The title is a German proverb which translates as "hit dogs bark" and means that people will react once they feel sufficiently threatened.

The proverb apparently applies to Phorm a UK company that wants to use Deep Packet Inspection to serve ads. They have been critizied for their plan, and I also wrote them a letter asking them to exempt drupal.org from their plans (besides an auto-reply no answer was received).

Googlebot is a frequent visitor(*) of drupal.org, eating over 50GB of traffic in over 11 million requests in March. I didn't know that the postprocessing is also quite fast.

Today, one of our helpful users reported some spam which was created by a new user. The user was a member for 2 hours and the spam itself was just over 1 hours old before I deleted it.

Maybe they don't but they have realized that their spam profiles on drupal.org are too short-lived to get them much traffic. As a result of this, the number of new spam profiles seems to be down.

As a side note: In part due to the spam profiles and the google traffic that they generated drupal.org served more than 30 Mio pages in March. This is an increase of about 38% compared to February with 22 Mio viewed pages.

The bigger part of this surge can probably be attributed to DrupalCon at the beginning of March.

Here's a table of the number of 403 pages by month:

After amazon and wikimedia the Drupal association has decided to opt out of the Phorm webtraffic snooping scheme. It is quite scandalous that one has to opt-out instead of having the option ot opt-in, but we did it anyway. We got the same auto-reply that wikimedia got, let's see if we get any more detailed response later.

I've recently been looking into the spam that hits drupal.org and yesterday I've finally found out why they do that and that it actually works. Until I block the accounts at least.

A blocked a account will give any visitor a "403 access denied" message. Drupal logs these incidents. It also logs the referer of these requests, so I am able to see which page the visitor was looking at when he clicked on the link to the blocked account. Most of these pages are search resulte of google and other search engines. And of course the visitor was looking for porn of all different flavours.

Last week I blogged about the spammers on drupal.org and how we remove their accounts. This week I've again looked at the newly created accounts and also added some other domains to the access rules (mainly aliases of mailinator.com).

There is one new player on the mail provider list. Apparently somebody created a domain to use for mail in order to be able to register at sites like drupal.org. And that they did: they created almost 500 accounts on d.o during the last week. They are of course all blocked now.

It is now several weeks after the upgrade of drupal.org to Drupal 6 and I've taken a look at google's crawling statistics for drupal.org.

This is the most interesting graph for me as infrastructure manasger, it shows the average time that googlebot needs to download a html page from drupal.org. We apparently had a bit of a rough ride in January, but recently this has smoothed out. About 600ms per page seems quite a good value to me.

So, after I claaimed we'd have less spammers than others, I wanted to find out how many spammers we've actually had.

mysql> select EXTRACT(YEAR_MONTH FROM from_unixtime(created)) as yearmonth, count(*) as count from users where status = 0 and login != 0 group by yearmonth order by yearmonth desc ;

On drupal.org we have much less spammers than other websites. One reason is the fact that we do not allow anonymous users to post anything and that every user needs a valid mail address in order to use his account.

This poses the question: Which email providers to our spammers use?

Luckily, this is rather easy to answer:

mysql> select substring_index(substring_index(init, '@', -1), '.', 1) as provider, count(substring_index(substring_index(init, '@', -1), '.', 1)) as count from users where status = 0 and login != 0 group by provider order by count;

The title roughly translates to "Oh, to once work with true professionals!"

This is something which I all too often have to think (and sometimes say aloud) when working on client projects. The nature of my work usually results in working for some kind of web agency which has secured a bigger Drupal project that they cannot handle alone. I then work with the agency's employees and other freelancers to complete whatever the project demands.