Sunday, December 11, 2016


Deny From

So a couple of years ago, I decide to register denyfrom.com. I’m not actually linking to it, because I never really developed it, and at this time I intend to let it expire when its time is up on February 11th. Nevertheless, I rather liked the premise, so I’m going to add a “Deny From” category to Flush Twice. Since most of what I’m going to publish is a lot of shitty CIDR blocks that need a second flush to get’em down the drain, it should fit in nicely.

So what is this premise?

It’s about unwanted crawlers and bots on the internet. You see, in the old days, most of the botnets were individual’s infected PC’s. While some of them still are, the current trend is to use compromised hosting accounts. So basically server farms. There also seem to be certain rogue countries (Notably China/Ukraine/Russia) that also mercilessly hammer websites with their spambots.

The good news is that these hackers/bots are easy to identify. You just look at your visitor logs, and when you see an IP address trying to do things on your site that a typical person could not even imagine doing, cross reference that address with an IP address information site to see if it was coming from a rogue nation, or a hacked webhost. Then you collect all the associated CIDR’s and run them through an optimizer before dumping them into your .htaccess file’s “deny from” list.

The goal is to achieve a reduction in unwanted hacking attempts and improved analytics. Once you block all the bots, then the rest of your visitors are the actual humans you built the site for in the first place.

Of course not everyone wants to go through the trouble of looking through their visitor logs, so I’m going to post my “deny from” lists here. People can simply copy and paste them into their own .htaccess files, or leave comments on the merits of denying all the IP addresses I keep adding to the file. (People leaving comments? Ha! Like that is ever going to happen.)

Some groups really hate this idea and feel that bots should be free to roam, rape and pillage every WordPress blog with endless login attempts, referral spams, comment spams, exploit seeking, and content scraping activities. To them, blocking these IP addresses seriously impairs their ability to piss on someone else’s parade in hopes that maybe they can compromise other people’s sites and use them to bolster their clients’ analytics, or maybe get you to buy their security product.

Why are you bringing this shit here?

Because I can.

No seriously. I thought about doing it before, but I didn’t because I couldn’t figure out how to keep it separate from the main attraction: The jokes and comics! But in case you haven’t noticed, you don’t see these side posts in the main blog. I’ve solved that problem, and if all you want to see are the jokes, and maybe the comics, then that’s all you have to see.

At the end of the day, it just means another menu option under a new category, and that way I don’t have to be bothered with running yet another entirely separate site to express a sub-genre of my many neuroses.


Besides, it didn’t feel right to put it on GoldenSoapBox.com, which is a site that I also maintain. GSB is already exceedingly boring. But it has a really good tomato soup recipe. Be sure to visit it if you like recipes, Linux, and more of my little side rants. The deviled eggs are simply to die for!

Pax,

-f2x

Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *