figby.com

This site may have been slow (or even unreachable) yesterday at times. I spent much of yesterday dealing with some major traffic surges on The Quotations Page, which shares one of its servers with this weblog.

Usually things like this are easy to trace, but this one kept me guessing for a while. In the end it turned out to be two things. First of all, the death of Johnny Carson resulted in over 20,000 visits to our woefully inadequate Carson Quotes page. It always makes me uncomfortable to get traffic because someone died, but it’s one of the prices of a high Google ranking.

The server could have easily handled those extra visitors, but something else was going on at the same time: hundreds of attempts per hour to load invalid URLs within our phpBB-based forum. Apparently another variation of the Santy worm is on the loose.

Our particular installations of phpBB weren’t compromised by the worm, but the constant requests to the viewtopic.php script were overloading the server. If you have a phpBB forum, even if it’s the latest version, I recommend setting up some mod_rewrite rules to block the requests entirely. After implementing some rules based loosely on the examples here, my server load went back down to manageable levels.