We’ve all had to deal with the spam bots at one time or another. It’s such fun to sit and delete comment after comment. Then after getting the site all clean and pretty, bam! there’s another one. So what do we do….start installing anti-spam programs and signing up for anti-spam services. Then along comes the email harvesters, hackers, code injector bots, copiers, scrapers and the dickweeds who like to hotlink 2/3 of your site.
Oh… lets not forget the Granddaddy of them all…. the DOS (Denial Of Service) attacks. Until recently, I haven’t been able to find a service that can stop a DOS attack without us even knowing about it. At least one that the average Joe can afford. And definitely not a free one.
Have you ever noticed that every tracker, hit/page counter and the such always require you to put a small piece of code somewhere on your page? Have you also noticed no matter how “in depth” the reports are, they never show traffic from the bad bots? Yet you know they’re hitting your site!
Well…. I hate to tell you this, but any script or service that requires that bit of code, cannot track or even see the bad bots. This is because the bad guys do not use a normal browser that displays images or java or even css. The bots only “read” the source code of a page. So your bit of code is never executed, and thus the hit isn’t seen or logged.
Wow! I think a few light bulbs just went on! Lets see if we can turn on a few more.
Keep in mind I’m trying to keep this post very non techie. or just plain simple. ;)
So basically, the bots are remaining hidden while using up bandwidth. Jerks!
Now what do we do to stop them? How about grabbing their IP address, comparing it to a list of bad guys and if it’s comes back as bad, block the buggers!
That is what a lot of scripts do. But! Here’s the problem. A single bot will hit 3 to 10 times a second. Yes I said a “second”. So for every hit, a request is sent to check the IP for good or bad. That single bot has now cost you 9 to 30 hits in a single second. Not to mention the increased processor load of the server.
In order to combat this hammer effect, programmers will use a temporary cache to lighten the load on the server. So on the first hit the IP address is sent full cycle and on the way back through the “it’s good or it’s bad” info is stored in the cache for X amount of time. Then every subsequent hit from that same bad bot will cause the script to look at the cached info for an answer.
Simple, right? There’s alot more to it than that…. but I said I’d keep it simple!
Anyway, for a long time this has been the normal way to stop the bad guys. But this method has that one tiny, okay it’s a freaking HUGE flaw.
Can you see the flaw in this method of stopping the bad guys? Oh…can’t see the forest for the trees? Well, I’ll give you a hint.
The bad guys are BANGING ON YOUR DOOR! They made it to your site and are now using your bandwidth. They may not get in, but they’re costing you money!! They’re knocking the paint off the door!
Yep! The bulbs are lighting up now. Shall we go for a Super Nova? What the hell, lets do it!
What if we could stop the bad guys BEFORE they could make it to our web sites? That would mean we wouldn’t have to run and maintain all the anti-spam, hacking, scraping etc. scripts or subscribe to extra services (that still use our bandwidth). And might even see roughly a 50% savings in bandwidth! No Joke! And that was on a little test site I use for the beta testing.
Unfortunately, I’m not allowed to tell you who these folks are or how the system works, at least not yet. The end of September is the planed public opening. But I can tell you this much. These folks are putting a world of hurt on the bad guys! In a VERY BIG way.
Now before you jump on the “just another marketing ploy” bandwagon. The services these folks offer has 2 levels. Free and Paid. But let me tell you, the free package has more protection than 80% of the web sites out here need! So for folks like you and me… Free is the way to go! :)
Really, only large corporate sites would require the paid version. Just to give you an idea, these folks have thousands of servers/resources world wide. ahh.. yea, they’ll make the big dogs go sit on the porch.
So get ready for the next generation of protection and a truly safer world wide web!
The end of September (so far so good)!
The very first comment this little blog received…yep! A feeler post by a spam bot. Akismet missed it. And no, this site isn’t protected by our new friends, yet. ;)