any use made of it will redirect to the Web-site and servers, belonging to PrintFriendly. Not only that, but the icon itself can contain links to their site.

Well today I did notice, that my Web-browser, when pointed at my own site, tried running scripts from a site called ‘’, and which my own browser had the installed extensions to block. This raised an alarm-bell in my head, and I went into action, looking for any contagion.

The PrintFriendly plug-in, or more correctly, their site it pointed to, was the source of that contagion. Deactivating that plug-in has now taken away the capability of the readers, to Print, to PDF or to Email my postings. But it has also removed any of the malicious attempts to redirect to ‘’. The threat has effectively been neutralized on my server.

But, If You Did open that site, it would possibly have led you to This Situation. If it did, I hope you did not fall for their ploy. I apologize profusely if this happened to you, and do my best to control such problems from the first moment I notice them.

I have now installed the WordPress-security-extension ‘WordFence‘, and hope that this will reduce any vulnerabilities in the future.


1: ) Actually, before my WordPress instance can update its plug-ins, I need to authorize the event. However, this safeguard only determines at what time updates can take place in practice, and just might make me aware of some suspicious activities that have yet to happen. It does not actually control, what code is inserted in the update.

However, as of now WordFence does control this, and has given me a clean bill of health!