[theforum] weo white screen of death...
Martin Burns
martin at easyweb.co.uk
Wed Nov 15 10:13:36 CST 2006
On Wed, 15 Nov 2006 07:53:24 -0700, Dean Mah wrote:
> John Handelaar wrote:
>> Martin Burns wrote:
>>> Time to break out the Throttle module?
>>
>> This may not go down as a popular suggestion,
>> but... perhaps it's time to break out iptables
>> and blackhole the country they're coming from.
>
> I would vote against it unless all other avenues have been investigated.
> In general, I'm against blanket blocking whether it be dropping e-mail
> for the lists from non-subscribers to hits against the Web site.
>
> I would prefer to programmatically block people or to handle the
> situation. What does "spammish accesses" look like from the server
> perspective? Is there something that characterizes such access? For
> instance, are the bots sending POSTs before doing GETs? Can we block
> that instead? For example, awhile ago spammers were trying to post
> trackbacks but we have them disabled. Any access to the trackback URL
> should be blocked from ever hitting Drupal and the database.
This is pretty much what BadBehavior is doing already - it's blocking
malformed HTTP requests, pretty much anything looking like a spider
other than known useful bots (Google for one), plus anyone whose IP
has been naughty before (individual IPs, not netblocks it would seem).
And it does this at the PHP layer, without much DB access other than
writing the log and checking for previous miscreants. Requests get
blocked long before they're requesting all the page data.
http://www.ioerror.us/software/bad-behavior/bad-behavior-download
if you want to take a look at what's going on (we're running v1.2.4).
I'd agree incidentally, that I'd rather gracefully degrade where
possible, hence the Throttle Module suggestion, which lets us selectively
and automagically shut down Drupal modules when load is high.
Cheers
Martin
--
"Names, once they are in common use | Spammers: Send me email to
quickly become mere sounds, their | -> yumyum at easyweb.co.uk
etymology being buried, like so many | my filter. Currently killing over
of the earth's marvels, beneath the | 99.9% of all known spams stone dead.
dust of habit." - Salman Rushdie | http://nuclearelephant.com/projects/dspam
More information about the theforum
mailing list