How to Prevent Spammers from Accessing Your Linux Server

I run an article directory on a dedicated Linux server and provide full article RSS feeds for any query or tag. When spammers find the site, they usually pull the feeds and repost the articles on their Wordpress or Blogger blogs.

Occasionaly, for whatever reason, they tend to download feeds like there is no tomorrow. I don't care about them accessing the feeds for whatever use -- as long as they publish the articles intact to preserve the content with links to the author's sites -- but I really when pissed off when they access the server thousands of times per hour. This can bring even the most powerful dedicated Linux Server to its knees.

A simple trick to prevent them from accessing your site is to add in the .htaccess file

order allow,deny
deny from
allow from all

This returns a 403 (forbidden) error. If the script they're running to grap the content from your linux server errors out, then it will stop accessing your site. More often than not, the script continues to scrap your site causing Apache to take up valuble dedicated resources.

A more practicle approach is to prevent them from accessing the server by using the iptables, or firewall rules.

This will reject the access at the TCP transport layer before it gets routed up the transport stack to Apache. To do this, enter this command:

iptables -A INPUT -s -j REJECT

The iptables command must be entered as root from ssh or from your control panel. But with a dedicated or virtual linux server, you should have root access.

Are Dedicated Servers Becoming Obsolete?

Today's Microsoft and Red Hat mutual virtualization support agreement supports a trend that enforces the common belief that dedicated Linux servers are becoming a thing of the past.  Consider in InformationWeek that

Microsoft, Red Hat Agree To Mutual Virtualization Support -- Windows Linux Virtualization

As part of the agreements, Microsoft will run Red Hat Enterprise Linux 5.2 and 5.3 as a guest in Hyper-V environments, and will lend its hand to technical support and documentation. Red Hat will also run Windows Server 2003 SP2, Windows 2000 Server SP4, and Windows Server 2008 as guests on Red Hat virtualization technologies, with similar tech support offered.

Brian Stevens, Red Hat Vice President and CTO makes a valid point that the hardware is becoming so powerful that single applications and cannot taking full advantage of the dedicated server.  That is, the processor speed is not increasing anymore but more and more physical cores are being added.

Unless the application is designed for multiprocessors, the other CPUS are effectively sitting idle.  Allocating the physical cores to logical virtual servers may make the best use of the physical server since each logical processor can be used to balance and increase the overall performance of the dedicated Linux Server.

Linux Dedicated Servers are not Free

Yes folks, there are things such as free hosting sites which use Linux dedicated servers to host thousands of shared hosted sites. But if you think that you can get a dedicated server for free you have been misled.

The important thing is that you want to consider is why you hosted your site on a free or cheap server in the first place when you actually needed a more powerful solution.

Many of my sites are hosted on less expensive solutions but these typically are not CPU and bandwidth intensive, thus, I can get away with it. But sometimes these sites expand beyond the limitations of a shared server and I get the dreaded email stating that I my hosting has been terminated due to hogging the CPU.

So the important question is that you need to ask is "should I initially use a cheaper solution or go the direct route with dedicated?"

We all have illusions of grandeur of having the next great blog or application, but in reality, these are quite rare and you can get away with a simple solution for the initial approach and grow into a virtual dedicated server or more powerful Linux dedicated server.

Yet both of these solutions are costly in the beginning, hence, Linux dedicated servers are not free.

My personal approach is to have a spare dedicated server that I run new applications on that can handle CPU and bandwidth loads. Initial testing of the application may also increase server load due to debug logs and systematic bugs that will easily bring down a dedicated Linux server to its knees.

Although initial alpha testing of the application can be done in house on private servers until the majority of the bugs are resolved, eventually the application needs to be installed on a server that will be exposed to real-world loads. For that, anything but a virtual or dedicated Linux server will suffice.

My Linux Server

My Linux Server...