[wp-hackers] SOS (Formerly 'Referrer Spam')

[Amit Gupta]

Roy Schestowitz <r at schestowitz.com> wrote:
|  Getting back on topic, the scale of the attacks is beginning to 
become scary,
|  not just worrying. As I said at the start, it continues to grow by 
the day
|  (nearing 2 weeks now) and it's reaching the point where I get tens of
|  thousands
|  of page requests from a variety of UIP's. This still gets worse by 
the
|  hour and
|  I am running out of bandwidth (although I re-directed to reduce it), 
not to
|  mention the speed penalty that the shared server is susceptible to.
|
|  These attacks can wind up costing hundreds of pounds, not to mention
|  the time I
|  spend/t trying to stop them. I have no root access to the Web server. 
Any
|  suggestions? I would rather not tell the hosts and ignite some sort 
of
|  reputation of a trouble-maker

I think it would be wise to block the offending IPs for some time(using
.htaccess). If they similar, then block their entire C class block. I 
had an
attack of this kind sometime back & blocked 2-3 C class blocks that were
the repeat offenders for sometime. this might loose out on some
legitimate traffic but its worth it in my opinion.

also, if your host is not an idiot, they wouldn't label you as a trouble 
maker
if you go to them with this problem. it would be wise as well to let 
them
know of the problem, as they are better equipped to handle the situation
than you are, as they too don't want someone sniping away at their
server, possibly a DoS attack!! :)

------------
Amit Gupta
http://igeek.info/  ||  http://blog.igeek.info/
http://blog.igeek.info/wp-plugins/igsyntax-hiliter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://comox.textdrive.com/pipermail/wp-hackers/attachments/20051012/42476ea3/attachment.htm