[pLog-svn] spam
Paul Westbrook
paul at westbrooks.org
Sun Dec 17 09:56:33 GMT 2006
Hello,
I commented out the dns blacklist test, as those are also done in
the dnsblacklist plugin.
--Paul
On Dec 16, 2006, at 4:40 PM, Jon Daley wrote:
> We first should fix the two (I commented one, and I think someone
> else commented the other - I am not sure what the first one does)
> things we commented out in the bad behavior plugin.
> The one I commented out was due to javascript being cached in the
> smarty template, causing it to report incorrect errors.
>
> The site I was looking at today does use bad behavior already. I
> use the renice trick on their entire blog, not just the resources.
> The way the spammers seem to operate is have one computer that runs
> through and gets all the articles. Then that list is published out
> around the world, and then ~12 hours later, a massive attack
> happens, one comment from each ip.
> On my own blog, I was able to block the reader ip, and that
> stopped all of the spam. I am getting more now, so there is
> probably a new reader, but I haven't analyzed it yet.
> The trouble is that even the reader can cause problems for
> LifeType - generating a couple article views every second is enough
> to make my server not very happy, though not enough to kill it.
> The thousands of comments in the span of some number of minutes is
> enough to kill it.
>
> What I would like is some sort of rate-limiting thing,
> particularly per ip, but even not per ip might be useful too.
> Maybe something can be added to bad-behavior to include reads, and
> not just posts. I think it already tracks the timestamps of every
> post, and even reads, so it might not be that hard to do. Paul -
> you have probably know the code the best. Are you interested in
> looking at that?
>
> On Sun, 17 Dec 2006, Oscar Renalias wrote:
>> Yes, that's the one I was thinking about.
>>
>> Would it be feasible to integrate it with the core? Are we really
>> sure that it loads less code than "standard" plugins?
>>
>> On 17 Dec 2006, at 00:07, Paul Westbrook wrote:
>>
>>> Hello,
>>> The plugin that I believe that you are thinking about is the
>>> Bad Behavior plugin. This plugin rejects the http connection,
>>> essentially before any LifeType code sees the request.
>>> --Paul
>>> On Dec 16, 2006, at 1:59 PM, Oscar Renalias wrote:
>>>> Isn't the akismet plugin working at a much lower level and in a
>>>> more effective way than our current anti-spam systems? Could it
>>>> be merged into the core and leverage its lower requirements?
>>>> On 16 Dec 2006, at 20:34, Jon Daley wrote:
>>>>
>>>>> My guess is that the main problem of people running large blog
>>>>> hosting environments is the spammers. They can hit the server
>>>>> so fast, and use up the whole CPU and GBs of RAM very quickly.
>>>>> And once a blog has been abandoned, spammers can jump all over
>>>>> it.
>>>>> This also happens to a wordpress installation I have, so we
>>>>> don't have to feel really bad about it, but it would be nice to
>>>>> have a way to block spam with very little resources.
>>>>> --
>>>>> Jon Daley
>>>>> http://jon.limedaley.com/
>>>>> The human mind ordinarily operates at only ten percent of its
>>>>> capacity - the rest is overhead for the operating system.
>>>>> _______________________________________________
>>>>> pLog-svn mailing list
>>>>> pLog-svn at devel.lifetype.net
>>>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>>> _______________________________________________
>>>> pLog-svn mailing list
>>>> pLog-svn at devel.lifetype.net
>>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>> --
>>> Paul Westbrook
>>> paul at westbrooks.org
>>> <http://www.westbrooks.org>
>>> _______________________________________________
>>> pLog-svn mailing list
>>> pLog-svn at devel.lifetype.net
>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>
> --
> Jon Daley
> http://jon.limedaley.com/
>
> Inside every small problem is a large problem struggling to get out.
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn
--
Paul Westbrook
paul at westbrooks.org
<http://www.westbrooks.org>
More information about the pLog-svn
mailing list