I'm not talking about readers who can't post today, I'm talking about users who for whatever reason have got the so called "Pink Page" and it's various cousins. These pages occur for a variety of reasons, but almost always the reason is that the IP you are visiting from is misbehaving. This means one of numerous things, but most often it's a variation on one of the following:

• A crawler downloaded thousands of pages
• Read ahead caching downloaded thousands of pages
• AN RSS Headline reader loaded the RSS headline page every 5 minutes for a few hours.
• A broken client failed to adhere to the RFC for URL and loaded thousands of 404 errors as a result.

Now sometimes this isn't such a big deal. Slash is fairly sophisticated after all- in the case of RSS and 404 excess, the IP is temporarily restricted and the user is presented an error message that encourages them to alter their behavior. In most cases this is sufficient.

But what kills me is the guy who emails me to complain that he's been banned. For starters, we have very clear error messages on the banned page directing users to a specific mailing address to a guy (confusingy enough, one who is also named Rob, but that's a whole different issue

Now most people are very polite, but utterly clueless. Many many users simply do not understand the concept of a proxy server. And this is totally fair. The subtleties of routing and networking are not for everyone. It's secret voodoo that frankly is better left in the hand of those who know what they are doing (Which is why OSDN has network admins and I'm not allowed root access on our web servers any more. As if I'd just hop in and delete an entry from the route table or something... more than once).

But there are other people who simply should no better. THey email us, absolteuyl furious that their IP has been banned. But when it's the proxy administrator it gets really amusing. Mr. Administrator emails me (WRONG!) to explain that he has been banned. THis is my fault, and I should immediately unban his IP because he represents a gigantic proxy server and clearly thousands of people are being denied their precious Slashdot.

So I check the IP. Which I shouldn't do because the other Rob does this shit, and I have a mtg in 2 hours that I have yet to compile all my notes for. This guy's "Huge" proxy has 4 people behind it. 4. Now sure, maybe this proxy has a hundred thousand users behind it, but to me, I see 4. Ya know what IP has 4 users? Mine. Our little basement where Rob, CowboyNeal, and Hemos work. 4 users. This guy isn't upset because his thousands of users can't access Slashdot because at most 1 person has emailed him to complain. No, it's either him, or his buddy across the aisle.

But this isn't the kicker. The kicker is when he patiently explains that his IP is what is known as a Proxy Server. And he laboriously explains what a proxy server is.

Now do I patiently explain to the guy that, while I feel utterly terrible and totally responsible for his ban, I DO in fact understand the concept of a proxy server. But does HE understand what it means when index.pl is loaded from his IP every 15 seconds for 48 hours? Does HE understand that this is NOT a proxy server, but instead this is in fact some nitwit who thought he'd bang out a 20 line perl script to alert him to web updates on Slashdot?

What it comes down to, is that it is relatively easy to tell the difference between Proxy Servers and IPs. In fact, I can even make a pretty good guess at the number of users behind the larger proxy servers. And there are dozens of large proxy servers that hit Slashdot. Some of them are 100+ users. We've gone so far as to add code that lets us identify known proxy servers so that our scripts that detect robots and DoS attacks can be aware of known proxy servers and cut them some slack when trying to decide who to ban and who not to ban. The next step would be to have software determine automatically if an IP is a proxy server or just a guy.

But MOST of the time, the ban is temporary. The error message explains that the ban is temporary. But I still get these freaked out sysadmins emailing me who can't just wait a couple hours for the ban to go away on it's own... provided they stop running whatever software it is that is clearly beating the crap out of our server.

Please note that none of this is from any particular guy... It's just random splicings of different emails I get each day.

Most of our "Abuses" are unintentional. A user doesn't understand that setting their RSS headline reader to refresh every 60 seconds means that they are going to load that page 1500 times today. Now we have 100,000 readers loading RSS... do we really need a couple hundred of them to load millions more than the other 99,000? Especially not when these headline files update every 30 minutes, and loading faster is just wasting resources on both ends!

Allright, remember that meeting I mentioned at the start of this journal entry? It's like 5 minutes closer now and I still haven't compiled my notes.... I really should take care of that ;)