[pLog-svn] spam
Jon Daley
plogworld at jon.limedaley.com
Sun Dec 17 00:40:11 GMT 2006
We first should fix the two (I commented one, and I think someone
else commented the other - I am not sure what the first one does) things
we commented out in the bad behavior plugin.
The one I commented out was due to javascript being cached in
the smarty template, causing it to report incorrect errors.
The site I was looking at today does use bad behavior already. I
use the renice trick on their entire blog, not just the resources. The
way the spammers seem to operate is have one computer that runs through
and gets all the articles. Then that list is published out around the
world, and then ~12 hours later, a massive attack happens, one comment
from each ip.
On my own blog, I was able to block the reader ip, and that
stopped all of the spam. I am getting more now, so there is probably a
new reader, but I haven't analyzed it yet.
The trouble is that even the reader can cause problems for
LifeType - generating a couple article views every second is enough to
make my server not very happy, though not enough to kill it. The
thousands of comments in the span of some number of minutes is enough to
kill it.
What I would like is some sort of rate-limiting thing,
particularly per ip, but even not per ip might be useful too. Maybe
something can be added to bad-behavior to include reads, and not just
posts. I think it already tracks the timestamps of every post, and even
reads, so it might not be that hard to do. Paul - you have probably know
the code the best. Are you interested in looking at that?
On Sun, 17 Dec 2006, Oscar Renalias wrote:
> Yes, that's the one I was thinking about.
>
> Would it be feasible to integrate it with the core? Are we really sure that
> it loads less code than "standard" plugins?
>
> On 17 Dec 2006, at 00:07, Paul Westbrook wrote:
>
>> Hello,
>> The plugin that I believe that you are thinking about is the Bad Behavior
>> plugin. This plugin rejects the http connection, essentially before any
>> LifeType code sees the request.
>>
>> --Paul
>>
>>
>> On Dec 16, 2006, at 1:59 PM, Oscar Renalias wrote:
>>
>>> Isn't the akismet plugin working at a much lower level and in a more
>>> effective way than our current anti-spam systems? Could it be merged into
>>> the core and leverage its lower requirements?
>>>
>>> On 16 Dec 2006, at 20:34, Jon Daley wrote:
>>>
>>>> My guess is that the main problem of people running large blog
>>>> hosting environments is the spammers. They can hit the server so fast,
>>>> and use up the whole CPU and GBs of RAM very quickly.
>>>> And once a blog has been abandoned, spammers can jump all over it.
>>>>
>>>> This also happens to a wordpress installation I have, so we don't have to
>>>> feel really bad about it, but it would be nice to have a way to block
>>>> spam with very little resources.
>>>>
>>>> --
>>>> Jon Daley
>>>> http://jon.limedaley.com/
>>>>
>>>> The human mind ordinarily operates at only ten percent of its
>>>> capacity - the rest is overhead for the operating system.
>>>> _______________________________________________
>>>> pLog-svn mailing list
>>>> pLog-svn at devel.lifetype.net
>>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>>>
>>>
>>> _______________________________________________
>>> pLog-svn mailing list
>>> pLog-svn at devel.lifetype.net
>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>
>> --
>> Paul Westbrook
>> paul at westbrooks.org
>> <http://www.westbrooks.org>
>>
>>
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn
--
Jon Daley
http://jon.limedaley.com/
Inside every small problem is a large problem struggling to get out.
More information about the pLog-svn
mailing list