Categories
Technology Weblogging

Unscheduled downtime

Recovered from the Wayback Machine.

The server hosting my domains has been under attack from the spammers, and ended up going down yesterday afternoon and today. Downtime wasn’t long – long enough to eliminate the problem; but I’m concerned this is the start of a persistent problem when I heard what caused the shutdowns: yesterday’s attack was a Movable Type comment spammer attack, and today’s problem was a copy of mt-blacklist that spiraled out of control.

Hosting Matters, my hosting company, was on the problem immediately, and solved it quickly – but there is only so much they can do. The problem is installations of Movable Type that are wide open, or only partially protected. And it seems like part of the problem could be inproper installations of mt-blacklist.

Those of you with Movable Type are going to have to put whatever measures you can into place, not only to protext yourself, but also to protect others on your servers. I imagine that if enough hosts run into this problem with Movable Type, they may restrict its use.

No, let’s be a bit stronger with this statement: they will start to restrict its use.

If you’re running Movable Type, you really need to upgrade to whatever installation is the most secure, and you’re going to have to install mt-blacklist for that installation. At this time, this is the only known comment spam application that seems to help with the problems. I believe that the most recent release of Movable Type is 3.0, a developer’s release; Jay Allen has put out an emergency release for this version.

However, I can’t recommend that people go to a developer’s release unless they’re comfortable working with a version of the software that is intended primarily for developers. Not unless Six Apart comes out with some form of official recommendation that Movable Type users go this route. I’ve sent an email to the folks there, telling them that I’m getting emails from folks asking help, and what course they should follow. When I hear back, I’ll post an update.

If the official word is to go to 3.0 and the emergency release of mt-blacklist, and you’re having problems with the upgrade or installation, I’ll volunteer to help those who need help, either with upgrading to 3.0, installing mt-blacklist, or both. I’ll also help Movable Type users to close down older comments – older comments are the ones being attacked–using direct SQL statements, as long as they’re willing to give me temporary database access. Knowing webloggers, I’m sure that others with experience with Movable Type will also offer their help.

In addition, those with the 2.6x installations that have followed these comment spam protection steps that I outlined long ago have said that they haven’t had comment spam problems since. I don’t know for sure if this is still true or not. If true, and you don’t want to go to 3.x, you might want to consider checking out these steps. Again, holler if you need help.

You might be thinking of jumping to WordPress right now just to escape the comment problem. I can understand your wanting to do this–the comment spam problem is out of control. However, if you’re happy with the tool and Six Apart and the only reason you would do this is comment moderation, you might want to hold on making a switch until you see what the 3.1 release has; then if you decide you want to make a move to WordPress, or Textpattern, or any other tools, and need help, holler.

Regardless, you can’t leave your Movable Type installations unprotected, with open comments. You’re going to get yourself kicked off your server.

As a note unrelated to Movable Type, email spammers have been running ‘dictionary listing’ spam attacks against my domain and others. What this means is that the spammers randomly generate names, attach these to domain addresses and send them out. If a name doesn’t bounce back from the email server as not belonging to a person, the spammers then know that they’ve most likely found a valid email address.

Hosting Matters is going through some extraordinary efforts to try and stop these attacks, and there is a chance that emails to me have been bounced, or will be bounced. If so, send me an email to my gmail account, listed in the sidebar, and I’ll see about getting you back in.

Update

Since Hosting Matters isn’t comfortable specifically saying that MT was the problem this week (because there were the spambots, too), and since the folks that asked for help haven’t said anything online, I do come across as alarmist.

Perhaps I am. I’ve been told that MT 3.1 should be out by month end of so. Since there is little outward indication of problems with MT other than this post, I withdraw my statements in this post.

Best of luck to the Movable Type users moving forward.