Monday, October 4, 2004

War against the spammers

*** Nerd Alert ***
The following should be completely untelligable to fuzzies (non-techies).

Many of you were wondering why my web page was constantly down or really slow last month. I thought it was because people loved me so much that they had to reload my web page five times every second, all day, seven days a week. Actually, I thought it was all those videos I posted in the photo album that was causing my server to run out of memory.

It wasn't until I finally sat down and poured over my server logs did I realized that I was actually under a Denial of Service attack from spammers. For some reason, I became known to the spammers in September and received hundreds of thousands of bogus HTTP requests which took down my server and our internal house network as well. Basically, I was a victim of log/referral spamming where spammers were hitting my website with requests and spoofing the requested page and referring page, replacing legitimate ones with their own URL. All of this just to get a link on my web traffic statistics page which no one ever sees.

My first attempt to stop this was to write a script that would update my server's firewall to block all traffic from the worst offenders. I basically blacklisted the top 100 IP addresses that generated traffic to my site. This cut the traffic down significantly, but my server still crawled slowly and my home network had begun dropping packets everywhere, much to the chagrin of my roommates and I. Suspicious that the two problems were related, I decided it was do or die at this point. I had to completely fix the problem, or pay for professional web hosting.

Finally, I devised an interesting solution with the help of my most wonderful domain name host, www.noip.com. I changed my http port to port 81, blocked port 80 at my router firewall, redirected all web traffic from albertkuo.com to the url home.albertkuo.com:81. It worked like a charm! The second I hit the Save Settings button, my spam traffic dropped to zero and my home network started working at full speed again.

Anyways, I'm sure you all care very much about it, but at the time, I felt empowered having beat the spammers for a week or two hopefully.