Spam Wars: Episode One
The Pencil Case Studios site has recently been a target for spammers. I thought that securing my server would be something that I could do over time and had planned to do it “some day”. It turns out that that day came sooner than I would have thought.
I want to apologise to the owners of the sites that are getting comment spam that apparently is coming from my domain. The fact is that my server is not spamming anyone but that the spammers picked up my domain name and leave that as the signature. It was my own fault for not setting up proper security protocols other than the defaults.
Thank you for your patience. I am working through this issue and feel free to contact me if you have been a victim.
In the meantime, I am researching referrer spam and securing a web server. Your suggestions and advice would be appreciated. In case you are facing the same problem, I have found the following resources very helpful:
- Installing mod_security on Debian Etch
- Intrustion detection and prevention for Apache with mod-security
- Question: Preventing Apache referer spam?
- Introducing mod_security
- Texas Holdem or Stopping Comment and Referrer Spam
- Blocking Referer Spam
- An introduction to mod_security
- Six Apart Guide to Comment Spam