[development] My site is under attack (trackbacks, spam and cpu
usage).
Gabor Hojtsy
gabor at hojtsy.hu
Mon Sep 18 14:14:30 UTC 2006
On Mon, 18 Sep 2006, Augustin (Beginner) wrote:
> For the sake of the other web sites co-hosted on the same server, I'd like to
> drastically cut down on cpu usage.
> I'd like to add a directive at the top of .htaccess that ends straightaway any
> request to trackback/$nid (so that Drupal never gets bootstrapped).
>
> Would that work?
> What would I need to add to .htaccess?
We have some .htaccess directives at weblabor.hu to cut down on pointless
CPU usage. One is denying requests based on referers (which is trackback
related too).
SetEnvIfNoCase Referer ".*(casino).*" BadReferrer
SetEnvIfNoCase Referer ".*(pharmacy).*" BadReferrer
SetEnvIfNoCase Referer ".*(gambling).*" BadReferrer
SetEnvIfNoCase Referer ".*(poker).*" BadReferrer
SetEnvIfNoCase Referer ".*(pills).*" BadReferrer
deny from env=BadReferrer
Also if you would like to send a proper(!) "Gone" HTTP code to user agents
who try to request your previously available trackback URLs, you can do:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^trackback - [G]
This sends a "Gone" HTTP status to the requester. This is better then an
"Access denied" status, since you explictly state that the resource does
not exist anymore, and any reference to it should be removed. The actual
difference in meaning is only relevant for well-behaving bots, not the
spammers, but it is nice to accurately inform well-behaving bots about the
situation.
> I repeat that the spam.module is not an option: it would increase even further
> the cpu usage when I want to minimize it.
Do not even think about loading Drupal modules in these pointless cases.
The sooner you catch these requests the better.
Gabor
More information about the development
mailing list