My esteemed friend Dr. Rich Boakes has noticed some odd behaviour in his Apache logs that turned out to be people abusing his OpenID server to make page requests to remote sites, presumably as a way of increasing clicks. He raises an interesting point as to whether this makes OpenID servers potential DDoS amplifiers (I suspect he’s right).
I read on PLOA that Michael Carden briefly tried to open his blog for comments, only to find:
The WordPress UI balked at deleting 194,000 (okay, I ignored it for a while) comment spams. I had to dig in as admin and run a fun sql query on the database to delete all 47 meg of them.
I guess I’ve got a couple of suggestions for Michael to make his life a little easier should he decide to try again.
- Akismet has an option to “
Automatically discard spam comments older than a month“, that might help (though it’d be nice to be able to adjust the time).
- Run, do not walk, to Rich Boakes most excellent Worst Offenders plugin. This will both group comments for deletion based on various criteria but also (if you have permission) add Apache “
Deny From” rules for the offending IP addresses. It’s also worth bumping the number of IP addresses it can ban up, Donna’s blog is up to over 8,000 at the moment!
- There are also tools like Bad Behaviour to try and catch bots before they get to you and if you are a member of Project Honeypot then there is the http:BL WordPress Plugin to check and block IP’s listed as baddies there.
Anyway, I hope that helps some people out.
This is a type of information attack where the attacker is attempting to bury an unfavourable article in search results through posting a large number of other articles that contain the keywords that they wish to obfuscate.
My good friend Rich Boakes has blogged a powerful story about a man in Suffolk who is selling gallows to foreign states for a cool 12,000 GBP a pop – including such pillars of human rights as Zimbabwe.
Too many crims needing to be dealt with ? Well he can help you out, as the BBC says:
The execution equipment he says he sells ranges from single gallows, at about Â£12,000 each, to “Multi-hanging Execution Systems” mounted on lorry trailers, costing about Â£100,000.
As Rich puts it so succinctly:
This month Mr. Lucas is going to make a killing. Next month killing will continue, but Mr. Lucas will just have his regular customers; if they still want to do business with him.
Rich’s article has the details if, like me, you’d like to avoid doing any business with Mr David Lucas (below).
Figured out that if you replace:
$m = new MostWanted();
It gets rid of the annoying PHP-5 error:
Fatal error: Non-static method MostWanted::mostwanted() cannot be called statically in [...]
The only downside is that for me it lists the top-5 twice, for some reason. Oh, that and when I left a comment with the fix for Rich I managed to miss the leading $ in the second line (which is present above).
NB: I’m using this as the widget version, caveat emptor.
A bit of patching, tweaking and general getting confused later it’s up and running in my widget sidebar – nice one folks!
Looks like Rich decided to blow the gaff early on his little global conspiracy that I joined in on some time ago (and finally came up with a plausible fake story for last night to see if we’d catch anyone down under). 🙂
I’ve got to admit that I recognised it as a tailing pool after a recent trip up to Gladstone and seeing the real things at close hand…
[April Fool! – Yes, I am part of the global conspiracy.. 🙂]
Here’s an interesting coincidence, was talking to a person I know interstate who told me that a friend at Apple had let the cat out of the bag by mentioning that they were planning a big PR stunt for their 30th anniversary in conjunction with Google, but shut up as soon as he’d realised he’d said too much.
Now that’s a cool stunt…
[Update: MIT’s Advertising Lab have picked up on this as well]