-

And the rat race begins

Posted by T. Greg Doucette on Aug 13, 2010 in The 2L Life

First reading of my 2L year got posted today: re-reading all of the United States’ core founding documents1 for Constitutional Law I.

And with that, the marathon race to final exams in December is officially afoot. Let the games begin :D

  1. The Declaration of Independence, the Articles of Confederation, the Constitution and amendments thereto :) []

Tags: ,

 
3

law:/dev/null: one year later :)

Posted by T. Greg Doucette on Aug 11, 2010 in NotFail

It was a year ago today1 — the first day of my 1L Orientation at NCCU Law — that law:/dev/null went live with this brief post welcoming any newcomers who happened to drop by.

And my gosh how much has happened in just a year! :D

Case in point: a year ago I fled the Turner Law Building as soon as Orientation was done because I felt so totally out of place2… yet this week I’ve been at the law school daily helping out (voluntarily!) with 1L Orientation, offering whatever assistance and sage tidbits of almost-but-not-quite-wisdom that I can provide :)

In keeping with my personality, some numbers to commemorate law:/dev/null‘s 1st birthday:

  • THEN: 1 published post — NOW: 291
  • THEN: 178 total words written — NOW: ~141,268 (where’s this inspiration when I’m working on a brief??? :crack: )
  • THEN: 1 [main] page — NOW: 4 total, including our About [TDot] page, the fellow-blawgers-inspired Disclaimer and finally instructions on Subscribing to the RSS feed :D
  • THEN: 2 categories — NOW: 20
  • THEN: 0 tags — NOW: 96
  • THEN: ~10 fellow bloggers on the blogroll — NOW: 138. If I’m missing you, send me an email to TDot [at] lawdevnull.com! :D
  • THEN: 29 new unique visitors a day, at least half of which were spambots — NOW: 170, of which only 4-6 are spambots thanks to .htaccess controls
  • THEN: 0 comments — NOW: 417 comments and 661 pingbacks (and 2,130 attempted spam posts :beatup: )
  • THEN: 0 typos I saw — NOW: “Another one? @#$%. I’ll fix it later…”

I could go on with the shameless quasi-self-promotion but you get the idea ;)

I’ve been blessed to do a lot of pretty cool stuff in my life, but getting law:/dev/null started — and more importantly, having y’all read it and at least pretend that you like it! :spin: — undoubtedly takes top honors.

Thanks for being such amazing people and giving me an added incentive to keep going! :) I’m looking forward to the year ahead, the opportunity to meet even more of y’all, and hopefully even convince a few more to join me at the N.C. Central University School of Law ;)

Have a great night everybody! :D

  1. Coincidentally also the birthday of the Reasonably Prudent Law Student — happy birthday Huma!! :D []
  2. Although no one believes me, I’m actually a bit shy :oops: []

Tags: , ,

 
1

Tweet-sized Tuesdays #15

Posted by T. Greg Doucette on Aug 10, 2010 in Tweet-sized Tuesdays

雅雅 moves 13hrs away tomorrow; #notafan of that transition :( Enjoyed seeing new+old faces @ 1L Orientation today tho. Ready for the year! :D

Tags: , ,

 
-

Random snippets from today

Posted by T. Greg Doucette on Aug 9, 2010 in Randomness

Not enough time to polish up a full entry for tonight, so I figured I’d go with bullet points of random things that crossed my mind today:

  • I made some minor behind-the-scenes changes to the blog, mostly to correct bad coding practices I was too lazy to fix before now :beatup:  The only thing you might notice is the blog heading: instead of “law:/dev/null – Musings of a Computer Scientist turned Law Student” as one über-huge title string, it’s now just “law:/dev/null” with the second half as a lower-level heading underneath it. It should still visually look the same, but if it doesn’t hit refresh on your browser to make sure your computer isn’t using a cached version of the stylesheet.
  • The spam problems that prompted this entry on .htaccess files also appear under control (fingers crossed). Spam comments are still annoyingly frequent, but at least with a fleshed-out .htaccess file I’m only averaging 4 a day instead of 50+ :spin:
  • I’ve met 3 incoming 1Ls over the past 4 days; two are folks I corresponded with through this blog before I knew they were coming to NCCU Law, and the 3rd today just happened to visit the SBA office while I was in there. It’s a lot of fun being able to answer their questions, but it also reminds me how little (translation: none) exploration I did before Orientation. Maybe I wouldn’t have been so nervous if I had? :beatup:
  • After that 2-mile run the other day my muscles were tighter than a Nancy Pelosi facelift. It was a remarkably unpleasant experience. Lots of stretching and untold milligrams of ibuprofen later, I knocked out another 2 miles today. We’ll see how I feel tomorrow… (fingers crossed again)
  • Speaking of politicians — horrible segue, I know :P  — I’ve been really disappointed in this recent GOP talk of trying to amend the Fourteenth Amendment of the U.S. Constitution to eliminate birthright citizenship. I mentioned back on Cinco de Mayo that to me there was something fundamentally un-American in penalizing a child for the sins of his/her parent(s). In re-reading the Constitution for ConLaw I next week, I noticed in Article III Section 3 that it bans “corruption of blood”, an old British punishment where the offspring of a parent convicted of a high crime were themselves sanctioned by being disinherited by the government and often condemned to a life of poverty as a result. How sad that the Founding Fathers (who crafted the Constitution) and the ancient Republican Party (who crafted the Fourteenth Amendment) both agree with me on this principle, but the modern Republican Party (of which I’m a member) does not — and would advocate needless tinkering with the most effective and enduring governing document on God’s Earth for the sake of one election… :roll:
  • I’m also disappointed that “Pretty Boy Swag” ranks as high as it does on the iTunes Top 100. When did sh*t like this become mainstream rap? :crack:
  • To close on a more upbeat note, while I was handing out those Orientation t-shirts I met a 3L who came in asking for one. My admittedly-untrained eye thought she looked like she needed a Small, so I apologized and told her we were out of the Smalls and a Medium would be the best I could do. That comment triggered a huge grin and a laugh that I mistook her for someone who needed a small t-shirt (turned out I was off a bit :beatup: ). My face turned beet red — I don’t really know why in hindsight, I guess just embarrassment for sticking my foot in my mouth? — but I’m glad I brightened her day :)

That’s it from me y’all — I’m heading to bed so I can get up in the morning and head to the law school to help out with Orientation! :D

Have a great night! :)

Tags: , , , ,

 
-

NCCU Law 1Ls: What to Expect at Orientation

Posted by T. Greg Doucette on Aug 8, 2010 in The 2L Life

Over the weekend I got an email from one of the long-time readers here at law:/dev/null — and a quick THANK YOU to all of you :* — reminding me that I still haven’t posted the Site Stats for July.

So I was going through the search terms to put that together, and saw “what to expect at nccu law orientation” among them. I figured that needs a bit more than the 1-line treatment I typically give the search queries each month :)

Before giving you my $.02, I need to stress that this is strictly 100% my own recollections and opinions taken from my three entries on Orientation last year. They are not in any way endorsed / vetted / reviewed / affirmed / or any other relevant verb’d by NCCU Law, the Student Bar Association, or anyone else. Your experience will likely be different — and hopefully less embarrassing than mine — so take all of this with the requisite grains of salt ;)

Also, since I’m in the NCCU Law day program these recollections are day program-specific. If you’re in the evening program you’ll go through the same stuff, it’ll just be structured differently.

We’ll start with some preliminaries:

====================
PREREQUISITES
====================

Attire: Last year I came to the first day of Orientation in a suit… and was one of at most a half dozen others to do the same :beatup: This will be the first impression you’ll make on your teachers and future colleagues so you don’t want to dress like a bum, but if you don’t want to do full business attire you can stick with your Sunday best.

Dennis Jansen (a 3L @ UMN Law) has this excellent post on Orientation fashion advice. And if you happen to be a lady, Huma Rashid (a 3L @ John Marshall Law) has an entire category of outfits just for you. Read them both. Trust me ;)

Parking: Not sure if things will be different this year, but last year we had the same places to park during Orientation as we did during the school year: (i) on the strip alongside the law school, (ii) in the Education Building parking lot, (iii) in the parking lot in front of the gym, (iv) the newly-paved lot across from the Criminal Justice building, and (v) a handful of other places you’ll only need if you end up getting to class really really late. Go to the NCCU Campus Map for directions. Plan to arrive early and you’ll be fine parking-wise :)

Sections: You can figure out what section you’re in already by looking at your schedule in Banner, but if you haven’t accessed that yet you’ll know for certain when you check in at Orientation. You’ll be split into your sections for most of the sessions all week.1

Technology: If you have a laptop and you’re planning on using it during the year, bring it with you on the first day. NCCU Law has a laptop loaner program where every 1L has the option to borrow an IBM ThinkPad from the school, but many of us prefer to use our own. Bringing it on Day One will give you a chance to get everything configured for use on the law school’s wifi network.

Timeline: Orientation is pretty much an all-day (or all-evening) thing each day. Plan to show up at 8-9am and plan to stay there until 5pm or later (more on the “or later” part for Day Two below).

====================
DAY ONE: WELCOME TO NCCU
====================

The first day of Orientation last year was the really basic nuts and bolts to life at NC Central University.

You’ll check in, hang out in the Fishbowl for a bit (and eat some of the breakfast items sponsored by your Student Bar Association ;) ), then go to the classroom where you’ll spend your 1L year for the rest of the day’s activities.

The day is broken up into 30-45 minute segments on various issues. You’ll get introduced to the Chief (the Dean of the law school) as well as the high-level law school staff. You’ll hear from the Registrar about basic class registration and related items. There will be a Q&A session on financial aid, student loans, and other money-related issues. There will be a segment on your respective learning styles from Dr. Psych. And you’ll hear from the IT folks about how to navigate the various law school facilities available to you.

The really fun stuff happens at the end, when you’ll get your login/passwords for both LexisNexis and WestLaw, putting oodles and oodles of cases at your fingertips for whenever you’re bored. And you’ll be given a tour of the law school — which will hopefully include a trip down to the SBA office to say hi to me :D

====================
DAY TWO: WELCOME TO LAW SCHOOL
====================

If Day One were designed to introduce you to NCCU, Day Two introduces you to the NCCU School of Law… and the long hours law school can consume :beatup:

In the morning your CivPro professor will give you an introduction to the legal system. After that you’ll hear a bit more detail about the various law school departments and how they can help you (career services, academic support, and so on).

At some point that day you’ll also get to hear from a panel of students about the rich legacy of NCCU Law, and then have a second law-related session where your Contracts professor will introduce you to briefing cases — and even assigning homework :surprised:

Once that’s done, you basically have a break to knock out the essential stuff you need to do. The Bookstore will have a “mobile store” set up in one of the courtrooms on the ground floor. You’ll be able to buy your parking permit on the 2nd floor. You’ll get your picture taken in the Fishbowl for the law school’s annual student profile thing. Etc etc etc.

Then that night there will be a reception in the Great Hall with NCCU Law alumni, followed by a session on professionalism with those alums and folks from the N.C. Chief Justice’s Commission on Professionalism. The reception and professionalism session combine both the day and evening programs, so it’s an excellent opportunity to get to know your fellow 1Ls from all over the school :)

====================
DAY THREE: NOW GET TO WORK
====================

I actually had to skip the last part of Orientation last year because of a conflict with a UNC Board of Governors meeting I had to attend as UNCASG President — so even though I remember what was supposed to take place, this section of the post is also part speculation.

In the morning you’ll have some group discussions on To Kill A Mockingbird, one of the books you were assigned to read over the summer. You’ll also have another session on briefing cases as well — and you still have to turn in that homework even if you skip like I did :beatup:

You’ll also go over the Student Handbook and the Code of Conduct, as well as a session on avoiding plagiarism. And at some point you’ll be given a writing exercise.

The last event for the day will be a second panel with different students on it, that will basically be a Q&A for you to ask any lingering questions that didn’t get addressed during the rest of Orientation.  I’m on that second panel, so if you want to try and stump me feel free to start thinking of your questions now ;)

====================
TDOT’S ADVICE
====================

If I had a chance to do Orientation all over again, the only thing I’d change is that I’d be more relaxed.

Before law school several friends used to call me “the oldest and the coldest” in tribute to my unflappable personality (and balding scalp :beatup: ). But for some reason I was ridiculously nervous during Orientation, and I didn’t enjoy myself nearly as much as I should have.

You’re getting ready to start an amazing experience at a truly unique law school, and you’re going to meet people who will be colleagues and friends for years to come. Go in with the mindset to soak in as much information as you can, to meet as many folks as you can, and to enjoy yourself as much as you can — do that and you’ll be in good shape :)

***

That’s it from me — if you have any questions between now and Orientation feel free to send me an email! Looking forward to meeting y’all this week! :D

—===—

Orientation-related items from the law:/dev/null archives:

  1. No matter what anyone else tells you, §103 is the best :angel: []

Tags: , , , , , , , , ,

 
-

Sloth FTL

Posted by T. Greg Doucette on Aug 7, 2010 in Fail

Among the various other things I’ve not been doing during my “too hot”-or-“too cold” summer: regular cardio exercise.

I didn’t pay attention to the effects of my slothfulness until my last day in court for the ADR Clinic… when I noticed my slacks were a bit more snug than usual :oops:  So with the weekend here and most preparations for school already done, I decided to hit the  American Tobacco Trail for a 2-mile run tonight.

How’d it go, you ask? Let’s just say it’s evident I haven’t run in months :beatup:

Not only have I regressed way back to before even my failed USMC PFT run, I was panting like a dog and sweating worse than a politician under oath. And my muscles hhhuuuuurrrrrrtttt :cry:

Lesson learned. Calisthenics tomorrow, then more running on Monday…

Until then, have a great night y’all! :D

Tags: , ,

 
3

222 years of inflation

Posted by T. Greg Doucette on Aug 6, 2010 in The 2L Life

Earlier today I bought my textbooks for the upcoming semester, including my book for ConLaw I — Chemerinsky’s Constitutional Law 3rd Edition casebook.

Lugging this thing to class is cruel and unusual punishment...

Now I’m not exactly as smart as our Founding Fathers, but I have to imagine even they would think this is a little excessive :beatup:

On the left: my pocket Constitution, in 10pt font, roughly 3.25″ wide by 6.25″ tall, including a Foreword, the Declaration of Independence, an Index, and a list of “Dates to Remember” relating to the Constitution’s creation and ratification, spanning a svelte 46 pages.

On the right: Chemerinsky’s casebook, also in 10pt font, roughly 7.25″ wide by 10″ tall, without any of the pocket Constitution’s “extras” yet spanning… 1,825 pages :surprised:

Can you picture how long it would have taken for the Founders to hand-write and then typeset something this huge back around 1788 when the Constitution took effect?

And how much bigger is this thing going to be 50ish years from now? :crack:

Tags: , ,

 
2

Revisiting class rank

Posted by T. Greg Doucette on Aug 5, 2010 in The 1L Life

Last month I posted a pie chart for y’all with class rank info on the Class of 2012 at NCCU Law, except that there wasn’t really much class rank info actually in it. The only thing I knew for certain at the time was that my GPA was the cutoff for the 40th percentile… because I happened to be the guy at the 40th percentile1 :beatup:

Fast forward a month, and several of my Legal Eagle colleagues were wondering if I had gathered any additional details given my penchant for graphs, tables and other data.

Slightly more 1L class rank data

And of course the answer is: of course ;)

After talking with about a dozen folks about their own grades/ranks, I tweaked the class rank chart to what you see here.

I know the GPA cutoffs for the 15th and 25th percentiles are solid. The Top 10% minimum GPA is just an estimate though; I haven’t really mingled with the super-smart folks in law school, and the only one I know 100% for certain who’s in that group decided to be coy and would only say the chart data “might be pretty close” :beatup:

I also added in my estimate of how many people fell below NCCU Law’s strict-C threshold and got academically dismissed at the end of the semester. It’s a very rough guess on my end, basically just taking the number of people I know personally who didn’t make it multiplied by the number of sections, taking a multi-year average of our historical 1L attrition data minus the folks who had already dropped, then weighting each of those two separate numbers and adding them together. I have -0- confidence that it’s an accurate count but I’m reasonably sure I’m ±5, so I included it anyway for informational purposes.

In the unlikely-but-possible scenario that my guess is a close approximation to the actual number of folks who will be gone, the attrition data highlights the challenge those of us in the middle of the pack academically are going to have trying to improve our class ranks this upcoming year. For example, being 62 of 157 puts me at the 40% mark now, but starting next week I’ll be 62 of ~139 (or less) — instantly dropping me down to 45%. It’s definitely a steep hill to climb.

Upside: at least I won’t have Contracts anymore :spin:

Have a great night y’all! :D

  1. Even though it’s not going to net my any academic excellence awards, I do appreciate my class rank being a nice round number :beatup: []

Tags: , , , ,

 
1

Fight WordPress comment spam with .htaccess

Posted by T. Greg Doucette on Aug 4, 2010 in Technology

Spambots really frost my Wheaties… :mad:

Given the prevalence of Google indexing and the role links to a given site play in search rankings, “spamdexing” is something every blog author is going to face at some point or another. Basically spammers write scripts to leave fake comments on a sh*tload of blogs containing a bunch of links in an effort to boost the search engine rank for their own site.

I had taken a fairly laissez-faire attitude toward spammers since law:/dev/null started back in August, but after getting slammed with spam last month I decided that needed to change. So part of my delay in getting things posted last week (aside from just having a lot to edit) was the product of me dusting off some of my old Computer Science notes and getting intimate with some old spam-fighting techniques.

I’m not sure I’ve got it completely re-mastered, but I figure I’ve got things down enough that I can share some of that insight with y’all. Besides, it took me 6 years to finish a 4-year degree — I might as well put what I learned to some use :beatup:

The overwhelming majority of websites across the globe use the Apache HTTP server, a truly excellent, scalable and secure open-source web server. Odds are good your own blog is running on Apache right now1 and that means you have an effective anti-spam tool built-in using an .htaccess file.

Disclaimer: .htaccess and regular expressions are both powerful tools for web development — especially when they’re combined together. Be über-careful as you work on this file (and make back up copies) because mistakes or typos can basically make your blog totally inaccessible to everyone. I’m also assuming you have at least some familiarity with your own webserver; since I don’t know the specifics of your own setup, proceed at your own risk, caveat emptor, etc etc etc. Basically #dontsuemeplzkthxu ;)

.htaccess is a plaintext file used by the Apache web server to process access-related commands called directives. To create one, all you have to do is create a new plain text file (e.g. in TextEdit on my Mac, after opening a new file I go to Format > Make Plain Text), save it, upload it to your server via FTP or however you directly upload files, then rename it “.htaccess” (without the quotes).

There are all sorts of cool things you can do with .htaccess… but I’m only going to show you a small subset, so feel free to Google for the rest ;)

====================
1) FIRST LOCK DOWN YOUR SERVER…
====================

Certain files on your blog get accessed on the backend by the web server itself or by you via a command-line interface. They’re not the type of thing that should ever be viewable or accessible to the public through a web browser.

For example, you don’t want everyone being able to read your .htaccess file because they’ll know what you’re defending against… and, by implication, what you’re not defending against ;)

Here’s a quick code snippet to block access to these files:

############ PROTECT FILES ############
# This snippet prevents unauthorized access to certain
# core files like .htaccess as well as logs, scripts,
# and other things that can be exploited by spammers
#######################################
<FilesMatch “\.(htaccess|htpasswd|ini|phps|fla|psd|log|sh)$”>
order allow,deny
deny from all
</FilesMatch>

The “#” denotes a comment to the web server, so everything after that symbol is ignored.

The line is a function call, and the “|” works as an OR logical operator, So here the function is telling the web server to run the inner segment of code if any file request contains .htaccess or .htpasswd or .ini or .phps or .fla or .psd or .log or .sh.

That inner segment of code just says to deny all access to the file requested. Someone trying to access this file will get a “403 – Forbidden” error message.

Then the tells the server the function is done.

====================
2) …THEN REDUCE SERVER OVERSHARE
====================

Turns out overshare isn’t just a people problem: computer servers sometimes needlessly share too much information themselves.

On many installations, for example, whenever the Apache web server generates a document (e.g. a “403 – Forbidden” error message or a “404 – Not Found” error) it includes a line at the bottom listing the version of the web server and what modules are running. This Server Signature is designed to help folks accessing websites through proxy servers who might not be able to tell which site generated a given error. But it also lets spammers know what you’re running, and if for some reason you have out-of-date software — more common than you’d think — spammers will then know which security exploits they can use against your server.

This information is still relatively easy to figure out, but there’s no point in letting your server just offer it up willy-nilly ;)

The ServerSignature is usually off by default, but just in case you can use this code:

############ DISABLE SERVER SIGNATURE ############
# This snippet disables the server signature so the server
# is not volunteering data about itself that could be useful
# to spammers in determining what attacks would work best
##################################################

ServerSignature Off

This just tells the Apache web server to shut off its ServerSignature. Very simple. :)

====================
3) BAN REMOTE COMMENTS
====================

In WordPress, leaving a comment accesses the wp-comments-post.php file. Some spammers will try to access this file without ever actually visiting your site.

You can stop these kind of non-local comments with the following code snippet:

############ NON-LOCAL COMMENT BAN ############
# This snippet prevents spammers from directly accessing
# the wp-comments-post.php file. In order to leave a comment
# a spammer must be “in” your domain by visiting your site.
###############################################
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} ^/?wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !^http://www\.yourdomaingoeshere\.com [NC,OR]
# RewriteCond %{HTTP_REFERER} ^-?$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^-?$
RewriteRule .* – [F,L]

The 1st line is a function call that checks if you have the mod_rewrite Apache module installed and running; odds are you do, but it’s good to check just in case. The 2nd line tells Apache to turn on the URL ReWrite engine.

The next 4 lines cover the conditions that must be met for the URL rewrite command to be executed: (1) the spammer must be trying to POST data,2 (2) the POST data must be going directly to the wp-comments-post.php file, and either (3) the POST attempt is not coming from your domain itself (the “NC” in brackets means the URL is not case-sensitive) or (4) the commenter is using a browser that does not have a HTTP_USER_AGENT programmed.3

Assuming that batch of conditions are met — 1 and 2 and (3 or 4) — the ReWriteRule line is executed. In this case the poster gets a 403 Forbidden error when the comment is submitted (the “F” in the brackets) and the ReWriteEngine stops processing because this is the last command (the “L” in the brackets).

You can also uncomment the line I included that blocks people from posting if there is an empty HTTP_REFERER field also. I left this one out because some security programs intentionally send blank referrer info so you don’t know what website someone is coming from, but if you don’t mind the risk of blocking those folks you can enable that rule as well.

====================
4) BAN SPAMMERS
====================

This is the real “meat and potatoes” of the .htaccess file as far as WordPress spam goes, and in my tests over the past couple weeks it’s been highly effective.

Although you can find tutorials online using the ReWriteEngine for this, similar to the non-local comment ban in #3 above, I’m personally a fan of using Apache’s environment variables. Since the objective of spamdexing is to increase rankings in search engines, spammers usually leave referrer code in your logs that you can use to ferret them out and stop them from ever coming back.

Here’s the code snippet:

############ SPAMMER BAN ############
# This snippet uses environment variables to ban spambots
# that come to your site with certain characteristics, such
# as Referer code from a spam-y site
#####################################

SetEnvIfNoCase Via badproxy spambot
SetEnvIfNoCase Referer badspammer1.com spambot
SetEnvIfNoCase Referer badspammer2.ru spambot
# […add as many of these lines as you have bad referrers…]
SetEnvIfNoCase User-Agent ^Bad.Spammer.Browser1 spambot
# […add as many of these lines as you have bad User-Agents…]

order allow,deny
deny from env=spambot
deny from 0.0.0.0
deny from 255.255.255.255
# […add as many of these lines as you have bad IP address not blocked by referrer bans…]
allow from all

So here’s the way this works. If you see a comment from a spam website or you notice a spamming User-Agent in your logs, you create an entry for it like in the first paragraph.

SetEnvIfNoCase tells Apache to create an environment variable if the given characteristic exists. So, in this example, if a spammer is coming from badspammer1.com Apache will create an environment variable called “spambot”.4

Down in the second paragraph, it will deny access to your site from that referrer since the “spambot” variable is true.

Also in this section, you can deny access from specific IP addresses as well if you notice the same IP producing the same spam over and over. For example, earlier this week I had a handful of compromised PCs leaving me spam comments with fake URLs (meaning the Referrer info was useless) and no common User-Agent I could ferret out of my logs. So I just blocked their IP addresses.

Blocking IPs is a bit extreme since they can be dynamically assigned and may end up belonging to a legitimate commenter days later, so if you do block an IP address I’d suggest commenting it out with a “#” after a couple weeks just in case. You can always un-comment it if the spamming picks up again. :)

====================
5) BAN HOTLINKERS
====================

Hotlinking is the process of taking a URL of where an image is hosted and pasting it into your own page. This is particularly common on message boards where folks post images they see around the web. When you hear people talk about “bandwidth theft”, hotlinking is the action that leads to it. Basically people are loading the image from your own server without ever visiting your site.

I’ve always taken a fairly permissive view toward hotlinking, mostly because I generate a lot of tables and graphs that I’m perfectly fine with other people using — and if they use them, I’d like to see in my logs where they’re using them ;)

But sometimes you get someone hotlinking an image that is loaded so many times (like on a super-busy forum) that your server chokes or you use all your bandwidth for a given month or you get a nastygram from a server administrator for hogging system resources. That’s what happened to me earlier this month :( So using the same environment variables approach for banning spammers I wrote up a blacklist for banning certain excessive hotlinkers.

Here’s the code snippet:

############ HOTLINK BAN ############
# This snippet prevents hotlinks to files in your local domain
# to prevent others from stealing your bandwidth (almost always
# used for picture files).
#####################################
SetEnvIfNoCase Referer badhotlinker1.com hotlinkers
SetEnvIfNoCase Referer badhotlinker2.ru hotlinkers
#[…add as many of these lines as you have hotlinkers…]
<FilesMatch “\.(png|jpg|jpeg|gif|bmp|swf|flv|pdf)$”>
order allow,deny
deny from env=hotlinkers
# ErrorDocument 403 /somedirectory/nohotlinking.gif
allow from all
</FilesMatch>

My current anti-hotlinking pic. It needs work.

We create the environment variable “hotlinkers” if someone is coming from a recognized domain where the image is getting hotlinked. We then use the FilesMatch directive (the same type we used in #1 up at the top) to see if they’re trying to load certain image files like .png, .jpg, .gif, and so on.

If they’re accessing those filetypes from the hotlinked domain, they’ll get a 403 Forbidden error instead.

And if you’re in an artistic mood, the commented line sends them to a custom 403 Forbidden error page — just uncomment it and in place of the hotlinked image they’ll instead see whatever you choose to put in its place. In my case I went with advertising for the blog :beatup:

—===—

Hope this helps any of you fellow blawgers who are tired of dealing with spam comments!  If you have any questions let me know in the comments — and if you’ve somehow been banned from commenting, send me an email5 ;)

And if you happen to be one of my CSC colleagues from NC State, please feel free to double-check my syntax and make sure I’ve got everything right :D

Have a great night y’all! :)

  1. If you’re not sure what webserver you’re on, check with your web administrator. []
  2. This is usually what happens when you submit a form online, contrasted with a GET submission where the data being submitted is embedded within the result URL itself. []
  3. This might, in very rare occasions, block a legitimate commenter. I’m not sure if it will ever happen but consider yourself forewarned :) []
  4. The default value for these is TRUE, but you can also type in “spambot=TRUE” if you’re a stickler for proper coding techniques. []
  5. My email address is located at the bottom of our About page ;) []

Tags: , , ,

 
3

Did someone say “competition”?

Posted by T. Greg Doucette on Aug 3, 2010 in The 2L Life

Earlier today one of the 3Ls at NCCU Law sent me an email asking if I’d be interested in teaming up with him for the Veterans Law Appellate Advocacy Competition sponsored by the United States Court of Appeals for Veterans Claims and the CAVC Bar Association.  The competition is almost-brand-new (last year was the first time it was held) and will be taking place in Washington DC in mid-October.

I was flattered to even be asked… but then had to check the email at least a dozen times to see if it was one of those TWEN group messages with multiple recipients, since I remembered (i) I’m barely a 2L, (ii) my grades aren’t that great, and (iii) I haven’t done anything related to moot court at all since I’ve been in law school :beatup:

My competition track record is also hit-or-miss. Sure sometimes things turn out better than expected, like when our 1L Trial Team made a run to the finals in the Kilpatrick-Stockton 1L Mock Trial Competition or when Alice in Wonderland snagged 3rd place in our annual Mary Wright Closing Argument Competition. But that gets counter-balanced by the bundle of #fail known as my performance in the ABA Client Counseling Competition, not to mention losing my race for SBA 1L Representative back in September.

But I said yes anyway, because God knows I’ll try anything once if it’s a competition :beatup:

So if any of you have any appellate advocacy tips or veterans law pointers, feel free to let me know ;)  Until then, have a great night! :D

Tags: , , , , ,

Copyright © 2021 law:/dev/null All rights reserved. Theme by Laptop Geek.
Find TDot on Twitter or on Google+.