From time to time, we receive a message from Computing Services alerting us to user-generated spam on a site on the Contributed webserver.
Where we need to go to react to such cases depends on what we need to block:
To stop serving files due to their contents, look at www-node-1 and www-node-2
To stop serving CGI scripts due to misbehavior, look at contrib-cgi
User-level block
For pwnage that ISO is unhappy about we follow roughly the following script (stuff we notice doesn't have to be quite as drastic):
ssh contrib-cgi # or other appropriate machine(s) ksu cd /var/apache/andrew-contrib mv -i usr/<username> suspended/
...then send an email to the appropriate contact so they can fix it.
Also send a note to ISO along the lines of: "Thanks for the notice. We've suspended serving CGIs for this Andrew user on Contrib until they have resolved these issues."
Per-file blocking
If we can be more selective/strategic about what to block than a whole-user ban, edit /etc/apache2/main_vhosts/contrib.conf on both front-ends and add whatever Apache config directives are needed to have the desired effect. Make sure to block the file over both HTTP (port 80) and HTTPS (port 443); this requires editing two different sections of the conf file.
In particular, /etc/apache2/main_vhosts/contrib.conf has two sections (one for 80 and one for 443) under the comment:
# SPECIAL BLACK-HOLED FILES
# Leave a comment with your name, the date, and any INC references. Prefer
# to use HTTP 410 ("Gone") when it's more correct. Don't forget to
# black-hole the file for both port 80 and port 443 (two different sections
# of this conf file). Comment out old rules rather than deleting, to
# preserve the examples.…which, if people are following those instructions, should have some examples you can work from.