Crude, But Effective

Yesterday birdhouse once again had all server CPU cycles consumed for a while by a comment spam blitzkrieg. A dozen customers with MT installations, some of them very high-profile, all getting hit by 100 or more simultaneous CGI requests, all of which are trying to do database lookups to check for moderation or spamminess status… resource madness. Now looking into apache-level protections against this kind of mass marketing denial-of-service attack, but meanwhile, I decided it was time to implement something I’ve been threatening to do for a while — hacked out a little shell script that stores paths to files commonly hit by the comment and trackback spambots. When run, it renames those files out from under the bots. When the flood is over, run it in reverse and it names them back. Yes, this means that legit comments and trackbacks are also disabled during that period, but at least the server stays responsive. When the spambots’ requests return 404s, they shoot their wads quickly and go away. Related discussion in the MT forums.