Re: Abusing your servers??

>> From: Mufasa Lodge <mufasa1@absamail.co.za>
>> 
>> I am the webmaster of my own website here in South Africa and proudly
>> present to the World your small icon W3 compliant to xhtml.
>> 
>> I tried to parse a webpage and to my surprise was told that I am spamming
>> and/or abusing your servers i.e. ...........

Your South African internet service provider apparently sends all it's
customers web traffic through a few proxy servers.

The problem, the abuse, is not from you specifically and not at all
related to your use of our valid icon.  The problem is some poorly
written software behind this proxy is incessantly requesting the same
resource from us XHTML 1.0 DTD specifically.

http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd

This is not only abusive against us but poorly architected and
inefficient when a cache or XML catalogue would be much better.  The
following resource explains the issue in more detail.

http://nwalsh.com/docs/articles/xml2003/

Your ISPs proxy is not caching, which it should as we give explicit
HTTP caching directives for this resource so it should not be
rerequested for 3 months, nor is the client requesting this resource.

Log excerpt:

196.209.251.2 - - [31/Jan/2007:23:44:50 +0000] "GET
/TR/xhtml1/DTD/xhtml1-transitional.dtd HTTP/1.1" 200 32111
"http://summermobileas/APM/Default.aspx" "Mozilla/4.0 (compatible;
MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"

>> Your IP address has been blocked from accessing our site for 24 hours due to
>> abuse.
>> 
>> The specific type of abuse we observed is: re-requesting the same resource
>> too frequently. Specifically, we received at least 500 requests for the same
>> resource (URI) from your IP address within a ten-minute time interval
>> 
>> I live in South Africa and a simple search with the WHO IS  IP address,
>> database will show that the particular Spamming IP address: - 196.209.251.2
>> is AFRINIC situated in Mauritius
>>
>> I have due to this sloppy [unprofessional] reaction from w3 decided to
>> remove your button [Icon] from my WebPages.

That is unfortunate and do hope you reconsider.  I do commend your
decision to make your web content valid and think that is something
worth pointing out and advocating as you do with the icon.

You may serve the valid icon directly from your site too if you wish.

[[ If you like, you can download a copy of this image (in PNG or GIF
format) to keep in your local web directory, and change the HTML
fragment above to reference your local image rather than the one on
this server. ]] http://validator.w3.org/check?uri=http://www.w3.org 

Please have your facts straight before making accusations as it is not
constructive nor professional.

>> Would it be possible to investigate and inform, or would you just not care
>> to react?

We do care about the greater community which is why, as I hope you can
understand, we need to take measures to ensure our site and all it's
resources can deflect abuse and remain available.

Would you, as the customer affected, be so kind as to redirect this
incident to your network provider who is responsible for the traffic
(abuse) coming through their proxies?  You are welcome to inform them
they may discuss this further with us if they wish.

196.209.251.2 nc7-rba-1a.cache.isnet.net

whois data:

      Administrative Contact, Technical Contact:
      The Internet Solution             dns-admin@IS.CO.ZA
      Internet Solution
      Private Bag x163
      Bryanston, Gauteng 2021
      ZA
      +27 11 575 0055 fax: +27 11 388 3425

You probably have a different customer support number.  The email
alias abuse@isnet.net may be effective as well.

Regards,

-- 
Ted Guild <ted@w3.org>
W3C Systems Team
http://www.w3.org

Received on Thursday, 1 February 2007 00:19:18 UTC