Archives by Month

Support this Site!

You may have noticed that there's very little third-party advertising on this site. I'd like to keep it that way. Here's how you can help:

  • Buy my books. They're available at great prices on Amazon.com.
  • Check out my training videos on Lynda.com. It's a great source for "all you can eat" training.
  • Donate a few dollars. It'll help cover my hosting costs and give you a chance to tell me what you want to see covered here.
  • Comment on blog posts. You can help get a discussion going that can benefit others, making the site more valuable for everyone.
«  
  »

Spam Attacks Prompt PHP Update

By Maria Langer | Posted July 11th, 2006

I update PHP to version 5.1.4 on my server in an effort to prevent spam attacks.

This site, and a bunch of others I run, are hosted on my own little Mac OS X 10.4 server. Mac OS X Server comes with PHP built in. But it’s PHP 4 — an older release. The problem with this version is that it didn’t support the captcha module of my comment spam prevention program, Spam Karma 2.

This wasn’t a big deal until the spammer from hell came into the picture. This spammer was somehow able to create messages that my spam prevention software couldn’t stop. And the spam was coming in, on one of my sites, at the rate of about two dozen messages per attack.

At first, the spam was related to credit cards for students. But when it switched to advertising sex and porn sites, I knew I had to do something to stop it.

So I tracked down and downloaded a PHP 5 installer for Mac OS X. I read the documentation onscreen, then printed it and read it two more times. I knew that if I screwed up, my blogs and possibly my other sites, would go offline. Then I waited until I had a lot of free time, crossed my fingers, sprinkled holy water over my server’s keyboard, and ran the installer. It installed the software and confirmed that it had done the job. I clicked the Close button, rather surprised that I didn’t need a restart.

From my other computer, I tried to access one of my blogs. The page came up blank with the word “Done” in the status bar at the bottom of the Firefox window.

Not a good sign.

I restarted the server and tried loading another blog. I got the same results.

A normal person who hadn’t learned a valuable lesson about backups might start getting stressed around now. But since my catastrophic hard disk failure in January, I’ve kept a mirror backup of my server on a portable hard disk. So I wasn’t about to freak out — yet. I had a backup and could restore the server to it’s pre-PHP Update condition. I could even run the server off the backup hard disk if I needed to. But I didn’t want to go there if I didn’t have to.

So I fired up Server Admin, the software that comes with Mac OS X server to administer the server and its components. I noticed immediately that the Web component was disabled. I attempted to enable it and got an error message. Hmm. I was getting closer to identifying the problem.

I poked around a bit and eventually clicked the Modules button for the Web server. I scrolled through all of the modules and noticed that the PHP 4 module was still enabled. I clicked off its check box and saved my changes. Then I tried loading one of my blogs. It loaded right up.

Problem solved?

I didn’t believe it, so I tried a bunch of pages on a bunch of blogs. Everything seemed to work.

Whew!

I then went into Spam Karma’s configuration page and saw that I could enable the captcha module. So I did. And I saved those changes, too.

Now we’ll see how the spammer from hell does with all my spam protection tools enabled.

Wish me luck.

spam, php, MacOSX, server, WordPress

WordPress
,

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>