The wiki is back!

Well, the attacks seem to have stopped, so the wiki is back up... for the time being, at least. If the attacks start up again, well, then we'll post a notice here.

For those of you not in the know, it's at http://badgeometry.com/wiki.

Enjoy!

I've missed it so. *sheds a tear*

woot!

{{{Wiki}}}
{{{Catherine Omega}}}

Wow, did someone leak out the latest enhancements to the syntax of LSL?

And it's down again! Same errors as last time:

mysql connections overloaded.

dunno if this is the same problem as before.

Yep, been fighting this for about 2 hours this morning, on and off.

Well, guess I spoke too soon. I'm actually having trouble even getting into our backend right now. Whoops. In any event, I'm told that our long-term hosting plan is almost ready, so this downtime shouldn't be much longer.

Please continue to bear with us over the next few days, and thanks for all the offers to host a mirror. It's not necessary though.

Any backups out there?

ok so my host suspended the account, amusingly enough, after i got it under control. go figure. Anyways, once they unsuspend it(since i can;t override the root user), it will be back in the disabled directory.

if they haven;t gotten back to me in 30 minutes, i will set up the most recent backup at a temporary location.

sorry about this.

thank you wiki people.

Thanks for your efforts--

Next time it's up I'm burning the whole dang thing to a CD, if y'all don't mind.

It's down again after another round of attacks. Here's the message you get when you try to go to badgeometry.com:Isn't that just horrible? I'm dependent enough on LSL Wiki that this really hurts. Good luck to you all.

To compensate, I'm using: http://www.sluniverse.com/lsl.html

I supplement this with Google searches for '"lsl wiki" keyword'. I then look at pages of the LSL Wiki in the Google cache.

(Edit: I just noticed that this was mentioned above. Oopsie! )

~Ulrika~

Edited for clue.

Can't you ban by domain name? If it's showing up as one porn site with a rotating IP, banning by the domain name would get rid of all of it, right?

Also, is it just one of the four octets in the IP address that is changing? (i.e. 145.64.55.*, where * is any number from 1 to 255?) If so, just ban the entire range. It's just 255 IP address, and they probably all belong to the robot.

(Dunno for sure, I've not worked with website stuff before.)

you can ban by ip, however, it isn;t just a single field, it is all four fields. and i haven;t found a way to ban by domain yet.

If it is the kind of IP range I described (with only the last octet changing) have you tried either not filling in the fourth box, or putting an * in it instead of a number?

I find it hard to believe your hosting software would not provide the ability to ban IP ranges.

it isn't the kind of range that you are talking about.

ok, so i set it up temporarily here.

I just queried the webserver on the commandline:

HEAD / HTTP/1.0

HTTP/1.1 200 OK
Date: Tue, 02 Nov 2004 20:11:35 GMT
Server: Apache/1.3.33 (Unix) mod_gzip/1.3.26.1a mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.3.9 FrontPage/5.0.2.2634a mod_ssl/2.8.22 OpenSSL/0.9.7a

So it's running Apache (as one would expect bright people to do!), and Apache has no trouble at all barring any number of IP addresses, without or without proper reverse domain names.

It might be simpler though to just temporarily disallow access from any IP address not having a valid reverse DNS entry. I'm not sure if mod_bwlimited allows you to do that though, ie. by restricting certain accesses to zero bandwidth.

If you had mod_access installed then you could require all reverse names to pass a double-reverse test too --- this would almost certainly block the abuse, although a lot of folks with dynamic IP might suffer as well since some ISPs don't provide proper reverse names.

It's been a while since I last played with this stuff to block DDoS attacks at a major ISP, but I can look it up again if help is needed.

Yes, of course there are things that could be done, but we don't have direct access to the server. It's a shared server, which we have access to through a horrible CGI backend.

From klomp.org, this seems to be the best Apache module to use as it lets the O/S handle it:

mod_hosts_access 1.0.0

mod_hosts_access allows you to use the hosts.allow and hosts.deny files to configure access to your Apache webserver. This is the stable version 1.0.0. Nothing has changed apart from the homepage and some documentation glitches.
Features

    * mod_hosts_access gives you a central location for your IP access rules for telnet, ftp, http, imap, etc. This is especially useful for a personal server (e.g. a cable modem running mod_roaming), that should not be accessible to the whole world.
    * mod_hosts_access calls the functions in the TCP Wrapper library for maximum compatibility.
    * mod_hosts_access can be installed as a DSO (Dynamic Shared Object) module.

The TCP Wrapper blockfile hosts.deny can be changed on the fly without even needing to send Apache a SIGHUP, and it accepts both domain names and IP addresses using a variety of range specifiers. That's all the flexibility you need I think.

You could use the kernel's packet filtering as well, but then you wouldn't have the flexibility of blocking by domain name.

Ah ...

Is there any place where the Wiki is "guaranteed" to be up at for the next few days or so? I'm going off site trying to find some math help, and I'm using the current "backup" of the site to link to explanations of various portions of LSL, but I'm not sure if I can depend on those links, and need to know if I should provide alternate URLs as well.

I will leave the temporary site up for as long as we need it. I can even leave it up after we get badgeometry back up and running if you need, just let me know.