While moving to new hardware, I was suffering spambugs attacks. Which did not really help. Everything is now back to normal again though and hopefully will stay that way.
It all started with Roller (the weblogger software this blog runs on) offering this neat referrer list in the site menu. Since most bloggers are vain, including yours truly, it is nice to see the list of urls where visitors came from.
Yeah, right. Stupid me.
Turns out that not-so-honorable non-member of the community use such referrer lists to generate links onto their site. Which brings them up in google search and advertising fame. Roller has a feature to enter links to ignore and i used that in the beginning, but this week the server was hit by some serious spamming software and I turned the feature off.
Bots that they are, they continued hammering our little server with tons of fake referrers and - worst of all - the spambots software has bugs! It started sending in garbage request uris which our apache/ajp/tomcat setup did not like very much. Tomcat/Roller started eating up memory to the max and taking 100% cpu, but was not sending responses back. That did not feel very good in my stomach.
Finally it all settled down again after I told our firewall to send packets from certain addresses into nirvana. But do I feel safe now? Far from that! What would make me feel better? Well:
- A blog server that generates static files to be served by apache. All template driven layout and archive and views things done and updated right on publishing time when new articles are added or old ones are changed. While serving the public, the blog software itself is not involved. Only Apache.
- All really dynamic stuff to be included by links from something outside the blog hierarchy. Like the inclusions from flickr, last.fm or even youTube work. No plugin chains of extensions inside the blog server.
- A blog management/configuration UI that works like the one in TWiki. You just edit pages. One page lists people who manage a blog. One page lists the blogs. One page per blog lists the categories.
- Atom API behind SSL would be fine.