James Britt wrote: > I received an alert E-mail today telling me that ruby-doc.org had > exceeded its alloted bandwidth. There could be all sorts of reasons for > this, and if it were simply due to popularity I'd be thrilled. But it > appears that someone has been running wget and snarfing the site wholesale. > > This is a bad thing. I'm in the process of blocking IP addresses and > domain names. I've also turned off access to the Euroko 2003 videos > until next month. > > I really don't think this abuse is coming from any regular reader of > this list, but on the off chance that I'm wrong: please stop it. > > Thanks, > > James Britt > > jbritt AT ruby-doc DOT org > > > > I highly recommend you look into mod_dosevasive. If there was a decent way to verify the authenticity of the source IP addresses (ie not spoofed), then blocking would be a great first step. The next step might be posting the verified abusive addresses online (so the rest of us can take appropriate action like blocking them from our sites) or submitting them to dshield.org. This might be annoying enough for them to move on to other targets.