WE ARE BACK

And we are BACK!
Man, that was annoying. I got up Tuesday morning and opened up my site to see… nothing. Forbidden errors everywhere. You know; you saw them too. I fired off a quick support email to my hosting provider asking what was up. I got a reply back pretty quickly informing me that my site had been the target of a DDOS attack for the previous 72 hours, and they’d eventually been forced to shut it down because I was knocking all the other sites off my shared server. The support person claimed that access was now restored. This was not the truth. Not only could I not see the site, I couldn’t ssh or ftp to it either. I was able to get to the access logs though.

There are some assholes in this world, let me tell you. Some person (or persons) is hitting my comment submission page upwards of 70,000 times a day. Luckily my little “captcha” question does a great job of keeping them off the site. Not a single one actually made it into the database. Unfortunately whoever has turned on this firehose doesn’t actually care whether their comments make it through or not. I’ve been explaining it like this: Say someone is prank calling your house every ten seconds. You’ve got caller ID so you know not to pick up the phone, but your phone line is still tied up the entire time. Plus it costs you time and effort to look at the number every time it rings. My php script was filtering them, but it was using up too much processing power to do it. I needed to block them before they got to the filter. Unfortunately they were changing IP addresses every couple hundred requests (mostly using open relays in Bulgaria and Turkey) so I couldn’t just block them outright. Finally the Snook and I hit upon a solution. It involves mod_security, an Apache module that allows me to set rules and kill bad requests before they tie up my system. So far it seems to be working. They’re still pointing the firehose at me, but hopefully I’m deflecting the worst of it.

So the upshot is – I’ve changed to Quadra Hosting, which is based here in Australia. I don’t begrudge my old host for turning off the site, but I am annoyed that they took 72 hours to give me access to my files. (No, I didn’t have a recent backup. Yes, I know this is stupid.) That’s why commenting is still restricted; even though they gave me ftp access, they’ve still locked down that particular file. Anyway, we seem to be back in business. I’ll hopefully have commenting back on as soon as possible. Thanks for hanging in there!

6 Comments

Add yours →

  1. Testing the return of comments…

  2. What crap! I had problems with my project blogs earlier this year – hundreds of junk comments a day – and had to put captcha on each template (took ages!). Then there was a server crash and the captcha disappeared from the rebuilt templates. However, the junk comments seem to all get filtered now and I just delete them every week or so. This may be have been a result of the server rebuild, that they did something to make this happen. The tech guy doesn’t talk to me so I don’t know the details.

    I don’t get it – what does this comment spam achieve?

  3. I don’t think the point was the spam. I think the spam was just the method of attacking my site. None of them were/are getting through, but the person is still doing it. It’s just stupid antisocial behavior, and when I get to be President of the World, such people will be locked up away with the other Deviants (such as Golf Umbrella Carriers, Litterers, and Public Urinators).

  4. I too have such issues(on my email and blog) that I try not to talk about too much because I don’t want to give the person/persons doing it the satisfaction of knowing that I’m pissed off, but now, as I wait for a list of 900 blocked comments and 2 real ones from months ago which I missed(comments aren’t that big a thing on my blarg, obviously), I’m feeling pretty cranky, so, here be some sympathy, msn style. ({)(l)(})

  5. Man. Do you have any idea who it could be? 😛

  6. Nope. As far as I know, I haven’t pissed anybody off anymore than usual lately.

Comments are closed.