Spam DoS

Hi Guys,

My Typo blog has been so heavily spammed of late that my hosting
provider took it off the air. I only convinced them to reinstate it
after getting them to block the IP address ranges that were
responsible for the bulk of the spam.

The problem was excessive CPU and database usage. I have a shared
hosting plan and it was, according to the hosting provider, “creating
a 30-50% spike in CPU usage for a period of 10-40 seconds”.

So even though i had the Akismet spam detection active, and it was
quite effective at marking incoming comments as suspected spam, it
was the database hit that killed me.

Some questions:

  1. Does the RBL prevent the comment from going into the database in
    the first place? If the incoming spam were blocked by the RBL, would
    it have been an effective alternative to blocking the incoming
    connections with Apache configuration (which I don’t have control over)?

  2. Does it make sense to contribute the spammer’s IP addresses back
    to an RBL? If so, how could this be done?

  3. Can I do anything to help speed up the redevelopment of spam
    protection measures? I’m on double-secret probation with the hosting
    provider, and need to get some better protection in place (the IP
    block isn’t going to hold them for long, dammit).

  4. I thought I read somewhere (perhaps on this list) where someone
    had done an analysis of the amount of database traffic that resulted
    from a single comment, and that it was currently way too high. Does
    anyone else recall this? Is there any point analyzing this further?


This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs