WebTech: Archive

Entries For February 2005

Opera 8 Beta 2 Is Now Available

Fri 25th Feb 2005 18:03 BST by Andrew from Darlington, U.K.

Opera 8 beta 2 is now available for preview. A changelog indicates widgets to help with spoofing and an IDN work-around better than Mozillas. It's taken some time but document.selection and document.getSelection are now supported along with the TextRange object.

It should be noted that where Opera dragged their feet implementing Microsoft proprietary methods the company is finding it difficult to resist the demands from Google with applications such as GMail (supported since Beta 1) and now Google Suggest. Given this trend I'm looking forward to XSLT support.

One question though, will my Opera registration purchased for v7.23 work with the version 8 first release or will I have to upgrade? The upgrade policy is quite clear that I will have to pay but there have been a few mixed messages recently. As a user obviously I'd like a free upgrade, but also from a marketing perspective this could be a good plan - since people in the first instance would blog about the new features in Opera 8 bringing positive publicity and not rant about the upgrade price instead.

GAWDs To Start Charging For Membership

Thu 24th Feb 2005 13:41 BST by Andrew from Darlington, U.K.

The Guild of Accessible Web Developers (GAWDs) is to start charging for membership. I'm a bit puzzled by this, well I'm not puzzled by the desire to cover running costs, but I am puzzled as to why this cannot be covered by Google text ads instead of charging an extortionate £39 a year.

Looking at the hosting for GAWDs.org the current site resolves to raq947.uk2net.com and the hosting company UK2Net offers dedicated servers from £29 a month with more data transfer and bandwidth than GAWDs would ever need. Given that GAWDs has amassed quite a significant but mainly passive membership if on-site advertising cannot cover the costs of £29 a month for a dedicated server then an honesty box soliciting a £1 or £2 should raise enough money to pay for the site it would seem. Alternatively I don't see why GAWDs needs dedicated hosting — it could probably pay half the costs or less using a shared server, say somewhere like AffordableHost Inc..

Once membership fees become mandatory I'll be resigning my membership. At least then I can ditch my GAWDs email address and relieve myself of the spam I get via it (whilst I don't get much spam it is annoying that my email address is public on that site and there's nothing I can do to hide it).

CSS for Sado-Masochists

Sat 19th Feb 2005 19:38 BST by Andrew from Darlington, U.K.

In a moment of perverted sadism I've cut the masthead markup from the top of this site and glued it to its bottom. The site is still recovering from the painful follow-up CSS operation, but the swelling appears to be subsiding. The bandages are coming off and by some miracle it seems to have worked. To non-CSS clients the master document heading is now the first bit of content in the page rather than a ‘skip to content link’ and the navigation appears at the bottom. However, for CSS-enabled clients the navigation should appear at the top of the site. I say ‘should’ as it proved to be horrendous for me to fix it up there. Seems to be working ok in IE5.0+, Opera 8 and Firefox 1.0. This would have happened a long time ago except that I only just figured out how to absolutely position content under an absolutely-positioned masthead for the simple reason that the masthead has a mix of 3 different height units — px, em and % and so a single CSS “top” statement wouldn't work on its own.

I've also performed the same surgery on the Accessible Developments site as well as spending an hour fixing an IE5+ bug whereby titles of blog entries would break out of their containers and stick to the left-hand side of the viewport.

Fun With Referrers

Wed 16th Feb 2005 15:48 BST by Andrew from Darlington, U.K.

No, not another post on referrer spam. A post on doing something interesting with HTTP_REFERER instead. If you perform a search using Google, MSN, Yahoo or just about any other search engine and one of the listed results is this site (say “cache-control etag”), then if you have javascript enabled and you have HTTP_REFERERs enabled in your browser then follow the result link back to this site and something trippy should happen.

That effect is based on code that I modified from Kryogenix. I made the modifications months ago (when a related article came out on AListApart) and asked for permission from the author. He/she didn't reply but the script appears to be in the public domain and the modified source has an attribution to the original author. As a result I'm now using it for incoming refererals from search engines. Doing the same server-side is not easy for Classic ASP and the way this site is built as Classic ASP doesn't have the abilty to read from the output buffer in the way that PHP and .Net has.

Remote Linking
Also playing with referrers I've changed the way users download (some of) the scripts I give away for free. Folks that want to use the scripts in their own pages are asked to download the scripts to their own site and not remote-link to them, but some webmasters ignore that plea. So from now on folks that do this will fall foul of some cross-site scripting of mine. If they remote link they get an orange banner across the top of their page warning them not to remote link and their webpage starts to play some horrendous midi music. In the future I may incorporate DHTML effects too whereby the page is scrolled off of the screen, fades away to nothing or something similar. In the past I've done worse — like redirecting readers of a Swedish computing site to a site dedicated to the Muppet's Swedish Chef.

UK Banking Accessibility Review

Mon 14th Feb 2005 20:26 BST by Andrew from Darlington, U.K.

Referrer Spam IPs

03:44 BST by Andrew from Darlington, U.K.

From the 4776 spam referer requests this site received yesterday I've assembled a list of IP addresses you can download [3.77KB Text file]. Also from doing a brief study of the spam referers I can see that I'm getting hit twice because I duplicate the site with a “www” sub-domain.

Update
I wasn't going to add them all to my IP block database table, just a few with some selective masks, but on second thoughts I've added them all either verbatim or as subnet and partial sub-net masks. Ah, actually I've just remembered that I filter on any IPs that are present in the most common headers forwarded from proxies — so adding these REMOTE_ADDR IPs isn't going to do anything much. Damn, I'll remove them later. Grrr.

Here's a list of the current HTTP_REFERER fragments that I'm blocking [ Warning: contains obscenities ]

Update
I've changed the way I block Referer Spam traffic using a new version of my IIS/ASP User Filter. As a result you can now get the live lists that I'm currently blocking:

[ modified 20th February 2005 21:06 BST ]

ADODB.Stream Load & Save File Helper Functions

Sat 12th Feb 2005 18:56 BST by Andrew from Darlington, U.K.

Something new again for the script library, but nothing particularly complicated this time: Load And Save File Helper Functions that use ADODB.Stream to simplify the loading and saving of files BUT allows this to happen in a range of different character sets.

The range of supported character sets depends on your system but typically character sets such as “UTF-8”, “UTF-7” and “ISO-8859-1” are available along maybe with Japanese and some of the Chinese character sets.

This facility is useful as if you use the Scripting.FileSystemObject COM object then you're stuck with plain old ASCII or Unicode — the former being too restrictive for international languages and the latter not being particularly well supported, certainly not in ASP anyway.

One big benefit for me is the ability to dynamically save “*.asp” files as UTF-8 and have Server.Execute() work, whereas it doesn't with Unicode ASP files.

Syntax Highlight JScript and ASP Source

Fri 11th Feb 2005 03:33 BST by Andrew from Darlington, U.K.

I've been trying to build a script to perform syntax highlighting of source code suitable for the web for many months. The approach I took was to do it all with global search and replace Regular Expressions. I spent days trying to come up with a solution but all of the attempts failed, on one occasion I got frustrated and over-did it trying to complete it and ending up exhausting myself.

However, I've finally gone and implemented it although I had to switch tactic and build a character-by-character inspection method instead. With the new algorithm idea in mind I started writing late yesterday afternoon and finished the current version an hour or so ago. Making headway with the original regular expression approach was so difficult, but building the new version was relatively straight forward.

It can be found at Syntax Highlight JScript ASP Source Code. The script is pre-loaded to highlight Javascript / JScript, Classic ASP, ADO constants and the methods of the basic COM objects that come with ASP. However, it's probably quite easy to customise it for other languages too. Most of the scripts now on this site are automatically formatted with it.

Other Scripts
In other news I've re-hashed the document for the client-side Request.QueryString() object including the advanced manual, re-written the script that folks download for the DHTML Easy Countdown and re-formatted its documentation plus that for the pro version too. The source script for the pro version needs re-writing but I'll leave that for another day.

Update 1
After a couple of hours more work it now does HTML too.

Update 2
It now also handles tab characters not just be doing a straight conversion into whitespace but by snapping tabs to a column grid like most text editors do. This way source code written in editors like TextPad will have the same indentation alignment after the syntax highlighting operation, which makes for better readability.

[ modified 12th February 2005 18:46 BST ]

“A Large And Extremely Disreputable Cocktail Party”

Mon 7th Feb 2005 04:57 BST by Andrew from Darlington, U.K.

Not sure about the the “disreputable” part of this post's title but I had the sudden thought that the flying cocktail party in Douglas Adams's “Life, the Universe, and Everything” that became a “part-time raiding party” for its pillaging of the planet's alcohol reserves, is a little like the Slashdot, Boing Boing and MetaFilter crowd. They go rampaging around the planet having fun feeding off unsuspecting webservers before sucking them dry and moving on.

Suitcase Calling

Sat 5th Feb 2005 17:17 BST by Andrew from Darlington, U.K.

The troll that's eating up all my data transfer is doing me a favour I think. He or she has finally given me the impetus to move from my current host. From looking around yesterday and today the best I've seen is Liquid Six on the Platinum or Gold accounts (latter with some optional extras taken). I'll be able to consolidate all of the current domains I have without too much hassle and get either 10 or 5GB a month transfer — 20 or 10 times my current hosts allocation and frankly a heck of a lot more leeway and features and pay less a year for it all. It'd be a total no-brainer not to move. The control panel would be HELM, which I'd not tried before but it seems a little better than HSphere from an online demo.

I think it's going to take a little while to get to the point where I sign up and move — there's quite a lot to check before switching, although I'll probably move this site first and then migrate the others over later on rather than trying to do everything at once. Hosting renewal for the current site is not due until April 17th but unfortunately I already renewed the domain name and my current host has an uncertain policy on re-pointing domains when not accompanied by hosting, plus DNS is not exactly my forte anyway. However, I'm optimistic that this can get sorted out soon.

Update 1
Typical, I say one thing and do another. I've bought the hosting and I'm currently setting it up. My soon-to-be old host does seem to provide a separate domain registration service so for the time being I'm going to keep that up and running pointing at the new host. I don't anticipate losing any email or the site being down during the transfer.

Update 2
If you're reading this then you're looking at the site on the my new hosting provider and everything seems to be working OK! [ cool dude smiley ]

[ modified 6th February 2005 0:48 BST ]

Referrer Spam: Out of Options

Fri 4th Feb 2005 00:46 BST by Andrew from Darlington, U.K.

Another DDOS-style Referrer-Spam attack tonight around 7pm means that for the time being I cannot afford to run this website. The site has been taken down, although I'm keeping the RSS webfeeds up at the moment. The DDOS is using HTTP proxies and either more proxies behind them or is purposely broadcasting junk in the usual proxy HTTP headers making it untraceable to me.

This attack plus an attack this morning around 7am, one on Tuesday around 8pm and an attempted one at 7am on Wednesday morning indicates the likelihood of multiple attacks per day. The maths is simple: Each attack consumes in a few minutes around a typical day's allocation of webpages that I can afford to serve. At the end of each hosting contract month I'm usually at the limit of my allowed monthly serving allocation — I have no spare capacity available. More than one attack a day plus normal traffic means I'll use around 3 times this capacity and my hosting provider will automatically charge me for it. Their hosting plan appears to indicate that I'll get charged £84 for this. Financially that's not an option for me at the moment. So, I can't prevent the attacks, I can't fight the attacks and I can't afford to ignore it. That leaves me with the last option to shut the site down until the person behind it decides to give me a break. So, that's what I've done.

Referrer Spam is an increasing trend. I've been watching it for at least 2 and half years and in the last couple of months there has been a noticable increase in frequency and an increase in the cunning behind it. The attacks that have lead me to take the site down though are atypical behaviour and appeared the same day I published a post mentioning a databased Referrer Spam blocking mechanism I'd built. Two hundred referrer spam requests a minute is enough to wipe out the little guys. I'll be back though. Maybe it'll all blow over in a couple of days, maybe longer — that depends upon the whims of the person behind the attacks.

For more information check out these Wikipedia articles: Referrer Spam and DDOS .

Update
I'm going to try a limited service by automatically restricting the site to certain hours of the day and see how things work out, although I'm not exactly optimistic.

[ modified 7th February 2005 1:45 BST ]

Referrer Spam DDOS Attack!

Tue 1st Feb 2005 23:06 BST by Andrew from Darlington, U.K.

Oh great, at 7:45pm tonight this site was subject to essentially a form of distributed denial of service attack through referrer spam — over 1000 1500 referrer spam requests in 2 and a bit 7 minutes. The site managed for a while but fell over when I re-uploaded the global.asa during the attack (it has a flag in it I can set to turn the site off). The server didn't come back up. My hosting tech support have got things going again but attacks like that threaten the viability of a little site like this one.

Tracing the IPs of the attack is useless as they'll all be open proxies and whilst I do record any proxy IPs on referrer spam requests these all appear to be junk in this case too. Fortunately the sites being promoted in the referrer logs have all been shut down.

On the upside the automatic capping routines only missed around 130 referrer spam requests over the course of the attack, but the data transfer consumed by the error pages is still sizable. Expect the site to go down though mid February due to exceeded data transfer limits — or sooner if the attacks continue. Time to update the mirror site.

Update 1
I've uploaded a section of my custom site logging application that shows the attack. It's a zipped HTML file and a couple of ancillary files (use this link to download it). Extract the lot with your favourite ZIP program and open the html file in your browser. Genuine page accesses have been removed for privacy reasons. Looking in the “sc-status” column, whenever there's a value of “403” it means the blocking functions of mine intercepted the request. Anything with a value of “200” succeeded in making a full page request to the webserver. The “cs-uri-query” column often contains messages from my blocking functions saying why a request was blocked — e.g. “UserFilter+triggered” and “captchad”.

Since I get automatically charged for excess bandwidth usage I'm probably going to take the site down completely tonight just in case it happens again.

Update 2
Last night (Wednesday 2nd) I left the site up all night, this morning in the small hours it was hit again. Such attacks use a full days expected served page allocation in a few minutes but the site doesn't have spare capacity — I'd have to double my allowed transfer allocation in order to keep the site running and it remains to be seen whether I can afford to do that.

[ modified 3rd February 2005 14:04 BST ]

MSN Search & Opera

15:20 BST by Andrew from Darlington, U.K.

After reading about the new MSN search via Slashdot and having tried the disappointing beta I thought I'd check it out again. However, it doesn't work on Opera — submitting a search query just reloads the page and doesn't show the results. I doubt that they'd purposefully block Opera again given what happened last time they singled out that web browser when Bob Visse straight lied and MSN were found to be substituting malformed code to deliberately trip up Opera. This time I expect it's just old fashioned incompetence at work. I shall continue to use Google.

Referrer Spam In The News

01:28 BST by Andrew from Darlington, U.K.

Over at MetaFilter.com there's a post about link/referrer spamming, pointing in particular to an interview with such a comment/referrer spammer in The Register and .htaccess-based referrer blocking for *nix users. Maybe I should polish my databased version and make that available for Classic ASP users. It auto-blocks rapid crawlers too and caps access for persistent ones. After a series of warnings the end-client is then automatically blocked. It would probably need some polishing to make it suitable for public release and there's the issue that it's MySQL-based. Actually, it's probably too much work now that I come to think about it and giving away the free stuff that I do is enough hassle as it is. I adopted the databased version as the XML-based blocker I wrote some time ago was too slow and too clunky to update.

271 Archived Entries by Month & Year

Search Reminder

Can't find what you're looking for? Search for it!

Blog Search