Neil Turner's Blog

Blogging about technology and randomness since 2002

This should never happen to a blogger

I want to cry.

On Monday at about 4:45pm, some prat from the University of Bradford launched a flood attack on this site, by submitting the same comment repeatedly – nearly 300 times in total. Because MT rebuilds several public pages whenever a comment is submitted, the process is quite CPU-intensive even when just one comment is being added, so you can imagine what happened when 300 were submitted.
The first I knew about this was when I tried to log in on Tuesday morning, and was greeted witha 404 error. The main URL gave me the same error, so I decided to investigate the FTP server. Now, normally my files are located in a folder called ‘’, but they were now in ‘’. My heart sank.
There was also a file called ‘reason’. I opened it, and it told me this: mt-comments.cgi caused server to hang. The flood of messages that I’d received the previous day was enough to b0rk the Apache server that f2s had provided. Great.
I fired off an email to their tech support department in the hope that they may reactivate the account, having removed the comment script from the server. I received an automated reply, saying that they were looking into it, and then nothing. To this day, I have yet to receive a response.
While it’s not their fault that the server hung, taking over 3 days to respond to an email is appaling customer service, and I’m afraid I can no longer recommend f2s as a host, particularly if you are business and depend on your website. In fact, I suggest you avoid them.
As it is, I had no option but to go elsewhere for hosting. Fortunately, Richy C works for a hosting company called 3050 Hosting, and he was able to help me set up a new host account there. The new account is more expensive than before – £58.75 per year including VAT – but I get much more disk space and better servers, including backups. I’d been intending to move there in September anyway, when my f2s agreement ran out.
Getting the blog back up wasn’t as straightforward as it could have been. The last entry backup I made was in February, so although I could import 5 months of entries quite easily, I still had 6 weeks of entries that needed re-adding, which I’ve spent this morning doing. It also means I’ll have lost any comments and trackback pings from the past 6 weeks, so I apologise for that.
As for the jerk who caused this mess: I’ve been on to the abuse desk at Bradford and have sent them copies of my Apache logs around the time of the attack, and they have promised to investigate. Sadly, my level of trust has fallen – to guarantee this won’t happen again I’ve had to turn the comment system off. I’m really sorry for those of you who used this system properly, but as it is it’s still too big a risk to take. You can still send me trackback pings, or just email me (neilturner [at] myrealbox [dot] com).
In the mean time, you can post in the Movable Type forum to request a flood control feature. If that is implemented, I may well reinstate it.

Comments are closed.