One of my sites has been under mass attack by bots for a month now, without cease.  It’s cost me (and my developer partner) time, money, and an undue amount of stress.  It’s undermined my analytics and stats.

It Just. Keeps. Coming.

And while there are a couple things we’ve been able to do to minimize the damage, essentially there’s no way to stop it. It just. keeps. coming. And frankly, if it continues, and spreads, there could be big repercussions across the web on ad revenue and analytics.

What I Know

The attack started on February 21, 2012, around noon.  I keep an OCD-level eye on my traffic, and I noticed a big jump in direct traffic.  This is unusual, because this particular site is less than a year old, and has not had a chance to develop a lot of branding yet.  It’s pretty well situated in the search engines for its niche, but not that many people know it by name.  Anything more than twenty or thirty percent direct traffic would definitely be odd.  And then I started noticing some other strange behaviors:

• All the traffic was reported as Internet Explorer (versions 6 through 9)
• All the traffic was reported as Windows (XP through Win 7)
• The traffic was coming from all over the world (and the site is focused on ONE state in the US) and from thousands of IP numbers & ISPs.
• It was all hitting the home page and leaving immediately.  My bounce rate quickly soared to about 99%
• There was nothing – no one thing – that I could pinpoint to block this traffic from coming in. No commonality.
• It was executing javascript – because it showed up in Google Analytics, Statcounter & Woopra.

Strangest of all, the traffic was *slow* – drip drip drip.  Never so much to come anywhere near a DDOS, or have an effect on the server, but at any given point, there would be six to ten “visitors” on the site at a time.  While it looked very much like actual human browser traffic, it wasn’t difficult to conclude that this was something automated.

[Read more...]

Dear GoDaddy -

I don’t know if you noticed, but I’ve started moving my 1400+ domain names (spread across four accounts) to other registrars; mostly Namecheap (not an aff link).

If you have noticed, you’ve probably attributed it to the brouhaha over SOPA, and it’s true, GoDaddy’s situational ethics were the last straw for me.

But I don’t want you thinking this is the only reason I’m leaving.  It’s just the most recent one.  Because once I started adding it up, I should have moved out LONG ago.

[Read more...]

I want to buy an iPhone 4S.  Verizon Wireless is making it very difficult for me to do so.

First off, I am a longtime BlackBerry user.  But RIM is a dying platform (I don’t care what anyone says, they are – you know it and I know it so shut up) and it’s time to get something else. I haven’t found a Droid I like yet, and so it seems like a good time to get an iPhone. A new model just came out last week!  Consider it a tribute to Steve.  Whatever. I want one.

Now, I have been a VerizonWireless customer for at least eight or ten years.  I have a family plan, and I’ve never had fewer than three (and sometimes as many as five) numbers on my plan. I have smart phones and data plans. Always signed up for the two year extensions.  Never once paid late. My monthly bills run well into three figures.  I put friends and family members (who are not on my plan) on Verizon so we’d all be on the same network.

Any other marketing-savvy industry would consider me a VIP customer – worth keeping happy and hanging on to at almost any cost.  This is where you get your brand evangelists, after all.

But not Verizon Wireless. And, to be fair, pretty much all the carriers operate the same way. Because it’s a royal pain in the ass to switch carriers; particularly when you have multiple lines, they figure you have a higher threshold of pain for any little price gouge they can stick you with.

[Read more...]