I've had an interesting couple of days away from reading Mary Oliver, frustrating days, particularly because I'd much rather be reading her poetry than doing what had to be done.
Let me just say that I suddenly received a record number of comments to my site starting last night around midnight. I happened to still be online because I've somehow rediscovered Baldur's Gate II (but that's another story best left untold). So, I decided to check my email one last time before turning in for an un-deserved rest, considering that I'd managed to fritter most of a day away walking in the sunshine and playing with my computer.
Anyway, as the email page on Entourage scrolled by, I realized that something very bad was happening. Now, I have gotten an unusually large number of emails lately telling me that email I'd never sent out had not been received. Well, obviously I deleted them immediately and downloaded the latest updates to Norton Virus.
But, no, this was something totally new, totally different. As page after page of screen rolled by, I managed to read enough to realize that all the emails were coming from my website and were all records of new "comments" that had been added to my site. After Entourage nearly chocked on the onslaught, and my mind frantically tried to grasp what was happening, I finally managed to open an email, find the address that they all seemed to be coming from, open MT and ban the IP address. That stemmed the flow, though my webpage sputtered out more email for hours trying to catch up with the overflow.
I probably would have reacted quicker if my blood pressure hadn't risen quite so high when I realized what was happening. Turns out being totally pissed, isn't always the best way to solve a problem, though I suspect in retrospect that I'm probably going to die of a stroke from high blood pressure rather from some benign cancerous growth.
I remembered my favorite technical expertress had recently given advice on how to totally shut down comments, but I couldn't find the email or remember the advice. The truth is that I've relied on my D-list status as a blogger to keep me safe from these kinds of attacks. I've occasionally gotten slammed with junk comments, but nothing that a few minutes of attention couldn't take care of.
Although it would have been best to just go to bed and worry about the problem the next day, I was far too pissed to do that. In fact, the adrenaline flow nearly carried me through the entire ordeal of manually deleting the comments, five at a time, for the next two and a half hours before I finally went to bed knowing that some son-of-a-bitch wouldn't get the satisfaction of a few more hits to his miserable gambling site because he'd managed to catch me unawares.
It would have helped if my technical expertress hadn't gone to bed already. After all it was only 2:00 a.m. where she lived so why would she need to get some sleep? If I'd waited for her advice that appeared in the morning mail, it probably would have taken me 10 minutes to delete all the comments, that is, once I found where to enter the command line to delete all comments after a certain time on my MYSQL page. I never did find that, but thanks to her advice I did find a simple way of deleting comments using "phpMyAdmin."
Considering the headache I get every time I go near MYSQL, I thought the two hours I spent discovering that shortcut just in case I get hit again was time well-spent, especially because I simultaneously discovered the joy of doing a MYSQL "dump" of my site before updating it to the latest version of Movable Type and adding in Jay Allen's well-known Blacklist, yes that program I've been avoiding installing in much the way I've avoided flu shots in the past.
Actually, updating Movable Type wasn't especially hard, especially since I've gone through the process several times now. It did, however, necessitate finally purchasing Panic's Transmit so I didn't have to mess with Adobe GoLive's ftp program. Installing blacklist wasn't that difficult, either, once I remembered that a "." is not the same as a "-," at least not as far as computers are concerned.
Still, it's 3:00 p.m., I've spent most of the day trying to learn enough to deal with this kind of event more wisely, and I'm not confident I'm any safer from another attack than I was last night. I know a hell of a lot more than I did last night, but I doubt they were sitting around doing nothing all day. Once again, it reminds me of Yossarian's lament in Catch-22, “When I look up, I see people cashing in. I don't see heaven or saints or angels. I see people cashing in on every decent moral impulse and every human tragedy.”
UPDATE: I've also updated my site using the code discussed in step 3 at Shelley's site. I might even end up using the code discussed in step four,but I'm not technologically apt enough to understand thecomplaint. I'm sure someone will eventually explain the problem with the redirect to me.