This post originated from an RSS feed registered with Java Buzz by Mike Shoemaker. Original Post: Shotty uptime for the past week Feed Title: Unruly Rambling (java category) Feed URL: http://www.shoesobjects.com/blog/feed.xml?flavor=rss20&category=java Feed Description: My thoughts on software, technology, and life in general Latest Java Buzz Posts Latest Java Buzz Posts by Mike Shoemaker Latest Posts From Unruly Rambling (java category)

For the past week, I've noticed that my site was going down every couple hours and I'd have to restart JBoss in order to get it to come back. Being in busy mode all week, I didn't have time to figure out why. Yesterday, I spent 10 minutes digging around in my logs to find out that some asshat(borrowed from Hani) was hitting my server every couple milliseconds requesting my blog as an attempt to infect me with tons of referral spam. My poor server was crashing with out of memory errors at a record pace and it was getting worse and worse by the minute. His calls were coming in from 2 distinct IP Addresses (217.23.176.2 , 217.23.177.249), both of which originate in Russia. To get around this, I configured iptables to DROP packets from these addresses. All is fine since. The thing that concerns me is that this is quite the reactive approach and could start again at any moment. Thanks to the free service provided by SiteUptime, I get a text message sent to my cell phone when my site goes down. This will help a bit. What I'd like to do is write some sort of script to learn what ip addresses might be doing this, add their ip on the fly and restart iptables. If this becomes a problem, I'll look into this more.

So the moral of the story is that if you are pathetic enough to inject referral spam, I hope you die a long painful death in the dungeons of hell. In the meantime, I will ignore you with the help of iptables.