My name is Paul Bissex, and e-scribe.com is my consulting business. I build web applications using as much open source software as possible. From September to June I teach web design and other important non-photographic professional skills to photographers. In the '90s I wrote technology commentary and reviews for magazines, newspapers, and web publications, including Wired, Salon.com, FamilyPC, the late lamented Web Review, and the Chicago Tribune. Feel free to email me.
I'm co-authoring a book, "Python Web Development with Django", with Jeff Forcier and Wesley Chun. It will be published by Prentice Hall in July 2008, but is available for pre-ordering on Amazon now.
This site is built on a fresh trunk checkout of Django, running on Python 2.5.1, served by Apache and mod_python. The database is SQLite. The operating system is FreeBSD, on a VPS hosted at Johncompanies.com. Comment-spam protection by Akismet. Vintage topo imagery from the Maptech archive.
Akismet, del.icio.us, Django, dpaste.com, Emacs, FreeBSD, Freenode, jQuery, LaunchBar, MacPorts, Markdown, Mercurial, OS X, Postfix, Python, SQLite, Subversion, TextMate, Trac, Ubuntu Linux, wmii
Copyright 2008
by Paul Bissex
and E-Scribe New Media
If you tried to reach this blog or anything else on this server this afternoon, you may not have had much luck.
A computer in Korea was hammering my server so hard (aka Denial of Service attack) that my hosting provider temporarily disabled Apache so that my instance didn't bog down the whole VPS. I was busy at work when this happened and am not sure exactly how long it was out, but this was one of the most severe outages I've had in the last three and a half years.
I've blocked the offending IP, and made some other tuning adjustments. Up until now I've had the luxury of relatively low and predictable traffic, but this incident has gotten me a bit more interested in learning how to handle high loads with Apache/mod_python without eating all memory in sight.
Thanks, Cory -- a couple other people have suggested that as well, so I'm looking into it.
So you have identified the attacking IPs. Is it all? No defense against criminals who try to ruin your business ? The attack originators should be penalized by autohorities, or? I was hardly able to find any information on this so any experience woudl be appreciated.
I did send a report to the abuse address associated with the netblock of the attacking IP, but didn't get much of a response.
Comments use Markdown syntax. Your comment will not appear until approved, which may take a few hours or more. Spammers will be torpedoed.
The iPhone keyboard doesn't suck
Python one-liner of the day
7 comments
How not to advocate via Google Code
2 comments
99 problems
3 comments
bitmonk
Obscure "svn mv" problem solved
54 days ago
Charlie
Book news: Rough Cuts and Amazon
55 days ago
Simon Griffee
Django Mercurial mirror tweaks
72 days ago
Jason Calleiro
From PHP to Python
73 days ago
Yuli
dpaste.com
76 days ago
bruce
Neat Python hack: infix operators
80 days ago
David Reynolds
The original Lego Star Wars
88 days ago
At least 31791 pieces of comment spam killed since January 12th. Thanks are mostly due to Akismet.
You might also consider using
mod_evasive, an apache module for defending against DoS attacks: http://www.zdziarski.com/projects/mod_evasive/