Results 1 to 5 of 5
  1. #1
    Join Date
    Jan 2005
    Location
    Scotland, UK
    Posts
    2,549

    Manage Free Image Hosts

    Manage Free Image Hosts

    Having a problem managing your free image host? Well i'm sorry but so many new free image hosts are poping up now adays, and then closing because they are not setup to handle abuse properly.

    If you plan on running one, you have to plan FOR abuse. The main way I am solving this now is by ACTIVE moderation, but in this little "guide" I will explain how to find and solve an abuse problem.

    So lets get started.

    First login to your server and check the load and so on.

    uptime
    16:22:15 up 67 days, 5:13, 1 user, load average: 1.30, 2.38, 2.70

    As you see this server is having a high load, if you have 2 processors then this should not worry you, but in this case it does not. So lets check out whats causing such a high load.

    top

    18340 root 15 0 4332 4088 3056 S 20.3 0.4 0:28 0 httpd
    16347 root 20 0 1316 1316 856 R 1.9 0.1 0:00 0 top
    1 root 15 0 112 84 56 S 0.0 0.0 0:04 0 init

    As we see, httpd is causing a very high load. On image hosting, it is a different way from any other host, as you know its going to be an abuse image. So just go straight and find out why, check your netstat output for ips with multiple connections, also understand this will only find forum posts with multiple images. In my experience its these boards that cause the main problem.

    netstat -an | grep :80 | sort | awk '{print $5}'

    You should see lots of ips, if you are unable to view them all at the same time you can either save to a file or use the | more command.

    netstat -an | grep :80 | sort | awk '{print $5}' >> file.txt
    netstat -an | grep :80 | sort | awk '{print $5}' | more

    Just for easy viewing, now its up to you to decide ips with lots of connections.

    In this example I will pick

    81.57.149.78:24225
    81.57.149.78:24226
    81.57.149.78:24229
    81.57.149.78:24232
    81.57.149.78:24236
    81.57.149.78:24237
    81.57.149.78:24241
    81.57.149.78:24265
    81.57.149.78:24238
    81.57.149.78:24224
    81.57.149.78:24231


    Now we want to see what this ip is viewing, this is on a cPanel server so it logs to /usr/local/apache/domlogs , yours may be different.

    Now ls -al, and get your sites name log, most commonly this will be your sites name. For our example we will use HostGeekZ.com , so lets view it for that ip.

    cat HostGeekZ.com | grep 81.57.149.78

    Your output will obviously be different, but I just picked 1 entry out of the entire things they accessed.

    69.241.239.147 - - [11/Jun/2005:16:28:05 -0500] "GET /Uploads/Images/DDS1.jpg HTTP/1.1" 200 3677 "http://www.fmforums.co.uk/forums/index.php?showtopic=30783" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"


    Now this tells us they where on http://www.fmforums.co.uk/forums/ind...howtopic=30783
    viewing /Uploads/Images/DDS1.jpg , which just so happens to be a R-Rated pictures, so we will go ahead and block the ip, remove the picture(s), and block this board from hosting pictures.

    So lets ban the ip first.

    iptables -I INPUT -s 81.57.149.78 -j DROP

    Please read more about iptables by typing `man iptables`, you can block them in your firewall and so on, I just prefer to use iptables.

    Now we want to remove the offending images, commonly they use names that are offensive, or they use similar names for each, ie if it was called
    HostGeekZ1.jpg the next one will be
    HostGeekZ2.jpg and so on.

    So go to your images directory, in this case /Uploads/Images , and type ls -al | grep partofimage

    Again in this case DDS

    So we type

    cd /Uploads/Images
    [email protected] [Uploads/Images]# ls -al | grep DDS
    -rw-rw-rw- 1 nobody nobody 79379 Jun 9 13:51 DDS10.jpg
    -rw-rw-rw- 1 nobody nobody 77263 Jun 9 13:12 DDS11.jpg
    -rw-rw-rw- 1 nobody nobody 86064 Jun 9 13:55 DDS12.jpg
    -rw-rw-rw- 1 nobody nobody 92410 Jun 9 13:14 DDS13.jpg
    -rw-rw-rw- 1 nobody nobody 78852 Jun 8 11:04 DDS14.jpg
    -rw-rw-rw- 1 nobody nobody 151096 Jun 8 11:57 DDS15.jpg
    -rw-rw-rw- 1 nobody nobody 74239 Jun 8 11:06 DDS16.jpg
    -rw-rw-rw- 1 nobody nobody 88448 Jun 9 13:45 DDS17.jpg
    -rw-rw-rw- 1 nobody nobody 26334 Jun 9 13:47 DDS18.jpg
    -rw-rw-rw- 1 nobody nobody 23386 Jun 9 13:08 DDS19.jpg
    -rw-rw-rw- 1 nobody nobody 94533 Jun 8 10:58 DDS1.jpg
    -rw-rw-rw- 1 nobody nobody 71576 Jun 8 11:49 DDS20.jpg
    -rw-rw-rw- 1 nobody nobody 113142 Jun 8 11:49 DDS21.jpg
    -rw-rw-rw- 1 nobody nobody 115694 Jun 8 11:32 DDS22.jpg
    -rw-rw-rw- 1 nobody nobody 73786 Jun 8 11:35 DDS23.jpg
    -rw-rw-rw- 1 nobody nobody 90019 Jun 8 11:07 DDS24.jpg
    -rw-rw-rw- 1 nobody nobody 85559 Jun 8 11:08 DDS25.jpg
    -rw-rw-rw- 1 nobody nobody 90267 Jun 8 11:09 DDS26.jpg
    -rw-rw-rw- 1 nobody nobody 62937 Jun 8 11:10 DDS27.jpg
    -rw-rw-rw- 1 nobody nobody 110897 Jun 9 13:09 DDS28.jpg
    -rw-rw-rw- 1 nobody nobody 100796 Jun 9 13:56 DDS29.jpg
    -rw-rw-rw- 1 nobody nobody 117650 Jun 9 13:13 DDS2.jpg
    -rw-rw-rw- 1 nobody nobody 112640 Jun 8 11:48 DDS30.jpg
    -rw-rw-rw- 1 nobody nobody 83262 Jun 8 11:11 DDS31.jpg
    -rw-rw-rw- 1 nobody nobody 75244 Jun 8 11:38 DDS32.jpg
    -rw-rw-rw- 1 nobody nobody 59799 Jun 8 11:12 DDS33.jpg
    -rw-rw-rw- 1 nobody nobody 74584 Jun 9 13:11 DDS34.jpg
    -rw-rw-rw- 1 nobody nobody 69370 Jun 8 11:39 DDS35.jpg
    -rw-rw-rw- 1 nobody nobody 59303 Jun 9 13:53 DDS36.jpg
    -rw-rw-rw- 1 nobody nobody 59579 Jun 8 11:40 DDS37.jpg
    -rw-rw-rw- 1 nobody nobody 62455 Jun 8 11:13 DDS38.jpg
    -rw-rw-rw- 1 nobody nobody 73577 Jun 8 11:14 DDS39.jpg
    -rw-rw-rw- 1 nobody nobody 131005 Jun 8 11:00 DDS3.jpg
    -rw-rw-rw- 1 nobody nobody 58353 Jun 9 13:54 DDS40.jpg
    -rw-rw-rw- 1 nobody nobody 59911 Jun 8 11:37 DDS41.jpg
    -rw-rw-rw- 1 nobody nobody 97460 Jun 8 11:47 DDS42.jpg
    -rw-rw-rw- 1 nobody nobody 79794 Jun 8 11:36 DDS43.jpg
    -rw-rw-rw- 1 nobody nobody 59581 Jun 8 11:15 DDS44.jpg
    -rw-rw-rw- 1 nobody nobody 62545 Jun 8 11:56 DDS45.jpg
    -rw-rw-rw- 1 nobody nobody 65845 Jun 8 11:16 DDS46.jpg
    -rw-rw-rw- 1 nobody nobody 79255 Jun 8 11:17 DDS47.jpg
    -rw-rw-rw- 1 nobody nobody 63742 Jun 8 11:19 DDS48.jpg
    -rw-rw-rw- 1 nobody nobody 58574 Jun 8 11:46 DDS49.jpg
    -rw-rw-rw- 1 nobody nobody 91315 Jun 8 11:28 DDS4.jpg
    -rw-rw-rw- 1 nobody nobody 54508 Jun 8 11:41 DDS50.jpg
    -rw-rw-rw- 1 nobody nobody 69161 Jun 9 13:49 DDS51.jpg
    -rw-rw-rw- 1 nobody nobody 55934 Jun 9 13:53 DDS52.jpg
    -rw-rw-rw- 1 nobody nobody 65362 Jun 8 11:42 DDS53.jpg
    -rw-rw-rw- 1 nobody nobody 63869 Jun 8 11:44 DDS54.jpg
    -rw-rw-rw- 1 nobody nobody 55224 Jun 9 13:11 DDS55.jpg
    -rw-rw-rw- 1 nobody nobody 57968 Jun 9 13:46 DDS56.jpg
    -rw-rw-rw- 1 nobody nobody 64196 Jun 9 13:52 DDS57.jpg
    -rw-rw-rw- 1 nobody nobody 60958 Jun 9 13:10 DDS58.jpg
    -rw-rw-rw- 1 nobody nobody 72166 Jun 9 13:50 DDS59.jpg
    -rw-rw-rw- 1 nobody nobody 70411 Jun 8 11:58 DDS5.jpg
    -rw-rw-rw- 1 nobody nobody 67154 Jun 9 13:48 DDS60.jpg
    -rw-rw-rw- 1 nobody nobody 61261 Jun 8 11:20 DDS61.jpg
    -rw-rw-rw- 1 nobody nobody 70026 Jun 8 11:45 DDS62.jpg
    -rw-rw-rw- 1 nobody nobody 61694 Jun 8 11:55 DDS63.jpg
    -rw-rw-rw- 1 nobody nobody 56991 Jun 8 11:46 DDS64.jpg
    -rw-rw-rw- 1 nobody nobody 81813 Jun 8 11:21 DDS65.jpg
    -rw-rw-rw- 1 nobody nobody 69012 Jun 8 11:26 DDS66.jpg
    -rw-rw-rw- 1 nobody nobody 67735 Jun 9 13:44 DDS67.jpg
    -rw-rw-rw- 1 nobody nobody 100698 Jun 8 11:01 DDS6.jpg
    -rw-rw-rw- 1 nobody nobody 62545 Jun 9 13:03 DDS71.jpg
    -rw-rw-rw- 1 nobody nobody 151096 Jun 9 13:05 DDS72.jpg
    -rw-rw-rw- 1 nobody nobody 79372 Jun 8 11:30 DDS7.jpg
    -rw-rw-rw- 1 nobody nobody 99982 Jun 9 13:08 DDS8.jpg
    -rw-rw-rw- 1 nobody nobody 74809 Jun 8 11:03 DDS9.jpg

    As you see there are lots of offending images, lets just go ahead and remove them all.

    rm -rf DDS*.jpg

    They should now all be gone.

    [email protected] [/Uploads/Images]# rm -rf DDS*.jpg
    [email protected] [/Uploads/Images]# ls -al | grep DDS

    As you see it returns nothing. Now time to add this forum to our "block list", I personally use mod_rewrite.

    So in our .htaccess we just add
    RewriteEngine on
    RewriteCond %{HTTP_REFERER} ^http://(.*)fmforums.co.uk(.*)
    RewriteRule ^.*$ - [L,F]

    --

    To add multiple urls, ie to ban 6park.com which causes alot of problems we just add [OR]

    RewriteEngine on
    RewriteCond %{HTTP_REFERER} ^http://(.*)fmforums.co.uk(.*) [OR]
    RewriteCond %{HTTP_REFERER} ^http://(.*)6park.com(.*)
    RewriteRule ^.*$ - [L,F]

    ----------------------

    Well I hope this helps, you will just have to repeat the process for all offending images. This will mainly find adult boards, because this is the format they post in.

    -Written by HostGeekZ.com
    http://www.hostgeekz.com/guides/cPan...mage_Hosts.htm
    Server Management - AdminGeekZ.com
    Infrastructure Management, Web Application Performance, mySQL DBA. System Automation.
    WordPress/Magento Performance, Apache to Nginx Conversion, Varnish Implimentation, DDoS Protection, Custom Nginx Modules
    Check our wordpress varnish plugin. Contact us for quote: [email protected]

  2. #2
    Join Date
    Mar 2005
    Location
    North Carolina, USA
    Posts
    173
    This is a very good guide.. I've been playing around with the idea of an image host (and writing an image hosting script), and this is some useful information.

    Thanks

  3. #3
    On my imagehosting site I exclude nudity and use software like this to drill through my uploaded folders for anything against the rules or illegal. They simply scan for imagry with a certain RGB value of skin tones and kick out a thumbnail list to review

    rmsft.com/pif/screenshots1.html

    an alternative:

    hyperdynesoftware.com

  4. #4
    non of these commands come out whit something on my FreeBSD 5.4:

    netstat -an | grep :80 | sort | awk '{print $5}'

    netstat -an | grep :80 | sort | awk '{print $5}' >> file.txt
    netstat -an | grep :80 | sort | awk '{print $5}' | more

    cat HostGeekZ.com | grep 81.57.149.78

    Any one who can give a little help?

  5. #5
    Join Date
    Apr 2006
    Location
    Jacksonville, FL
    Posts
    498
    Great guide. Appreciate it.


    Is there any way to disallow url's from linking to photos with a certain name or phrase in it? Like "toplist", "topsites", etc?
    Last edited by xxkylexx; 07-13-2006 at 01:04 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •