Skip to content

Have you upgraded Akismet lately?

17 January 2007, 9:24 am

In the process of cleaning up after the comment spam bomb yesterday, I noticed that my Akismet plugin is a little out of date. I was running 1.15, and the Akismet download page says they now have version 1.21. After downloading and installing, I see it is actually reported as version 1.81. I’ve asked Akismet what the correct most recent version is. Regardless, I’ve upgraded.

The only new option in the Akismet Configuration panel is a checkbox “Automatically discard spam comments on posts older than a month.” That makes sense, I generally allow Akismet tagged messages to disappear after 15 days anyway. Right now there are 3,682 messages waiting to be purged in my queue. Hopefully half a month from now the queue will be mostly empty. I think I’ve only ever had one message that was incorrectly tagged as spam by Akismet. Not bad, out of 14,093 messages.

I do wish that the Manage Akismet spam page was easier to load. It attempts to show all the messages that have been tagged. It usually kills my browser. It would be nice to browse it by post that was commented on. Or by date. Grouped by X number of messages at a time? Or if I could automatically discard certain messages (e.g. if the message contains keywords like viagra, insurance, poker, etc…).

Filed under Spam.
Comments Off on Have you upgraded Akismet lately?

Renaming wp-comments-post.php does not help

17 January 2007, 9:09 am

Yesterday afternoon I renamed the default comments post file from wp-comments-post.php since I was being hit hard by comment spammers. The new filename started getting hit softly about 10 hours later, although the old filename is still being hit. So unless you change the comment post filename regularly, it doesn’t do much good.

Filed under Spam.
3 Comments

Automated Blocking of Comment Spammers

16 January 2007, 1:57 pm

I wrote a quick shell script to collect the IP addresses of the comment spammers. And then I’m adding them to a DENY blocklist in apache. Should I use iptables via killroute? Time to do some learning.

The rate of oncoming spam attempts has slowed a bit, 233 attempts blocked by the renamed comment script; 123 blocked via the blocklist. So it’s helping.

(Comments re-enabled after tweaking my theme)

Filed under Spam.
Comments Off on Automated Blocking of Comment Spammers

Comment Spammers Causing a DOS

16 January 2007, 1:39 pm

Over the last few months the web/mail server running PlanetMike.com has locked up randomly, although usually at night. It always resulted in needing a hard reboot. My web host says it was simply running out of RAM. So I’ll be moving to an upgraded server shortly. Just now I noticed my site was coming up slowly, so I logged in quickly (or as quickly as I could). Everything looked ok, no funny or unknown processes in ps or top. For some reason, I checked the status of apache. httpd (pid 21358 21357 21355 21352 21351 21348 21329 21328 21327 21326 21322 21321 21318 21313 21312 21310 21305 21304 21303 21302 21299 21298 21296 21265 21264 21263 21262 21260 21259 21255 21244 21243 21240 21231 21230 21228 21226 21225 21224 21221 21220 21218 21211 21210 21207 21203 21148 21145 21142 21130 21114 21113 21112 21111 21100 21099 21089 21058 20870 20869 20867 20866 20864 20788 20787 20785 20780 20779 20777 20763 20762 20761 20757 20756 20726 20723 20576 20568 20428 20286 20223 20213 20190 20189 20186 20025 20024 20023 20022 20021 20020 20018 19987 19254 19215 19203 18190 18120 18119 18118 17926 17925 17924 17923 17310 17291 15245 15229 15191 14150 8091 7837 7832 7829 7769 5524 4181 1870 1860 1790 1437 1374 1295 1186 847 835 724) is running…

Whoa! What is all that? netstat showed a ton of connections. I stopped apache and looked through the web logs. It’s freaking tons of attempts to post comments to my blog. I renamed the wp-comments-post.php file to something else, restarted apache, and five minutes later, I already have 160 404 errors. (now up to 164). Idiot spammers.

What was happening is a DOS attack on myself via Akismet I would guess. I guess the next step in the comment battle was is to rename the comment submission page, and tweak WordPress to look for the new file name. Urgh!!!!

Now I’m up to 229 attempts.

Filed under Spam.
Comments Off on Comment Spammers Causing a DOS

Usage Statistics for PlanetMike.com: 2006

1 January 2007, 11:47 pm

Usage summary for PlanetMike.com

Summary by Month
Month Daily Avg Monthly Totals
Hits Files Pages Visits Sites KBytes Visits Pages Files Hits
Dec 2006 16,805 14,609 8,793 2,809 41,165 5,879,258 87,079 272,604 452,882 520,955
Nov 2006 16,775 14,736 8,641 2,645 44,589 5,877,010 79,357 259,244 442,109 503,253
Oct 2006 17,839 15,504 8,547 2,765 50,249 5,956,179 85,739 264,966 480,629 553,014
Sep 2006 20,088 17,669 8,739 2,824 51,081 6,898,215 84,723 262,192 530,087 602,666
Aug 2006 18,683 16,257 8,249 2,665 50,214 6,048,154 82,639 255,722 503,988 579,198
Jul 2006 17,164 14,533 9,284 3,076 39,058 5,408,891 95,364 287,813 450,526 532,090
Jun 2006 20,540 17,854 11,474 3,314 46,949 5,376,428 99,421 344,221 535,628 616,204
May 2006 23,530 21,759 13,058 3,215 54,262 6,999,769 99,682 404,803 674,532 729,437
Apr 2006 25,790 23,075 14,416 3,020 53,668 7,548,283 90,611 432,503 692,258 773,701
Mar 2006 24,213 21,573 11,828 3,353 58,434 7,417,974 103,954 366,689 668,782 750,619
Feb 2006 23,781 21,534 12,356 2,615 52,077 7,536,538 73,227 345,973 602,952 665,871
Jan 2006 17,481 15,464 7,539 2,199 48,956 5,788,934 68,184 233,711 479,399 541,929
Totals 76,735,633 1,049,980 3,730,441 6,513,772 7,368,937
Filed under Site-details. Tagged 
Comments Off on Usage Statistics for PlanetMike.com: 2006

Happy New Year! The First Penny Stock Spam of 2007

1 January 2007, 1:58 am

Wow, only 37 minutes into 2007, and the penny stock spam has already started.

WE WANT TO REPRESENT YOU ANDROS ISLE DEVELOPM (AVPJ.PK)!
BUY AVPJ JUST AFTER NEW YEAR. THE ALARM IS STARTED!!! AND IT IS GOING TO BURT!
WE REPRESENT FOR YOU THE NEXT PRICES:
TARGET PRICE IN 1 WEEK: 0.72$.BUY IT NOW!
USE YOUR BROKERAGE SITE KNOW THE HOT INFORMATION ON THIS UNBELIEVABLE COMPANY.
IT’S GETTING GROWTH ALMOST EVERY HOUR! MORE THAN 85% DAILY FROM STARTING COST.
THIS IS YOUR GREAT CHANCE TO DOUBLE YOUR INVESTMENT FOR SHORT PERIOD.

Remember, this stock is going to Burt! Mr. Reynolds, hold onto your money tight.

Filed under Spam.
Comments Off on Happy New Year! The First Penny Stock Spam of 2007

Snap Preview Anywhere Hurting User’s Web Experience

29 December 2006, 7:53 am

Snap.com is running a new service, Snap Preview Anywhere. It allows websites to have the links on their site show a preview of the linked site in a floating window. I have stumbled across several sites that are using this technology, and I find it distracting. I’m reading through a page, I scroll down and the mouse randomly ends up over a link. Poof! a pop-up window appears, and I’m looking at the preview of that linked page. It is quite distracting, partially because the preview is slow to load, and partially because something is happening on the web page that I’m not expecting. I’m not expecting anything because I’m not doing anything to cause something to happen. Simply moving my mouse and not clicking should not cause something to happen. The behavior is very similar to pop-up ads.

Filed under Advertising, Web-design.
6 Comments

Is Python the equivalent of Basic?

11 December 2006, 4:18 pm

I am about to inherit a Plone based web site at my day job. So I’m reading through the docs at the Plone web site, and they say that I should learn Python. I am shortly at How to Think Like a Computer Scientist and am running my first Hello world program (command) in Python on my Mac. It sure looks like BASIC. 

print "Hello, World!"

is the same in BASIC and Python. Cool. Let’s see what happens.

Filed under Technology, Web-design.
Comments Off on Is Python the equivalent of Basic?

Domain Registry Support; Network Solutions Whois database is down

8 December 2006, 9:04 am

I can’t access the Network Solutions Whois database. 

* WELCOME to the VeriSign Global Registry Service Whois Server.
*
* Sorry, the Whois database is currently down.
*
* Please wait a while and try again.  Thanks

I needed to use it to confirm the registration dates for one of my domains hasn’t passed. I got three (3!) faxes (faxes!) yesterday from a company, no name (maybe Domain Registry Support? if so, what a stupid confusing name, which is what they are going for), apparently trying to get me to panic and to switch the registration over to them.

Here’s one of the faxes. I haven’t removed or edited it, since all the information in it is in the public Whois database anyways.

After googling for “Domain Registry Support” I see that they have a history of scamming. Now they’ve moved onto flat out lying, and breaking the TCPA by sending unsolicited faxes.

The Wikipedia page for Domain Registry Support is informative.

Filed under Spam, Web-design.
1 Comment

Chinese spiders/robots downloading mp3 files?

7 December 2006, 12:49 am

While running the web traffic stats for some of my podcast sites, I noticed that a bunch of my MP3 files have been downloaded a bunch of times from the same IP address. And then two seconds later, it is downloaded again. Luckily the second time apache reports a 206 (file unchanged) error. The IP addresses all map back to China. Sometimes the referrer is http://www.qq.com, apparently a Chinese portal. Sometimes the referrer is listed as a web site, with an IP address, e.g. http://920.981.927.954/index.html

Is this a lame DOS attack? Or simply people in China looking for downloadable music? Maybe these IP addresses are simply the IP address of the proxy that China has to use to get out to the wider Internet. Should I simply block http-request traffic from China? My podcasts certainly aren’t being marketed to anyone in Asia.

Amusingly, I did find a referrer from a music sharing network that indexes based on mp3 tag and filename. I have no music to download, but the title to one of our reviews has “music man” in it.

Filed under Spam, Web-design.
Comments Off on Chinese spiders/robots downloading mp3 files?
« Older Entries
Newer Entries »