Dear assholes,

If you plan to take advantage of my blog to rank your shitty pharmacy webpage high on Google, take the following into consideration:

• if you hit my poor Pentium 150 with hundreds of stupid HTTP requests to my blog, at least do it a few at a time during the day. Your referral stats pointing to your pharmacy shit will still show up (in the case that the blog stats are public, and in my case they aren't), and you will not kill the box in about 15 minutes like you did 3 times in the last two days.
• if you kill my box, Google won't be able to do its fine job and we'll both lose.
• at least, point to an existing website.

Thanks for considering a symbiotic relationship in the future.

So the bastards did it again yesterday, and this time I had to drive to where the box is located and see what was going on in console. As expected, OOM killer fun, and by no means I could recover it, even after taking it off the network and trying to SysRQ it a bit.

It seems the spammers are trying to take advantage of referral stats now, and hit sites with tons of requests. Every request to /blog in this site means a not so cheap python process which takes quite some memory, which is a scarce resource in poor natura.oskuro.net. With just a few blog processes going on, the box starts swapping to its death.

I know, I should add limits to my Apache2 configuration, and possibly pyblosxom caches. For now, stopping spamd has helped a bit, as that process only was sucking ~35% of the memory.

I just realised this blog made its first year online quite recently, after my first stage at Advogato. I wish I had more time to think about interesting stuff to talk about, though. Sometimes, this feels like the Debian GNOME team's announcement board. :)

Yesterday I wasn't able to log into my home server from the office, and I assumed the load had skyrocketed again, as it happens every now and then. Timing was quite bad because I'm very busy in the evenings these days, but I went to my father's house to see what was going on, and when I got there I saw the server was mostly idling. WTF? Shortly after I noticed my local named wouldn't resolve barely anything, and I couldn't ssh out, as the connection would hang in the middle of the handshakes. I started looking at my 3com router configuration, seemed ok; rebooted the box, nothing changed; started cursing, which changed nothing either... until I realized it was probably a telco thing. I told my father "it'll probably be fixed automagically" and left the house.

When I came back from training, I managed to ssh in and quickly tested the downstream speed. As I suspected, the downtime was caused by Telefónica tweaking our stuff to upgrade the ADSL's of the area from 256/128 to 512/128. Uplink still sucks, but oh well, we got this for "free" (ie, we still pay way to much for crappy connections in Spain, but we're slowly getting what the rest of Europe seems to have).

Moreover, today the cable company finally opened up the street and installed their stuff to offer their service. 5 or 6 years late...

The big storms of the past days not only affected some trees and the cars below them. On Saturday I went to where my main server lives and discovered the primary hard drive had developed a new musical skill: every time the BIOS tried to access it it would reply with a funky loud sound I have never heard before (and no, it's not the usual high pitch sound of a drive when it's dying). After getting quite worried about those backups I never made, I managed to make it go quiet and boot again (that was just before I wrote the previous blog entry). I know I shouldn't be trusting that drive much more, but I have no time to look for a replacement right now. I hope there are no more big storms in some time...

Besides that, my main Debian computer just would not react to the power switch at all. I first thought the power supply was completely fucked, but a few minutes ago I managed to get it back to life after fiddling inside the box, randomly unplugging and plugging power cords back and forth.

In short, it seems my computers are not in their best shape ever. This reminds me (again) that I really need to look for a UPS for the two boxes. Any cheap recommendation that works well with GNU/Linux? And of course, this is the signal that I fucking need to make backups of my stuff!

Aww, Erinn, when I wrote about the storm the other day I didn't know that you were being evacuated due to Frances. I hope all is well!

If you ask for comments, make sure your comment system doesn't break. I hadn't noticed the permission problems after moving the cgi to /var. It's fixed now... sorry about that, folks.

In the meanwhile, Ross and I agreed on IRC that suffixes are bad, and I got rid of them entirely. He also told me about the py['defaultFlavour'] config option, which I hand't found, everything is ok now (well, except for the content_type vs. IE problem which I still need suggestions for).

Update: James pointed me at a nice post on blog URLs.

As I said in a previous post, I spent some time cleaning up my PyBlosxom flavour to make it XHTML 1.1 compliant. I also decided to start using my vanity domain a bit better, and moved the blog to the webserver's rootdir. In order to maintain backwards compatibility and not break a lot of links to my blog out there, I installed a Redirect rule so calls to the old dir look at the new dir, and that seems to work.

The main problem is now that I'm not too sure about how to solve the application/xhtml+xml problem with Internet Explorer. The mod_rewrite rules sjoerd and thom shared don't work too well for pyblosxom:

RewriteEngine On
RewriteCond %{HTTP_ACCEPT} !application/xhtml\+xml
RewriteCond %{REQUEST_URI} \.xhtml$
RewriteRule .* - "[T=text/html]"

It's easy to have URLs like /blog/2004/Jun/28, and if I understand correctly, the Redirect won't work with this type of URLs. I also don't know if it's possible to make "xhtml" the default flavour in pyblosxom, instead of "html". I'm actually not sure if the permalink for this entry "should" end up with .html, .xhtml, or no suffix at all. Suggestions welcome. :)

Today I saw 3 different persons go into #gnome, ask about the GNOME problems in Sarge, and being directed to my blog. This was enough to make me feel quite embarrased about the lack of css stylesheet (I removed the default pyblosxom style, and the new one wasn't working). So after a few hours and facing many problems, I have a prototype, which still needs polishing, but works for now. I have updated the pyblosxom flavour to XHTML 1.1 Strict, which is a bit painful in some aspects, but works ok on Mozilla-based browsers. The biggest problem is that it requires a sane content-type, application/xhtml+xml, but IE doesn't know about this type at all. Sjoerd gave me some Apache Rewrite magic, but I didn't manage to get it working. I'll see if he knows what's up with Apache2 tomorrow.

This afternoon I spent some time upgrading pyblosxom to version 1.0.0.

I had been using the Debian package, which had 0.8.1... in experimental... the package in unstable is still at 0.7.x. I obviously grabbed the tarball and installed it in /usr/local. After the upgrade, it seems the rss generator has become a lot more picky, and would choke in the dozen HTML small errors that I had all over my blog posts. Omnic noticed my posts were empty in Planet Debian just as I was closing terminals in preparation for heading to bed. It should be ok now.

I'll probably start writing a new style sheet for the entire web tomorrow, and think about moving the whole blog to the topdir of my webserver, as I really have no other uses for it.

Thanks to all the people who replied to my previous post on blog spam. It's obviously not new, and it seems MT users have been hit quite badly by this. I guess removing links from comments is the first, quick step, but some kind of URL filter for the comment module in pyblosxom would be handy. Has anyone hacked something similar?

Just an extension that lets you create a blacklist of URLs would be a start, as the spammer URLS are always the same. They do know about some anti-anti-spam techniques though, and for example write "online casino" as "online-casino", so to read links they should be rendered first.

The other day I found one comment in one of my blog's posts which sounded weird. It said "HI, Wow.. this is a very informative website! I enjoy your site very much! Keep up the good work!" or similar. The author name linked to what looked like a pretty boring personal website. Yesterday I discovered most of my blog posts have one or more of these messages. What the fuck, they are spamming me through my blog! They basically write random nonsense like that, and add a link to an online-casino or whatever in the link you can leave as signature in pyblosxom.

Has anyone else had problems like this in their blogs? If it continues, it'll be easy to fix: I will just remove the comments module from my install and be done with it. Thanks to those who post useful stuff every now and then, though. It's nice to read replies to some of my posts.