Rob Hustle

So, I am checking the stats on my server logs, and I notice a huge spike in traffic on one of my directory sites. SWEET! Did it go viral? Am I getting stumbled or dugg?

I pull up the referrer log, and what do I see? Hundreds of sequential hits coming from india. They are going down my directory A-Z. Oh man, looks like I’m getting snarfed. Someone is ripping my database.

Now, I have been around long enough to know that is part of the game. People will steal your content, that’s how it goes. But, you don’t have to go down without a fight.

I have most of my proprietary data displayed as images or inside of flash containers to make straight ripping difficult. But, it’s hard to stop a human army from just typing it in. And that’s what a lot of people do. THey go to elance, hire 200 indians, and blip, your site db is snarfed.

Whatever. I decide to strike back.

First, I find an unstoppable Rick Roll. The javascript on the Rickroll makes the video hop around the screen, opening multiple windows, making it almost impossible to close.

Next, I target their IP range in my app config file. Any time I get visitors from those addresses, they are going to visit Ricky.

I flip the switch on my black ice, and BOOM. The activity stops. Satisfied that there are now a room full of Indians an ocean away listening to Rick Astley and clicking on windows, I go back to reviewing my logs.

A few minutes later, they are back. Hmm… determined little suckers. How are they getting around me? Ah, they are using different IPs. Okay. I add the new IP’s into the config list and add a cookie. Now, they will have to clear this cookie each time they come to the site.

I flip the switch, they stop again.

Twenty minutes later, they are back. It’s on like Kong now. They want a fight, they got one.

They are using proxies to get at me now. Fortunately, they dont know about the HTTP_FORWARDED_FOR cgi variable. They are sitting ducks. I tag their proxy footprint to the black ice, and just to be sure, I flip on my geo IP database and geotarget all of india.

Usually, I use my geo IP database to target ads. Now, I am targeting these snarfers trying to steal my site. There may be collateral damage now. I am taking out the entire country. Innocent Indians may be caught in the Rick Roll. But how many Indians need a US only directory?

To make it even more annoying, I implement a rate limiter. Even if they get by all of my defenses, they will have to snarf me slowly, the way I like it.

All the code is in place. I click the button.

BOOM.

The activity stops now for good. I give it a few hours, pull the black ice down, and watch the logs. All is quiet on the Western Front. The forces of good have triumphed. My database is safe for another day.