Back online and pissed off
I learned about a new kind of spam today. New to me, in any case. These evil bastards are called “comment referrers” and their weapon is “referral spam.” In researching this subhuman activity, I found a blog called coldforged.org that explained comment referrers this way:
For those unaware, ???referrer/referral spam??? refers to the practice of sending a request for a web page ??? like my weblog here at http://www.coldforged.org ??? and changing the request headers such that the request appears to be coming from some site.
The post offers up a number of reasons somebody might want to do this. But you have to be pretty damn near sociopathic for any of them to seem even remotely ethical or acceptable.
My journey to comment-referral enlightenment began early—around 5:30 a.m.—when I first got online to post something and instead of the control panel got a database connectivity error. A similar error came up when I tried to visit my website. Next I checked a WordPress blog I’d set up for my son. Same problem. I called Mike Vincenty, a most outstanding network and server guru who graciously drops everything to help me out whenever I come knocking. It took him a couple minutes to determine that all my database connections were open, preventing any other connections. It takes a prodigious amount of inbound traffic to open all those connections at the same time, and indeed there was one domain that was hammering the server. Mike traced it back to Belarus.
Next step: Call Jim, the guy who hosts my server. (I’m linking to these guys because they treat me very well and I’d like everyone to know there are two great resources out there, particularly for those of you in the Bay Area.) Jim blocked the offending IP address at the router. Yet it kept getting through along with a new one with the dubious domain, yourhealthypharmacy.com. Mike now was able to find that these attacks were aimed at one page of this blog. The referrer page is one that lists the domains that have visited the blog; this was the page these domains were constantly hitting. Armed with that information, I posted a message on the Expression Enginee support message board. Lisa, a technician I’ve worked with before, instantly posted links to information about how to keep comment-referrers out of the blog. It was the first time I’d heard the term.
Following instructions on the pMachine site, I installed a whitelist/blacklist module where I can list the offending IP addresses and domains to keep them away. I downloaded a starter list of known referral spammers and installed it. Mike, meanwhile, had blocked the domains from the webserver. He had to clean out several folders that had grown bloated with data, a result of the referral attack. (Mike’s email to me containing the domain names was titled “Blocking Spam Scum.”) Several database tables had to be repaired. It was 6:30 p.m. before order was restored.
Once again, I find myself awed and discouraged that the Net is inhabitated many people who don’t have any problem making a buck by disrupting my day (not to mention Mike’s and Jim’s) and costing about 12 hours of my time (not to mention Mike’s and Jim’s). In any case, until the next unexpected assault from the dark side of the Net, I appear to be back online.
11/23/05 | 3 Comments | Back online and pissed off