Architect's Rants

I believe I have found one very BIG solution to server usage, well in fact four. One of the reasons I have been troubled over server usage was because I thought it was all the scripts I had, but it's not that... it's spam bots! If you have been tweaking your my.cnf and your php.ini and your httpd.conf hoping to get server performance only to see that you need to keep restarting your server then here may be the secret solution you have been looking for:

1. Stop spam bots from taking up your bandwidth. You can do this through a .htaccess block on certain domains / IPs. You can also set up security checks to ensure that these bots that may be running scripts and injections are not constantly attempting to post rubbish on your sites. You will be amazed that spam bots may actually be 80-90% of the 'guests' that you see in [Who's Online] within your Forum.

2. Stop lower search engine bots from checking out every single link. You can block those through the same method in #1. Really you only need the major search engines to pass through your turf, not the whole crowd.

3. Make sure you default pages are fast loading. In other words when someone cannot find anything or the spam bots are caught then make sure to lead them to a fast page, not a page that loads intense amounts of scripts. I think this is key for people that administer communities as sometimes the default pages of these communities lead them to lots of queries.

4. Make sure your interactive scripts and databases are at optimal performance. Of course I can dedicate an entire page or several pages to that, but that is another issue. I would dare say that numbers 1,2, and 3 are the most critical since no one creates a script or database to fail, generally everyone writes good code and it can just be tweaked afterwards.

Of recent I have been taking extra measures to secure the network. I have found that using a central script that can be updated is just one of the best ways to cover exploits. You can make an include in your regular scripts to call the centralized code before your script starts executing commands, this way checks are made first. Of course logging events is critical. Some other things to consider:

1. Do not allow the user to see PHP or MySQL error messages. You can change that setting in the php.ini file.
2. Ensure that you learn how interactive scripts work and their vulnerabilities.
3. Stay up to date with your script's patches. If you are using a script published by someone else then check regularly to see if any security issues have come up.
3. Measure and review activity. Are attacks or spammers coming from a certain place, a certain country?

The best way to think is... if I wanted to escape this, by pass that, then what I do? Once you answer that then you will know where you need to secure.

For the past few days I have been working night and day to try and control CPU usage on the server. It has been slowing down things a lot. At first I thought it was the main Community, so I took out many of the querries for reminder services, raffel and extra things Members rarely use. I will bring reminders back, but not globally, only on certain pages. Nevertheless this did not cure the problem, so after making many checks, tweaking my.cnf and httpd.conf and still coming up empty handed I decided to do something unconventional... allow spam bots to do their thing so I could see where the activity was had. Before I blocked spam bots, but blocking them from forms does not do much if they are still attempting to post, so I instead looked up IPs, host names and created a .htaccess file to cover it.

The other problem was some of our huge databases, not really the databases themselves, but the fact that with a harvest bot checking a database out several thousand times is going to cause problems. We still have another DB that is large and I am monitoring it... if things get out of hand I will make it a login feature for members only. I would like to thank everyone for their patience.

True debate is hard to find these days. Often I see a heated Topic end in one of three ways:

1. Direct insults from one side or both
2. Breaking policy to satisfy position
3. Silence from one side

What is a Discussion Forum for if people do not give a position and their sources for that position. What is Discussion if you do not bring up a unique or controversial idea and then defend it? Nothing more boring than Discussion where everyone says, "I agree", "I think the same way too"... already I'm falling to sleep. Disagree, share how you feel, let others know that you are not a robot!

Recently, I went on a few other Communities that are not part of my network. I need to get some critical information. These Forums are managed by what I would refer to as wannabe businessmen and in other cases time killers. I say that because you join, ask for some information in plain English and then get every possible answer except what you are asking for. What is more is they get angry because they do not understand what you are asking, and try to make you look like a fool. I have found that people online, especially those who are Moderating Communities these days are just immature teenagers with such a limited understanding of life that their communication skills are very poor. What is more is the Discussion is so basic that you would have to wade through one thousand smilies before you could get to meat of anything. To help them feel better about what they are saying in a Discussion teens will often band together making post after post to defend one of their 'own' regardless to how stupid he looks. Such places help me to appreciate InternationalDiscussions.com.

Seeing The Fun or Just A Pessimist

In my experience in running many Communities over the years I have found there are mainly two kinds of people that communicate on a daily basis. The first one is the 'happy to be here' kind of member that will participate in good Discussion without much thought for the personal dislikes he may have about anything within the online environment. This kind of poster understands that you cannot cater for everyone, and adapts to what is available understanding that everything is free anyway. They may even contribute to the Community after seeing what is involved. Quite exploration of the offerings is why they are appreciative.

» Read More

I'm a web architect. The known term is web designer. I have many online web sites that I refer to as a network. Running an online network is like running a home. You have to do clean up, see about the members of your family and get the needed items to keep your home running. When you have 200 homes and hundreds of members in your family then you begin to see the task at hand.

» Read More

Its been a long time since I worked with the Blogs under this domain. I decided to switch from LifeType (too complexed) to something more simple and efficient: Nucleus.