I consider myself to be very knowledgeable when it comes to security. I have worked in the security field for about 10 years but being hacked happens to the best of us.
My ordeal started early last week when I got awakened out of my sleep to the sound of my phone texting me that my server was running out of memory. I usually get a text about 3 or 4 times a day but usually it means that the server’s traffic is spiking. But that night it went off about 45 times so I knew something was up.
For the past two years I have been developing a traffic trading script that I actually bought many years ago. At the time I needed something fast to setup a few sites where I would be trading traffic with other sites. The script needed a lot of new features so over time I have managed to integrate various changes to help with performance and also usability. The one thing I always had problems with was the script constantly logged traffic that was not human traffic.
One of the features that I added was tracking hits that had no referrer. The problem with that was this also allowed bot traffic to get logged as well. Bots usually don’t have a referring site so the script was picking these up as valid hits and throwing off my no referrer stats.
When I first started running my websites on a VPS server I was limited on funds so I started out with 1 node with about 512MB of RAM. I was trying to host about 15 sites at the time and needless to say 512MB of RAM is probably the bare minimum required to run even the smallest of sites with any amount of traffic. I was trying to run 15 so eventually I was running out of memory.
So recently I was given the task to create a plugin for WordPress that could automatically send blog posts to Tumblr. For those that don’t know what Tumblr is (as hard as that is to believe) its basically a micro blogging site much like Twitter. So as I was saying I had been given a task to make a plugin and luckily Tumblr has a nice API that can easily be integrated into a nice little plugin. If you are not familiar with writing plugins for WordPress I suggest you check out their documentation here. It does not have a fast learning curve but it helps if you have some knowledge of PHP and WordPress.
My first step was of course learning the Tumblr API. Tumblr now has two versions of their API; one is based on a very simple HTTP post method and the newer version uses OAuth.
Tags: 