i L i n d

Ian Lind • Online daily from Kaaawa, Hawaii

i L i n d header image 2



“Account suspended?” Wha’ happen?

February 25th, 2014 · 5 Comments

If you happened to check in here early this morning, you likely got the same rude surprise that I was greeted with: “Account suspended”

Meltdown

I immediately sent off an urgent message to my hosting service, Hostrocket.com.

This is part of the reply I received explaining the problem.

It looks like your service was suspended at around 10:20 am EST due to a large number of unclosed mysql connections which were causing server instability. Checking server usage, your account was found to have used 24.71% of the server’s CPU time.

Looking into the matter, it looks like the majority of the issue is being caused by spam comments on your WordPress installation. Please secure your comments by either requiring users to register before commenting, adding some form of captcha, or disabling comments altogether.

So spammers managed to essentially crash the site, despite having two different anti-spam plug-ins installed.

Obviously, shutting off comments isn’t an option. And I’m not anxious to cut off anonymous comments because they do often make very useful contributions to the discussion.

For now, I’ve switched to a different anti-spam plug-in. and will consider a captcha plug-in as well, although that will make you work a bit when submitting your comments.

And now I’ll have to spend some time going through site logs to see if I can identify where some of this spam is coming from and block those sites directly.

If any of you more tech-savvy readers have suggestions, I would certainly appreciate hearing them.

In any case, welcome to this wild ride!

Tags: Blogs · Computers

5 responses so far ↓

  • 1 DanMollway // Feb 25, 2014 at 9:35 am

    Ian, I am sorry to hear of the problems with your site. Along those lines, I wanted to let you know that on February 21 I wrote a comment (that never made it) for your blog post about lobbyists hosting campaign fundraisers. I discussed some other things I have heard that lobbyists do that don’t seem to have gotten much public attention. I also mentioned some old and new good books on the subject, from Brooks Jackson’s “Honest Graft” around 1990, to Harvard Law professor Lawrence Lessig’s recent book, “Republic, Lost: How Money Corrupts Congress—and a Plan to Stop It”.

    When I hit the “Submit” button on February 21, I got an error page mentioning the lack of Javascript and something else, and my comment was not sent. When I tried to look for a way to fix the problem by moving away from your site, my comment was unfortunately deleted. I did not have time to re-do it, or even let you know of the problem.

    I did fuss around, and decided I should write comments in a separate document, such as those created by Word, and then cut and paste them to your comment box. In this way, I would have a copy of my comment even if deleted. A test of this did work, though I was just experimenting with some old stuff, and thus did not send a comment. Again, I was short on time. Anyway, now you know of this.

    As to spamming, I am hardly an authority on servers, etc., but am wondering if there is a correlation between the number of hits your blog posts get—which is posted on your blog posts and updated continuously, and the amount of supposed spam. I assume there are many ways to crash a site, but am curious, if spam comments were sent to your site, and if these can be counted and compared with views of your blog. You mention in your blog post today that you are able to research possible spam comments. Anyway, I don’t know if my problem is related, but thought I would mention it now. I have never had in the past any problems submitting comments to your blog. Thanks.

  • 2 Constantinos S. Papacostas // Feb 25, 2014 at 2:09 pm

    Ian,

    I understand your frustration, but, to give you a warning, it may not be possible to selectively block individuals from your site. Several years ago when we served the city’s traffic camera images as a community service, we’d get visits from people who were stealing our feeds to enhance their own sites. As soon as we blocked their access, they generated a new alias that we could not identify, and the cat-and-mouse game led to more frustration!

    Sorry!

  • 3 Ian Lind // Feb 25, 2014 at 4:45 pm

    The problem here are the automated spam robots, as I understand it. There aren’t enough human spammers sending individual comments to weigh down a server in this fashion.

  • 4 Constantinos S. Papacostas // Feb 25, 2014 at 8:08 pm

    I understand, but it is relatively easy, I think, to program the robot to generate new aliases. In our case, their program would visit every few seconds to capture updated traffic camera images. It wasn’t an individual spammer. If you can block yours though, it would be great because the CAPTCHA approach may not work with android smartphones and other devices.

  • 5 C // Feb 26, 2014 at 12:22 am

    Sorry to hear about the spam bots. Is there any chance there was some sort of cross-pollination with the recent Mac SSL issues? BTW your captcha is quite legible. Thanks.

Leave a Comment

*

Current ye@r *