Major Server Cleaning and Securing
I don't know about you, but I hate getting a crapload of comment spam and referral spam. I've been able to block much of the former with MT-Blacklist, but the referral log spam is getting out of control and clogging up my AWStats results with a pile of useless links. So when I saw this post that linked to a script that used the blacklist to eliminate referral spam, I was intrigued. After reading some of the comments on the entry, I found this AWStats patch that will also remove them from the AWStats calculations.
Then looking through my flagged entries in my RSS reader, I noticed this mod_security post on Movalog which reminded me about some discussions that were happening on the MT Pronet mailing list regarding using mod_security to block even more at the server level (more info on mod_security here). So after looking through a ProNet entry about mod_security, I came across this introduction to mod_security. Once I found out how to get mod_security installed in cPanel/WHM (and where the configuration files were), I set upon implementing this mod_security hack that will import the information from the master blacklist file and create rules for use with mod_security.
I'm just about through all the hacks and tweaks above, and so far I haven't blown anything up (learning a lot on this type of stuff in the process). Hopefully this will keep some of the other sites on this server from getting a pile of referral spam as well. If you do notice the site being down at all today, just try again in a few minutes, as I'm probably restarting Apache.
Random cPanel Link Dump from UtterlyBoring.com on 06/24/07 @ 11:36 PM:
As I've mentioned before, I use cPanel on my Web server. I've posted links before for using clamavmodule in Mailscanner, completely removing boxtrapper, among a few other things. So here... (Read More)