Blog Owners, Composing A Post, Seeing "Required field must not be blank"

We're seeing a few reports in Blogger Help Forum: Something Is Broken, from blog owners attempting to compose a new post, and seeing

Required field must not be blank

The problem appears to result from trying to compose a post, without first entering a Post title.

It appears that Blogger, trying to stabilise the post editor, is requiring non blank post titles, to save posts being composed. This includes the post being under effects of AutoSave, and the creation of Draft posts.

If you are composing a post, and seeing "Required field must not be blank", ensure that you are entering a valid Title to your new post.

As you enter this non appreciated new requirement, you may consider the requirement for Post Title uniqueness. A single space is accepted as a Title - but multiple posts, with the same Title, will result in duplicate titles, and an anti-duplication title suffix.

As an alternative to the single space, you may be able to hide the Title altogether, by adding custom CSS code.

.post-title.entry-title { display: none; }

If you have to change the Title before actually Publishing the post, you may be able to use the Permalink option, to change the URL to match the final Title.

We have a rollup discussion, where we are asking the people who are seeing this problem to provide details of what they are seeing, to help Blogger Engineering diagnose the underlying problem.

If you're willing to provide details, we ask that you be brief, polite, and on topic. Blogger Support needs objective statement of details - but using the rollup discussion to simply complain won't effectively encourage them to do anything.

---

(Update 7/8): We're seeing reports that this problem has been fixed.

---

>> Top

"Adult Content" Blogs, And New Blogger Monetisation Restrictions

This week, we're seeing some reports from a few blog owners who recently received a disturbing email message, mentioning their blogs and adult advertisements.

I received an email stating I have adult content on my blog, and that a new policy will cause certain blogs to be deleted. Is my blog vulnerable to deletion, under this new policy?

Like many spammers, these blog owners may be asking for a whitelisting of their blog - which is something that Blogger just won't provide.

The legendary email, recently received, is somewhat ambiguous in wording.

You are receiving this message because you are the admin of a blog hosted on Blogger which is identified to have Adult content.

Please be advised that on June 30th 2013, we will be updating our Content Policy to strictly prohibit the monetization of Adult content on Blogger. After June 30th 2013, we will be enforcing this policy and will remove blogs which are adult in nature and are displaying advertisements to adult websites.

If your adult blog currently has advertisements which are adult in nature, you should remove them as soon as possible as to avoid any potential Terms of Service violation and/or content removals.

The policy discouraging monetised "adult content" blogs is not new - we have actually been warning people about this for years, in the Malware / Spam Appeal Guidelines. We cite the Guidelines a dozen or so times daily, in various malware and spam review discussions in Blogger Help Forum: Something Is Broken.

Blogger / Google has repeatedly stated that some blog content is not acceptable, because it constitutes or encourages abusive activity, such as hacking, porn, and spam, in the Blogger Internet space.

Here is the current list of examples, developed by Blogger / Google, and the Top Contributors of Blogger Help Forum.

• Affiliate marketing (Please, don't confuse this with "affiliate networking"!).
• Automated traffic redirection, to another Blogger blog, or to non Google hosted content.
• Commercially funded adult content.
• Content created with scripts and programs, rather than by hand.
• Content or links which reference account hacking / password distribution / password sharing.
• Content or links which reference code deconstruction / reverse engineering, to bypass normal use of proprietary
• software.
• Content or links which reference referral-based activities such as GPT ("Get Paid To"), MLM ("Multi-Level Marketing"), MMF ("Make Money Fast"), MMH ("Make Money from Home"), PTC ("Pay To Click"), or PTS ("Pay To Surf").
• Content scraped from other blogs / websites.
• Copyright Infringement.
• Large blogs with multiple, unfocused / unrelated subjects.
• Links to Illegal Downloads / Streaming / Torrents.
• Monetizing of adult content, aka porn spam.

The specific blogs, targeted by the email, are not difficult to identify. "Adult Content" blogs will generally bear an interstitial "Content Warning", awarded either voluntarily or involuntarily.

In odd cases, people may receive the email, but may not have any blogs affected by the policy - and in this case, they will simply have to ignore the email. Blogger Support can only review blogs, when they are actually deleted or locked.

In other cases, people may not receive the email. Just as with malware and spam classifications, all blog owners won't be contactable by email.

If the adult content classifier is designed similar to the malware and spam classifiers, it will use a fuzzy detection process to identify the undesirable "adult content" advertisements.

Since fuzzy malware / spam classification does not support whitelisting, porn classification won't either. Blog owners asking "Is my blog safe?" are unlikely to get any useful answers.

My suspicion is that owners of the most popular and productive "adult content" blogs will move to alternate hosting. Some of them may relocate to WordPress - until WordPress, similarly, rejects them.

Some owners, choosing to remain in Blogger, will take the warning seriously, and remove any ads.

If your adult blog currently has advertisements which are adult in nature, you should remove them as soon as possible as to avoid any potential Terms of Service violation and/or content removals.

Various possible "adult content" blogs, with and without "adult advertisements", remaining in Blogger hosting, will be classified and deleted, and will result in more reports in Blogger Help Forum: Something Is Broken.

Why was my blog deleted?

We'll simply end up with more discussions with requests for review and reinstatement - and more uncertainty. Some blogs will be restored promptly, with others requiring careful deliberation. And some blog owners will simply be told

Sorry, your blog cannot be restored. It was recently confirmed as a adult content host, with unacceptable advertisements.

>> Top

Use Google 2-Step Verification, To Protect Yourself

Our Blogger accounts, and blogs, are under persistent attack by some rather nasty Internet users.

Hackers, using other peoples computers, are constantly attempting to "guess" our Blogger passwords, and take control of our Blogger accounts and blogs. Blogger accounts are particularly vulnerable to attack, because too many blog owners

• Reveal their account names (email addresses) to the world.
• Base their passwords upon real life details.
• Publish blogs, where their real life details are visible to the world.

Some blog owners think that by using only one computer forever, they should be able to register that one computer as theirs, and require Google to simply deny access to their Blogger / Google accounts, from any other computer. This is a very simple solution - and it's one which is doomed to failure.

Google knows that even the most careful person will periodically use a different computer - or possibly forget their Blogger account name and / or password.

Google lets us register a telephone for authentication - text or voice.

Rather than attempt to restrict us to using one single computer, for eternity, Google gives you an option to use a previously registered telephone as an authentication token, whenever you use a different computer. The telephone can use either text or voice, and provide you with a one use passcode, to enter after you successfully enter your account name and password.

Telephone use as an authentication token is not a perfect solution.

This is, admittedly, not a foolproof solution.

• Some people will not want to provide their phone number, to Google.
• This strategy will only work with a preregistered phone - and registration can only be done when you are logged in to Google.
• If the pre registered phone uses text (a smart phone / mobile computer), it will be usable only where cellular service is available.
• If the pre registered phone uses voice, it will be usable only as well as you understand computer synthesised "speech".
• In either case, in some cases, stress will contribute to the possibility of making a mistake.
• Since a pre registered phone is required, you will be able to use this only as long as you carry your smart phone - or login from a pre determined location.

Besides registering a telephone, you have other options.

When you use a different computer, or connect from a different geographical location, you may be asked to prove your identity, after entering the correct account name and password.

Google provide several options, to suit you better.

• A physical USB key.
• Backup, one use authentication codes.
• An authentication code generator, installed on your smartphone / tablet.

You can buy one or more USB security keys, to carry with you.

You can find out about the USB Security Key option, at the security key website.

You register a security key, from your "My Account" page, under "Signing in to Google" - "2-Step Verification". You will be required to sign in, again.

You can generate a one time passcode set.

You can obtain a set of 10 one use passcodes, which you can carry as backup tokens, and / or print or save a text file.

You can generate a set of one use passcodes, and special app passcodes, from your "My Account" page.

If you want to access your blog when needed, this gives you a better chance.

However, if you can deal with the above drawbacks, you have a much better chance of keeping your Blogger accounts and blogs under your control. Very few hackers, having successfully provided our account name and password, will be able to immediately use a pre registered telephone, to accept a one time use passcode.

Custom Domain Instability Caused By Server Mismatch

A few blog owners become confused by the necessary configuration of the domain root, when setting up their custom domains.

Some blog owners, who do not have a good understanding of DNS principles, make mistakes when setting up the domain root (aka "naked" domain). From good intentions (trying to ensure that the domain performs better or differently), their naivete may actually make the domain perform worse - or not at all.

With more blog owners unable to buy a domain through Blogger, and forced to setup their own DNS addresses, this will become an common mistake, and an increasingly critical issue.

Blogger designed the custom domain feature to use "A" / "CNAME" referral, instead of DNS / frame forwarding.

The most obvious referral configuration - dual "CNAME" aka "symmetrical" DNS - is not supported by all registrars. Some registrars refuse to allow "CNAME" definition of the domain root, by policy.

Blogger provides an asymmetrical DNS complement and avoids dual "CNAME".

To make custom domain publishing more globally usable, Blogger provided an alternative to dual "CNAME" referral - a hybrid configuration which uses 4 x "A" referral, for the domain root. This configuration is also known as "asymmetrical" DNS.

Asymmetrical DNS uses 4 Google servers, accessed in a round robin sequence, to address the domain root.

mydomain.com.  3600 IN A 216.239.32.21
mydomain.com.  3600 IN A 216.239.34.21
mydomain.com.  3600 IN A 216.239.36.21
mydomain.com.  3600 IN A 216.239.38.21
www.mydomain.com. 3600 IN CNAME ghs.google.com.

Round robin DNS is pretty simple. Each server in the set is queried by the DNS client on the readers computer, in sequence, until one server responds. The first responding server is required to provide a suitable answer. If the first responding server provides an unsuitable answer, the DNS client has no alternative but to display yet another version of

Server Not Found
Error 404

We have 4 DNS servers to address the domain root, with quadruple redundancy.

Google uses the 4 servers to provide quadruple redundancy. During maintenance (with 1 server out of service, scheduled) - with triple redundancy - even two simultaneous emergencies (with 2 servers out of service, unscheduled) will not cause a total outage.

There is one weakness of round robin DNS. All servers, in the set, have to be equally capable of performing reliably. Well designed name server arrays will use identically setup computers, for the most predictable results.

A naive blog owner, including any additional or different server, in the set, risks having one server, responding to the round robin access - but providing an unsuitable answer.

mydomain.com.  3600 IN A 50.63.202.39
mydomain.com.  3600 IN A 216.239.32.21
mydomain.com.  3600 IN A 216.239.34.21
mydomain.com.  3600 IN A 216.239.36.21
mydomain.com.  3600 IN A 216.239.38.21
www.mydomain.com. 3600 IN CNAME ghs.google.com.

What is 50.63.202.39?

ip-50-63-202-39.ip.secureserver.net (50.63.202.39)

50.62.0.0 - 50.63.255.255
GoDaddy.com, LLC GO-DADDY-COM-LLC (NET-160-153-0-0-1) 160.153.0.0 - 160.153.255.255

GoDaddy uses forwarding - not referral - to direct traffic. Here, some (not all, and not always) prospective blog readers see

Server Not Found
Error 404

Some blog owners make a second mistake - which compounds the first mistake.

mydomain.com.  3600 IN A 50.63.202.39
mydomain.com.  3600 IN A 216.239.32.21
mydomain.com.  3600 IN A 216.239.34.21
mydomain.com.  3600 IN A 216.239.36.21
mydomain.com.  3600 IN A 216.239.38.21
www.mydomain.com. 3600 IN CNAME mydomain.com.

Here we see the "www" alias - which is what 95% of your direct traffic accesses - using the domain root for obtaining the address. Add to that the bogus server (in this example, "50.63.202.39"), and you will get a lot of complaints about sporadic connectivity problems.

Server Not Found
Error 404

The supported Asymmetrical DNS configuration is so simple, in concept.

This is so simple - if you only believe.

mydomain.com.  3600 IN A 216.239.32.21
mydomain.com.  3600 IN A 216.239.34.21
mydomain.com.  3600 IN A 216.239.36.21
mydomain.com.  3600 IN A 216.239.38.21
www.mydomain.com. 3600 IN CNAME ghs.google.com.

Though official instructions may disagree, my experience suggests that the domain root must be setup, properly, for a stable custom domain. There are but 3 proper DNS models, for a stable custom domain.

Please. The sanity which you save may be yours (or mine).

Hacking / Malware / Porn / Spam Classification Effects

Occasionally, we see concern in Blogger Help Forum: Something Is Broken, about the long term effects of Blogger hacking / malware / porn / spam classification or detection.

My blog was deleted, because of spurious spam classification - and later restored to service. Did my blog lose search engine reputation, in Google?

Any time a blog goes offline, its reputation is affected, to some extent. How much effect a hacking / malware / porn / spam classification or detection has, on any given blog, will vary widely. You might expect to see different penalties, for different offenses.

Every blog or website has different factors, which affect its reputation.

• Readers, and links in their blogs and websites.
• Readers, and inherent reputation.
• Search engines, and inherent reputation.

These factors will differ, from blog to blog, in almost infinite variety.

Your readers provide much of your reputation.

If your blog has readers who maintain their own blogs and websites, some will see you as a useful source of information, and will link from their blog / website, to your blog. As a readers blog / website is indexed by a search engine bot, and a link to your blog is encountered, your blog is indexed. This causes indirect search engine reputation.

If your readers can't read your blog, you lose reputation.

Any time your blog is offline, even briefly, it loses reputation. If you use Google Webmaster Tools, look at the indexing logs. One event which you will see, from time to time, mentions "404 Not Found". Any time a search engine bot is indexing your blog, and it encounters a "404 Not Found", your blog loses reputation.

Loss of search reputation is similar to a person dying from blood loss. How fast the blood loss, and how long the loss continues, will affect how likely death will occur.

The longer the blog is offline, the greater the reputation loss.

The longer your blog is offline, the more "404 Not Found" events will be logged, as the search engine bots attempt to index the various pages in the blog. Each succeeding "404 Not Found" represents your blogs reputation, leaking away, drop by drop. The longer your blog is offline, the more reputation loss it suffers, from indirect and direct indexing.

Until reputation is regained, your blog appears lower in search results, because of lower page rank. You suffer from less search engine generated traffic, and less new readers. This is a circular effect - less search engine reputation leads to less new reader traffic, which leads to less search engine reputation.

When your blog is returned to online status, you slowly regain reputation.

When your blog is reviewed and restored to online status, indexing resumes. Each time a search engine bot indexes the blog, and does not encounter a "404 Not Found", reputation picks up, again. Slowly, your blog regains its former reputation.

All 3 factors contribute to the loss of reputation, while the blog is offline - and to the regaining of reputation, when the blog is restored. This is similar to the effect of re indexing after the URL is changed.

Reputation loss, and recovery, will vary - for every blog.

How much reputation is lost and regained will vary, from blog to blog.

• Each blog has different readers, with differing links in their blogs and websites.
• Each blog has different readers, with differing inherent reputation.
• Each blog has differing search engine relationships, with differing inherent reputation.

The direct result, of all of this, explains the frantic posts, in Blogger Help Forum: Something Is Broken

My blog was deleted by Blogger. How promptly can I get it restored?

If this is a problem for you, use Google 2-Step Verification.

If this threat concerns you, use Google 2-step verification, to protect your Blogger / Google account - and your blogs - from hacking. And be discrete in advertising and publishing your blog.

Google+ Comments Lack Controls For Moderation And Notification

As more people choose Google+ Comments for their blogs, we're seeing concern from confused blog owners, mentioning lack of control.

There is no option for comment moderation in my blog's settings. My Comments Settings only includes the option to change Location.

and

I don't get notified about any comments published against my blog. There is no Setting for Comment Notification Email, either.

These owners are discovering one of the design simplicities in Google+ Comments.

With Google+ Comments, anybody can post - and share - a reference to any content, on the Internet, that they can view. If your blog is public, any post from your blog can be shared in Google+.

If someone shares a post from your blog, and you are in a Circle where the post is shared, you may see the shared post in your Google+ stream. You have no control over content in your stream - even if the content references your blog - which you do not share.

You have no control over content about your blog, which you, yourself, do not share.

If somebody comments on a post shared from your blog, and you are in a Circle where the post is shared, you may see the comment in your stream. Again, you have no control over a comment made against a post in your stream - even if the comment references your blog.

In no case will you have the opportunity to moderate either a post, or a comment against a post, if someone else shares a reference to a post from your blog. Nor will you get a notification, if someone shares a reference to a post from your blog. Your blog is just one object of interest, from the millions of shares published by people in Google+.

If you, yourself, share content from your blog, you will own that share - you can control the content in the share - and you can control any comments placed against that share.

If someone reshares what you share, that reshare becomes the property of the person resharing. If you are in a Circle where your share is reshared, you may see the reshared post in your stream. Again, you will have no control over the reshare - or any comments placed against the reshare.

If you are not in a Circle where your share is reshared, you won't even see the reshare. Even if your blog is referenced in a reshare, your blog is just one object of interest, in the millions of shares published by people in Google+.

Notifications work the same way. If you share content from your blog, you will get Notification when someone comments against your share - or when someone reshares what you share. If someone else shares - or reshares - content from your blog, which you did not originate, you won't get a notification.

With Google+ Comments, a post in your blog is treated like any time anybody shares a post from your blog. You own a post in your blog, just as you own a post which you share from your blog. You can control comments, when made directly against a post from your blog, as with a post shared from your blog.

If your blog uses Google+ Comments, you can moderate the comments by viewing comments on a post by post basis, and deleting what you don't like. You will get no ability to moderate comments before they are published - even if the comments are against your blog. Nor will you get notified when someone publishes a comment against a post in your blog.

Your blog has no comment moderation wizard, no settings for comment moderation, and no settings for comment notification, because you have no ability to moderate comments - nor do you get notifications.

Google+ is pretty much like real life. You can hear what people say about you, when you're in a real life conversation. You can't control what people say about you, behind your back - and you're generally better off not even knowing what people are saying about you, behind your back.

Concentrate on listening to what people tell you, or reading what they share with you. Ignore what you can't control, or hear. Get on with your life. Or, revert the blog, back to Blogger native comments.

>> Top

Custom Domains Purchase - "Buy a domain" Lacks The "Check Availability" Option

We're seeing a few reports from confused blog owners, in Blogger Help Forum: Something Is Broken, who want a non BlogSpot URL for their blog.

I have tried to follow the guide, but my page does not say the same as the guide.

Several blog owners, in trying to use "Add a custom domain" to buy a domain, are observing that there is no "Check Availability" sequence.

Right now, the "Add a custom domain" link in the Publishing wizard simply goes straight to the "Advanced settings" option. This conflicts with Blogger supplied instructions.

In Blogger, locate the Publishing area under the Settings tab. Settings to Publishing.

Then, click the link to add a custom domain name, enter the domain name you'd like, and click Check Availability.

Clicking on "Add a custom domain", we are immediately presented with "Advanced settings".

Right now, we're getting very terse advice from Blogger Support.

Blogger still supports custom domain hosting, though no longer offer an option to purchase domains within the product. To purchase a custom domain, please visit a third party registrar such as GoDaddy or eNom.

Until we hear more, I'll suggest use of eNom or GoDaddy, as advised. If you choose GoDaddy, you may be able to use the Blogger / GoDaddy DNS Setup wizard, to approximate the convenience of "Buy a domain". If you can't use the GoDaddy wizard, please note that the normal rules remain in full effect.

>> Top

Blogs Locked After Detected Account Hacking

One Blogger mystery involves the varying periods of blog unavailability, after hacking activity is detected.

My blog just disappeared from my dashboard - and no, it's not listed under "Deleted blogs"!

When the owner mentions the notice about "suspicious" / "unusual" account activity, or having unlocked the account (by solving a CAPTCHA, receiving a phone message, changing the password) - and is advised to wait "24 to 48 hours" - many ask the obvious.

Is "24 to 48 hours" really accurate?

In reality, the legendary "24 to 48" hour time period is only a ball park figure - and both Blogger / Google, and the blog owner, contribute to the uncertainty.

The well known advice to "Wait 24 to 48 hours", after a Blogger account is locked for suspected hacking activity, is only an estimation of the waiting time, which the owner may have to endure.

Account / Blog integrity verification will, regrettably, take several days.

This is an unavoidable side effect, in account / blog integrity verification.

There are several factors which can contribute to the accuracy of "24 to 48 hours" (which maybe should be stated as "one to two business days").

• Availability of essential Blogger / Google personnel.
• Current hacking activity level, and ongoing Blogger / Google workload.
• Blog content, which complicates hacking payload analysis.

Only the blog owner knows the details of the correct blog content.

We've referenced the first two factors (personnel, and hacking activity level) in the well known Blogger FAQ How long will it take?. The third involves detail which only the blog owner can provide. Many blog owners contribute to this uncertainty, in the development of their blogs.

Hackers add their own blog content - when temporarily undetected.

There are several types of content, which hackers like to add, to blogs temporarily under their control.

1. Advertising - and similar shiny accessories.
2. Custom code - and various template tweaks.
3. Links to other blogs - and to websites outside Google address space.
4. Team memberships - and multiple blog owners.

All of these features, also added by the owner - and allowed (and encouraged) by Blogger - can require extra effort as a blog is validated, after detected hacking activity.

Security experts have to look for hacker added content - and this takes time.

Blogger / Google security experts, in examining an account / blog, must look for features possibly added by the hacker. Security experts have no immediate knowledge what was added by the owner, long ago - as opposed to by a hacker, more recently.

Any advertising, custom code, external links, or team memberships, intentionally added by the owner, will contribute to time spent validating blog integrity.

• Leave a setting or tweak added by the hacker - and the blog remains a security risk, when returned to service.
• Remove a setting or tweak added by a blog owner - and the blog becomes broken, when returned to service.

Neither is desired, by the blog owners - nor by Blogger / Google.

The more custom content, added by the owner, the longer verification takes.

More accessories and tweaks == more time spent by security experts == more time the blog remains offline, while the owner waits in uncertainty.

This uncertainty, added to delayed deletion caused by cache latency, leads to mystery.

All of this brings to mind the old adage.

KISS

Keep it simple, stupid.

Comment Spam And Referer Spam Has Various Purposes

One of the most intriguing subjects discussed in Blogger Help Forum: Something Is Broken involves the seemingly purposeless spam which torments us in our comments and our Stats logs.

I see this random garbage on my blog - and the sites advertised are complete junk. Is there any actual reason for this?

Interestingly, both nice blog spam (in our comments), and referer spam (in our Stats logs), have purposes - though with the continually varying content used in both, it all looks very much like random garbage.

If we analyse the content, structure, and volume of the various spam attacks, we can see patterns - and an understanding of the overall purpose of the spam.

Both our comments - and our Stats logs - are continually assaulted by seemingly random and useless noise, in large volume. This is similar to the random spam which attacks our email.

If you look at enough comment and Stats log spam, you will start to see patterns - and reasons for the spam. The spam, though apparently random in content, is not purposeless.

First, some warning may be appropriate.

1. If you wish to examine the sites advertised in comment or referer spam, learn to use a proxy server.
2. Unless you are a computer security expert, with a properly protected (or intentionally sacrificial) computer, do not surf these sites advertised, using an unprotected computer. Avoidance is the best way to protect yourself.
3. If you do, even inadvertently, surf a comment or referer spam site, quarantine and scan your computer as soon as convenient. If you must surf the sites advertised, while unprotected, diagnosis is the next best way to protect yourself (and others around you).

Examining the comment and Stats based spam diagnostically, you'll see various purposes behind the spam.

• Spam delivery. It is called "comment spam" / "referer spam", after all.
• Malware delivery. This is the secondary purpose, known by many people - and the reason why I provide the above advice.
• Attacks against third party, non spammers. Various third party blogs and websites, who do not subscribe to the service, may be maliciously targeted, by some spam.
• Strategic malware delivery. Some malware may be packaged in portions, delivered through multiple attacks.
• Filter poisoning. Some spam may be simply intended to overwhelm the malware / spam detection systems.
• Email address mining. Some very special comment spam, which I call "Nice Blog" spam, is a very imaginative email address mining technique.

The best way to identify comment and referer spam may be to simply follow the various forum discussions - and observe which spam techniques are reported by multiple blog owners, being assaulted in identical style. As the old saying goes,

If it quacks, it's probably a duck.

>> Top

The REAL Blogger Status Is Actually The ONLY Blogger Status

On June 4, 2013, Blogger retired their Blogger Status blog.

This blog has been retired. The latest information on Blogger service availability will now be displayed on the Apps Status Dashboard.

Now, The REAL Blogger Status has become, by default, The ONLY Blogger Status.

For your convenience, you may find a link to the Apps Status Dashboard, in the Peer Resources gadget, in the sidebar of this blog.