Posts tagged: SITE

I launched this blog in July of 2005. It was powered by a homebrew PHP5 creation that as of today has, finally, thankfully, been laid to rest.

The other thing that started absorbing my attention in July 2005 was Django. Every month since then, I’ve thought, “You know, I should make some time this weekend to port my blog over to Django.” I was using it for everything else, after all, side projects as well as web applications at work. The word “port” was the mistake there – if I had said, “I should make some time this weekend to destroy my old blog and make a clean-slate Django version”, I probably would have gotten it done about two years ago!

Damned spammers. Looks like a big batch of drug-spam just went out with my personal email forged as the sender. The number of backscatter messages I’ve gotten today exceeds the number of spams that usually make it through to me in a week. Why? Because my anti-spam measures are mostly about blocking messages from “bad” mail servers, and backscatter comes from “good” mail servers.

I’m laying a lot of ironic emphasis on those quotes around “good” because I shouldn’t be getting those backscatter messages at all. They piss me off – at the spammers, of course, but also at the people who run the mail servers which are helpfully “returning” mail to me that I did not send. In a more idealistic time I might have suggested that they could have avoided this by using SPF (which is true), but this is an even more basic competence issue. To quote from the above linked page:

You know, I have yet to actually try Twitter, but if this is the kind of thing people say on Twitter then it’s OK with me!

As I hinted in my report several days ago about this server suffering a DOS attack, I’ve taken some measures to prevent a repeat occurrence. One of them was to install the mod_evasive Apache module, which was suggested by a number of people.

(There’s also mod_security. It’s way more complex than I need right now, but would be worth looking at for a busier server.)

Initially I was skeptical, since mod_evasive doesn’t seem to be a very actively maintained project. But it looked so simple I decided to give it a try. Installing via FreeBSD ports was, as usual, nearly instantaneous. Configuration looks like this (I’ve omitted a few settings for simplicity’s sake, and these are not the actual numbers I’m using):

Other than using Akismet, the anti-comment-spam measures I have in place here are pretty primitive. I block some common patterns and blacklist some IPs. (I don’t have plans to make it any more sophisticated since I’ve told myself any new blog engineering effort needs to go to the new Django-based version, not the old PHP5 one.)

I was looking at server logs this week and noticed an unusual number of POST requests, then realized that they were foiled comment-spam attempts. I counted them up: