Tag Archives: America

Server issues

If you use our site frequently, you might have noticed that the servers have been less than reliable lately. I’ve been monitoring the logs (httpd, mysqld etc) to try and track the source of the server crashes down; it has been a hard slog as I’ve never done server maintenance regularly before. Several issues have come to light, and I’m not totally sure if the problems have been resolved. I therefore apologise for any further outages we suffer (always seems to be when I am away!) We have the servers monitored via pingdom (thanks to Andrew Larcombe).

Things that came out of the investigation were:

  1. Yahoo’s search spider was hammering our server constantly with a huge amount of activity which seemed to generate a slow query, send mysqld or httpd mad and then crash the server. This has infuriated our staff no end as the site is a live working tool via which they input their data about archaeological objects. I’ve blocked a couple of their spiders (via iptables) which seemed to do the most damage and then added User-agent: slurp Crawl-delay: 120 to the robots file on our server. It only seemed to have this issue with the findsdatabase URL. This month alone, their spider has taken 2.5GB of bandwidth for that site, and generated over 300,000 page requests for just finds.org.uk Is that wrong? I dunno….. 5% of your overall bandwidth in spider traffic?
    Although I did find that someone from the Pentagon seems to frequent our findsdatabase rather a lot.
  2. We’re getting probed for XSS vulnerabilities constantly by domains from Latvia and Russia, but their IP addresses seem to be hosted out of Marina del Rey, CA, America! (For example: 2.36.100.101 or 2.45.88.8)They try and see if they can redirect variables on your site by adding their URL to a query string. For example: http://www.iamamoron.com/?ID=http://holegirl.eclub.lv/.images/pictureofme?
    Now I’m not really interested in looking at the picture of someone from Latvia, with the domain name of holegirl. Haven’t you got better things to do?
    If you look around the web, there’s not much information about the eclub.lv domain hacking attempts; or at least not that I could find that was worthwhile reading.
    Their URL just goes to a 404 page with Cyrillic script which contains no malicious scripting that I can determine. However, I think I have sanitised all areas where there might be XSS vulnerabilities. I of course might well be wrong about the above. I guess you can use your .htaccess file to prevent http:// query strings, but I haven’t had time yet to figure this out. If anyone can give me a pointer, would be most grateful!
  3. We’ve also got a problem with a couple of SQL queries that were written by our former suppliers OAD, that constantly run slow. I’ve removed the functions that generate these on the website where ever I can. Hopefully that fixes it.
  4. There’s also been a couple of instances where we had intrusions via the old wordpress systems. These holes were well documented and have been cleared up. If you run wordpress and haven’t updated yet, more fool you. Their founder Matt, writes a good piece about why you need to upgrade over at his blog.

I’m not a server guru, so no doubt I’ve done it wrong.

Update to this: I’m also seeing the following IP address 1.29.72.70, which guess what is from the same USA address, checking the wp-cron.php file anyone know what they’re up to?

Scheme mentioned elsewhere

Technorati logoThe Technorati search has produced a few interesting hits over the last day or so. Two blogs in particular stand out with their standpoint on Illicit Antiquities trade. Derek Fincham talks about the return of Petroglyphs to their original home and finishes his commentary with:

The only real solution is to educate the public about the benefits of archaeology, why it is important, and how easy it can be to lose information from important sites forever. I think that is one of the biggest reasons why more nations should adopt the approach most of the UK has taken with the Portable Antiquities Scheme….

Over at the “Looting matters” blog, authored by David Gill of Swansea University, he talks about our aims and achievements and finishes off with:

So lobby groups in America should be cautious about citing PAS as the cure for looting (see comments by Peter Tompa and Dave Welsh): PAS is encouraging dialogue and I feel optimistic. What finds continue to go unrecorded? How many archaeological sites continue to be destroyed though deliberate looting?

I meant to also write about the Cranky Professor and his love of the Scheme! I’m actually pleased that someone is making use of the tag cloud! As it is a short post, here it is in full:

I’m playing with the PAS database artefact cloud. Click and see. It’s a big list of words that reflect the finds – the bigger the words, the more of that kind of object people have found. Coin is biggest (71063 entries), but I clicked on badge, of course. 251 entries. That takes you to the database – click on a header to resort – for instance, click on COUNTY to see finds localized, or TYPE to sort between badge and pilgrim badge. Then click on the individual entries to see pictures and information! Oh my!

I love modern living!

Recently we’re starting to see more people discussing what the Scheme is up to, and some of the things we’re trying to achieve. Maybe we’ll see more of this once I have rebuilt the database to allow for reuse of our data via web services.

Archaeology and Poker – an unlikely combo

The latest edition of Archaeology magazine from America has just run a story relating to the US military trying to raise the awareness of it’s troops towards archaeology in the territories that they are currently occupying.

To read more about this intiative, there’s two webpages that expand on this idea:

Archaeology magazine
Washington Post

Solitaire cards - US military copyright

More magazine coverage/ database upgrades

The Scheme’s websites are currently being featured in several magazines. These include:

  1. The Searcher
  2. Treasure Hunting
  3. Current Archaeology
  4. British Archaeology
  5. Archaeology

The recent edition of Current Archaeology, issue 201, mentions the London FLO Faye Simpson and alludes to her job with us by mentioning her status. However, that is about all the coverage we get in that article. The majority of this focuses on the success of the Shoreditch community project. This used local people to get in touch with their communal heritage, which changed irrevocably during the blitz period of the second World War.

This magazine also features a short article about the PAStexplorers site, and a scan of this is available in our gallery. Click on the thumbnail below to read it properly.
media/pastexp.jpg
It is nice to see so much positive feedback about the child friendly site that I developed with Cei and various other members of our staff. Let’s hope it starts to be used furiously by the teaching fraternity!

Archaeology magazine from America, doesn’t give us that much coverage, except to feature photos of important objects. This month they feature the sword and sandals, g string fragment from Piercebridge in the North East. So little pants always get the news.

As for Searcher and Treasure Hunting, they both feature snippets about what we get up to, but Treasure Hunting is about to launch a round up of detected finds of note that have been nominated by the archaeologists that work for the Scheme.

Tomorrow sees our database upgrade programme continuing, with the last batch of the commissioned changes from OAD being put into place. This will enable the HER community to download their own regional data, without hassling me. Huzzah I say! Should lighten my work load considerably when that is out of the way and I don’t have to manipulate .csv files for them. This makes use of the XML schema developed my FISH, but should be a first for the heritage community in this country.