As I hinted in my report several days ago about this server suffering a DOS attack, I’ve taken some measures to prevent a repeat occurrence. One of them was to install the mod_evasive Apache module, which was suggested by a number of people. (There’s also mod_security. It’s way more complex than I need right now, but would be worth looking at for a busier server.) Initially I was skeptical, since mod_evasive doesn’t seem to be a very actively maintained project.
Other than using Akismet, the anti-comment-spam measures I have in place here are pretty primitive. I block some common patterns and blacklist some IPs. (I don’t have plans to make it any more sophisticated since I’ve told myself any new blog engineering effort needs to go to the new Django-based version, not the old PHP5 one.) I was looking at server logs this week and noticed an unusual number of POST requests, then realized that they were foiled comment-spam attempts.
One of my neglected side projects, purportal.com, features a “Scammy spam library” where I share the text of scam emails I’ve been collecting. Today it reached the 1000-specimen milestone, so I wrote a little script to count word frequencies. The raw list reads like some of the less coherent messages itself: account email our please ebay me paypal information bank any address through contact security am money funds us million…
Each year I spend some time doing research on inexpensive web hosting options for my students. It’s virtually impossible to find a cheap hosting company whose name doesn’t produce copious results for a Google search on “FoobarHost.net sucks”. The predominating mood for me at the end of this research is always: I’m really glad I have more than $10/month to spend on hosting. Since fall 2003 I’ve had a FreeBSD VPS with JohnCompanies, and it’s really quite excellent.
$ sudo portupgrade php5 php5-curl php5-sqlite php5-bla bla bla... ---> Upgrading 'php5 bla bla bla...' ... [Updating the pkgdb bla bla... done] $ sudo apachectl graceful $ This was on a live server, with only the briefest of interruptions; no drama. Boring things should be boring. I love FreeBSD. Chip Kaye commented on Sat Jan 6 11:27:47 2007: Hi Paul, Was this FreeBSD/Darwin under OS X, or do you like to run a true/stock FreeBSD server?
My little pastebin site, dpaste.com, has been chugging along nicely since I announced it here about six weeks ago. Today I updated to the very latest Pygments codebase, which allowed me to add colorizers for Apache config files and bash scripts. I’ve also started to add some Django-specific rules to the Python colorizer; it now recognizes Django model field types (model.CharField and the like). My thanks go to everyone who’s been using it, especially those who have given me feature suggestions and problem reports.
I suggested to Carl over at Codegolf that the old reverse game would make an interesting challenge. He agreed, and after making some changes to his site’s back-end (to accommodate multiple correct solutions) he unveiled the challenge today: http://codegolf.com/reverse I can’t wait to give it a try!