Not me, and I've been reading sporadically over the past couple of hours.
Buffistas Building a Better Board
Do you have problems, concerns or recommendations about the technical side of the Phoenix? Air them here. Compliments also welcome.
The most common spiders and bots of ill repute are sent by spammers harvesting e-mail addresses.
All they can get here are e-mail addresses in posts, and donations and admins.
Don't they generally follow all links? That would mean they do the equivalent of clicking on the user which does the query that gives your e-mail address if you made it public? Oh but that is not visible if you login as guest.
Hmmm - still they could be searching even if they did not find anything. Anyway to tell if we were spidered/botted?
If we make two (possibly incredibly invalid) assumptions, there was no undue activity Sunday night. Four robots stopped by and asked for robots.txt -- inktomi grabbed some filk, and the rest went straight home. There are no suspicious client agents that are taking up a great deal of traffic.
In fact, there wasn't a great deal of traffic, period.
Now, there's no reason a bogus spider would a) ask for robots.txt or b) not pretend to be MSIE6.0.
I just don't see anything odd. But I'm searching for a more granular analysis tool. Webtrends has gone all weird on me.
Hmm - If you had full OS access (including root access) could you put in some stuff to do real time monitoring and find out whats going on next time this happens? I know the providers admins would hate the idea but:
1) we have special circumstances - a problem we just can't track
2) Kristen can vouch for your trustworthiness, and technical skill
3) I may be wrong, but I get the impression the providers just don't have time to do the kind of monitoring we need. That is, quite reasonably having other customers besides us, that can't go and turn monitoring on 2 seconds after we know there is a problem.
So is it possible our provider could make an exception and give you any rights you need (temporarily) to track down this problem?
I don't want the liability of full root access, not that I dream for a second I could get it.
OK - I think I'll stop making helpful suggetions, because I think you have thought this through a lot more than I have.
Did they ever precisely answer when they installed the new thing that kicks us off when we have exceeded our max number of connections? I didn't see where they did, but might have missed it.
If not? That's still my bet. They made a change. It caused a problem. We told them about the problem. The problem stopped. Occam's agrees.
If only telling someone about a problem was enough to make it go away, and remove fear it could happen again.
They did put in a monitoring change. That's all the change they made, as far as we've been told. They did nothing to resolve the issue, because they were as flummoxed as we were.
Oh good. My tooth is gone but the board is not.
Steven thinks that it has to be some illegal spider trying to mine the database. That's all he can come up with. The only alternative I could come up was a malicious attack against the board. But then, we wouldn't be fine now if it was an attack. So, I think his theory is still the only one holding any water.
In other news, I no longer have to worry about the board getting yanked on Angel premiere night.