For the past couple of weeks I’ve been spending much time away from news sources, computers, and the usual suspects, and actually trying to get out of the house once in a while and see actual human beings in person. So I haven’t written too much.
While I was out, some comment spammers decided to try their luck here. None of them succeeded in getting their garbage posted, but their attempts did create a noticeable impact on the server. While at the moment I believe it’s unrelated, a few days ago I had to completely reinstall this server from scratch. The blog lived on a backup machine (a Pentium 166 with 96MB RAM) for about a day. The reason for the reinstall is that the server’s filesystem was corrupted beyond repair. Fortunately, I was able to rescue nearly all of my files, and the blogs as well.
The Pentium 166 handles WordPress only with difficulty, and access to the site was slow at best during that time. Little of that was caused by spammers; mostly it was the age and capacity of the machine. It’s definitely somewhere below the recommended requirements for PHP-based software. Anyway, I only use it in cases of emergency, such as happened on Thursday.
It did get me to thinking, however. If the spammers had hit during that time, the site would have been completely crippled by denial of service. This is currently a problem without a solution; at this time nothing exists which can prevent or even mitigate a DoS attack by comment spammers. This is not unthinkable; almost two months ago Dr Dave was hit by such a DoS attack. His site was down for a day. I don’t think the spammers had intended to knock him offline, but the extreme load that they put on his Web host by hitting his site from multiple addresses at once forced him offline. That’s denial of service.
And even he can’t seem to stop them, and not from lack of trying. He did create Referrer Karma, which goes a long way toward mitigating one particular type of attack, but doesn’t do that much against comment spam, and still leaves many holes open through which determined spammers (and they are determined, if mostly stupid) can run right through.
That has to change, and I am going to change it. Look for updates here soon.
On that note, there’s someone out there, and you know who you are, who has subscribed to my RSS feed and is updating once a minute. Please do something about that now. I don’t write here frequently enough to justify once-a-minute updating, and it does have an impact on the site. Try an hour, or 30 minutes, or something. Thank you.
(No Ratings Yet)
Loading ...
Karl Marx would love the popular moves among politicians in various state governments and the federal government to ban so-called "junk" food in schools, and to "put healthy food in" convenience stores and on the tables of those they define as poor. It's a very elitist and arrogant mindset that promotes this ideology, and it needs to be addressed.
Ultimately, the war supporters in Congress prevailed in the vote on the resolution. Still, the vote was significant because it places every member of Congress on the record as supporting or not supporting the unconstitutional, costly, violent occupation of a country that never attacked us. This vote should serve as an important reminder to the American people of where their representatives really stand when it comes to policing the world, empire building, and war.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works license.
Video published by this site is licensed under a Creative Commons Sampling+ license.
Facebook
Digg
del.icio.us
reddit.com
Newsvine
jesus_
Apr 10, 2005
I laughed when I read the 1 minute rss update stuff, untill I found out I had someone doing that on my blog too. Guess what, I mistyped and it was _my_ client updating every minute.
Very sorry, slapped self repeatedly…
dr Dave
Apr 10, 2005
Hmmn… Comment spam and referrer spam are two different things… As far as I know, when properly configured, Referrer Karma works perfectly. I basically haven’t had a single referrer spam for a month now. And that does mean I have no longer to fear that kind of DDoS problem.
RK isn’t supposed to stop comment spam at all. But as it turns out, it does block a sizable share of spammers at the door, through its IP blacklisting system. Which there again decreases the load. It certainly could use lots of improvements, but basically, it works great and I hardly even have to do anything with it as it is, so why bother…
Michael Hampton
Apr 10, 2005
Good point, Dave… since comment spammers are also doing some of the referrer spamming, blocking the IP addresses of their spambots helps a lot. I feel, however, that there’s room for improvement, and I know that on occasion the spammers do wise up and adapt their methods.
There’s been talk on the wp-hackers list about incorporating some of the techniques you use in RK/SK2 into WordPress, and when that happens, the spammers will have to find new ways of getting their spam posted, or else go find real jobs. Which do you think will happen?
Whatever they do next, I intend to be ready.