RE: tlug: Apache "Surprise Feed"

["Shawn Gray" <shawn@example.com>]

>Actually, this may be more than credit stealing.  He may be 
>counting hits to your site as hits to his, and reporting them to 
>his advertisers.  (This just requires a simple rewrite of all the 
>URLs, easy with a Perl script.)  Check to see if you are getting 
>a lot of repeated hits from his site.

I'll check the logs when I get home to the server. He owns the offending box, and so there is no paid advertsing up or anything. He _is_ doing it just to make his site look better, though. Almost the same thing I guess.

>OTOH, if he's not borrowing your hits, you could just make 
>sure your site is boldly advertised every few lines in the BBS 
>;-)  And mention his little felony.  "I'm glad to see that 
>butt.head.or.jp likes my site so much that he uses it as if it 
>were his own!

I had thought of this, and actually did that when he (yes, same guy) did the same thing with another one of my pages a few months ago.

>Apache can do access blocking natively (have you RFTM'd 
>today?)

No, I've been at work all day. Only IIS manuals around here...
I'll look into it when I get home tonight. :-)

>But a quick alternative hack, if you own the Linux box running 
>the webserver, would involve an Apache running on a different 
>port and IPchains (OR whatever will replace them in 2.4).  I 
>like this because it means the beavis never gets near your real 
>home pages, ever, and you don't have to make potentially >buggy changes in your real configuration.

This sounds cool - mild revenge, plus I get to learn IPchains...

>Of course, if he's running as an ordinary user on a big ISP, I 
>don't know how you'd get an ID for him, either with IP chains 
>or native Apache config.  The problem is you probably don't 
>want to block other users on that system.

He does own the box, and I have no qualms about totally blocking all access from there - not that many users anyway. I know who the guy is and where he's coming from, just wanted to come up with a creative approach to it this time around.

>With ipchains, blocking access is easy:
>
># REJECT tells him he's been blocked, maybe he'll give up 
>#quicker
># DENY may make him think his network is fsck'ing, and it'll 
>#come back # later.
># The /24 gets all his neighbors, too :-P
># Remove the `--destination www.greycastle.com http' to 
>#block ALL access.
>ipchains -A input --source butt.head.or.jp/24 \
>                  --destination www.greycastle.com http -j 
>REJECT
>
>Redirection isn't much harder:
>
>ipchains -A input --source butt.head.or.jp/24 \
>                  --destination www.greycastle.com http -j 
>REDIRECT 666
>
>Now you set up your second Apache server on port 666, and 
>his ass is harassed.  You might even want to `nice 19' that 
>httpd ... or just add a 10 sec delay to the BBS script ;-)

This sounds more like what I had in mind. I don't know what a 'nice 19' is though.. Is that in TFM?

>It is obviously "bad attitude Thursday" in Tsukuba....

Hoo Yeah!

Thanks,
shawn


Shawn Gray
English/Japanese Translator
& Linux/Perl Gearhead
shawn@example.com

------------------------------------------------------------
Graycastle Intercultural Communications | http://www.graycastle.com
The Mecca Online MultiCultural Forum http://www.graycastle.com/mecca/


-----------------------------------------------------------------------
Next Meeting (w/ YLUG): June 16 (Fri) 19:00 Mizonoguchi Marui Family 12F
Next Technical Meeting: July 8 (Sat)  13:30 Topic: TBA
-----------------------------------------------------------------------
more info: http://www.tlug.gr.jp        Sponsor: Global Online Japan