Managing your own server is a pain in the arse at the best of times, namely because if it goes down or has security issues, there is nobody to blame or to find a resolution but yourself.
My hostees have beenÃ‚Â having a rough time for the past two or three months, the rack has been down more times than aÃ‚Â cheapÃ‚Â hooker.
I couldn’t work out what the issue was initially, just that for some reason, almost immediately after being booted up, the resources would slowly become more and more sparse which would inevitably result in the box falling over and the only thing that would revive it was a restart.Ã‚Â
After some investigation however, it came to light that it was a script that was doing the damage. Which script, you might ask?
Well, none other than wp-comments-post.php, the process that deals with WordPress comments. It was being hit thousands of times a minute and obviously, because I use a captcha (the little code thing that you have to type in before you can post a comment), all the requests were being denied, but, still serving up a hefty page of html on each failure.
Spambots are the bain of any hosts life, especially in the age that we live in now.
It used to be that inboxes just got clogged up with erectile disfunction emails, but it seems that spam filters and tired, vigilant recipients have made the mail spammers redundant, so they have gone out on a limb to carry on their work in new and inventive ways.Ã‚Â
For bloggers, that means comment spam and trackback spam. In the early days of blogging and the use of ‘CMS’ (Content Management Systems) this was not an issue. In fact, it only really started cropping up in 2004, and when it started, I wasn’t even too sure what was happening. But since then, a war has been declared on the blogging community by the spam peddlers.
If I didn’t have any spam protection, hintofsarcasm would easily receive over 1,000 spam comments per hour.
But just because they don’t get through doesn’t mean it won’t generate traffic.
Each time a spam comment or trackback is rejected by my website, it generates an error message, which under normal circumstances would be helpful as a human would be reading it and could correct their error. However, a bot just discards this information and thus it becomes a waste of precious bytes.
In these days of metered internet and high bandwidth costs, this can be a substantial hurdle to any blogger trying to prove their worth.
As soon as a blog becomes popular, the spambots will start to hit it, and depending on the size of the blog, they can hit hard. As previously mentioned, HoS gets hit thousands of times a minute and there is very little that I can do about this, short of banning entire continents from viewing the site.Ã‚Â
I have put in place a temporary workaround, changing the name of the script that handles wordpress comments, as many bots use cached information of what url to hit and then setting the old wp-comments-post.php to redirect instantly to a non-existant website (something like goawayspammingscum.com). This still generates traffic, but gladly, only a few bytes, compared to the kilobytes it was using before.
It won’t be long however before the bots re-train and pick up the new script and I have to change the name again. It’s an endless circle.
But, what can you do? Answers on a postcard..