Referer Spam

In the last month I have been getting nailed with various forms of “referral spam”: , and various annoying exploit attempts. Besides the sheer annoyance of it all, the way it screws up your logs and stats, I just didn’t want them to think their stuff was working. So I finally implemented some “mod_security”: rules into my apache.

I extended the default “debian”: ruleset with a few that I found online, and things seem to be working well. I hope not too much of a performance hit on this little box (if so, please tell me). I’ve only had two issues with it so far:

# Default rules blocked my cookies. The default rules had a very basic regex for cookie data, didn’t’ work with my system
# Debug Log. The debugging by default is at 9, and that *very* quickly filled up a 2gb file, which then killed apache

This entry was posted in Site.