Hi,
On 23.11.2012 14:01, Oliver-Rainer Wittmann wrote:
Hi,
On 23.11.2012 13:47, jan iversen wrote:
A big thank to those fighting in the trenches !!!
I am still waiting for infra, but now I am available, so the minute I get
the mail I will be on to it, and change to "invite only".
The point list of tj will be my work order. But I hope that someone could
give infra a polite hint, that we really need this closed, infra must
install my ssh public key, and give the mysql root password.
You can reach ASF infra on irc://freenode/asfinfra
I am on this chat - may be I can pass your requests to them.
command "infrabot: beer" helps a lot in this chat with ASF infra ;-)
infra people just told me on irc the following:
"orw: if you see jani tell him he has access and can he please set up opie as
per."
"orw: Go and have a look at http://s.apache.org/opie to learn how to setup OPIE"
Best regards, Oliver.
Best regards, Oliver.
I will open a new thread later, with "wiki maintenance", so you all can
follow what is planned to happen (and when it happens).
Clayton pointed me to the "maintenance page" which contains loads of
valuable information.
jan
On 23 November 2012 11:47, Rory O'Farrell <ofarr...@iol.ie> wrote:
On Fri, 23 Nov 2012 05:22:29 -0500
TJ Frazier <tjfraz...@cfl.rr.com> wrote:
On 11/23/2012 04:20, jan iversen wrote:
I am happy for the help, Clayton has already giving me lot of
information,
instead of me having to dig it out. It is also securing to have a
helping
hand in the background who know our wiki very well.
Is there a gentle way, to make Infra do the last bit, so I can get
access,
as far as I can see it is 2 simple things:
- Copy my ssh public key to the wiki server
- Provide the mysql root password
I am a bit afraid of this long US weekend, and hope we do not have to
wait
until next week.
Jan.
Report from the trenches: the spam is getting no worse, but no better
either. The wonderful crew of volunteers (I play only a small part) is
getting it all. Max spam page lifetime is about an hour; typical is only
a few minutes. We may be humans fighting bots, but we're winning — or at
least not losing. ("John Henry said to the captain ...") I also fear the
long weekend.
The urgent items I see, first = most important:
1) "invitation only" fix to LocalSettings.php. This turns off the faucet.
2) SQL delete of all unused accounts (no contributions in any space).
This eliminates the spammers' backlog of new accounts, so we sysops
don't have to block them one at a time. This will hit a lot of old
accounts, too. Good; that's overdue. It is possible that a few
legitimate accounts could be hit, but contributors normally go right in
and fix something, and/or create their user pages, so those accounts
should be exempt.
Other items can be dealt with at leisure:
3) Deleting all blocked accounts, the blocks themselves, and any
associated deleted pages. This is a trash clean-up. It removes any
backscatter left over from the anti-spam effort, and recovers a minor
amount of space.
4) Upgrades, extensions, better spam prevention, &c.
/tj/
On 23 November 2012 09:00, C <smau...@gmail.com> wrote:
On Fri, Nov 23, 2012 at 1:16 AM, Andrea Pescetti <pesce...@apache.org
wrote:
Thanks Clayton, you probably know the inner details of our Mediawiki
configuration better than most people here, so it is great that you
are
going to coordinate with Jan to neutralize this attack.
Jan will be leading the defense. I'll be hanging around more in the
background trying to explain why things are wonky with historical
configuration :-)
The Spam problem can definitely be delt with... just takes a bit of
time to sort things out, do a few upgrades and a few configuration
tweaks.
Meanwhile anyone with current Wiki Admin rights is welcome to scan the
"Recent changes" on the Wiki once in a while and:
- Delete Spam pages (created 1 page every 2 minutes on average)
- Block the spam accounts (I would suggest that you do not block IP
address, a check box on the block page, because you risk blocking
legit users on dynamic IPs)
Clayton
