[pLog-svn] spam

Paul Westbrook paul at westbrooks.org
Sun Dec 17 09:56:33 GMT 2006


Hello,
    I commented out the dns blacklist test, as those are also done in  
the dnsblacklist plugin.

--Paul


On Dec 16, 2006, at 4:40 PM, Jon Daley wrote:

> 	We first should fix the two (I commented one, and I think someone  
> else commented the other - I am not sure what the first one does)  
> things we commented out in the bad behavior plugin.
> 	The one I commented out was due to javascript being cached in the  
> smarty template, causing it to report incorrect errors.
>
> 	The site I was looking at today does use bad behavior already.  I  
> use the renice trick on their entire blog, not just the resources.   
> The way the spammers seem to operate is have one computer that runs  
> through and gets all the articles.  Then that list is published out  
> around the world, and then ~12 hours later, a massive attack  
> happens, one comment from each ip.
> 	On my own blog, I was able to block the reader ip, and that  
> stopped all of the spam.  I am getting more now, so there is  
> probably a new reader, but I haven't analyzed it yet.
> 	The trouble is that even the reader can cause problems for  
> LifeType - generating a couple article views every second is enough  
> to make my server not very happy, though not enough to kill it.   
> The thousands of comments in the span of some number of minutes is  
> enough to kill it.
>
> 	What I would like is some sort of rate-limiting thing,  
> particularly per ip, but even not per ip might be useful too.   
> Maybe something can be added to bad-behavior to include reads, and  
> not just posts.  I think it already tracks the timestamps of every  
> post, and even reads, so it might not be that hard to do.  Paul -  
> you have probably know the code the best.  Are you interested in  
> looking at that?
>
> On Sun, 17 Dec 2006, Oscar Renalias wrote:
>> Yes, that's the one I was thinking about.
>>
>> Would it be feasible to integrate it with the core? Are we really  
>> sure that it loads less code than "standard" plugins?
>>
>> On 17 Dec 2006, at 00:07, Paul Westbrook wrote:
>>
>>> Hello,
>>>   The plugin that I believe that you are thinking about is the  
>>> Bad Behavior plugin.  This plugin rejects the http connection,  
>>> essentially before any LifeType code sees the request.
>>> --Paul
>>> On Dec 16, 2006, at 1:59 PM, Oscar Renalias wrote:
>>>> Isn't the akismet plugin working at a much lower level and in a  
>>>> more effective way than our current anti-spam systems? Could it  
>>>> be merged into the core and leverage its lower requirements?
>>>> On 16 Dec 2006, at 20:34, Jon Daley wrote:
>>>>
>>>>> 	My guess is that the main problem of people running large blog  
>>>>> hosting environments is the spammers.  They can hit the server  
>>>>> so fast, and use up the whole CPU and GBs of RAM very quickly.
>>>>> 	And once a blog has been abandoned, spammers can jump all over  
>>>>> it.
>>>>> This also happens to a wordpress installation I have, so we  
>>>>> don't have to feel really bad about it, but it would be nice to  
>>>>> have a way to block spam with very little resources.
>>>>> -- 
>>>>> Jon Daley
>>>>> http://jon.limedaley.com/
>>>>> The human mind ordinarily operates at only ten percent of its
>>>>> capacity - the rest is overhead for the operating system.
>>>>> _______________________________________________
>>>>> pLog-svn mailing list
>>>>> pLog-svn at devel.lifetype.net
>>>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>>> _______________________________________________
>>>> pLog-svn mailing list
>>>> pLog-svn at devel.lifetype.net
>>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>> --
>>> Paul Westbrook
>>> paul at westbrooks.org
>>> <http://www.westbrooks.org>
>>> _______________________________________________
>>> pLog-svn mailing list
>>> pLog-svn at devel.lifetype.net
>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>
> -- 
> Jon Daley
> http://jon.limedaley.com/
>
> Inside every small problem is a large problem struggling to get out.
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn

--
Paul Westbrook
paul at westbrooks.org
<http://www.westbrooks.org>




More information about the pLog-svn mailing list