On Fri, Mar 11, 2011 at 6:56 PM, Andreas Kupries <andre...@activestate.com>wrote:
> I wonder, do you have auto-captcha active ? Maybe someone is able to handle > this button (JavaScript ?) > i did until 10 minutes ago, yes ;). auto-captcha If enabled, the Login page provides a button to > fill in the captcha password. Default: on > The irony of it is... LOL... oh, the irony is... it was me who originally added the auto-captcha option to fossil because i got sick of entering the password manually. It seemed reasonable at the time, but bots have apparently advanced since then. Now i've got some 20 others repos to go dig through and find out if they were violated... The spammer has been continually spamming that repo since February. There are hundreds of bogus wiki/ticket entries, but apparently no source code was tampered with. i've disabled both the auto-captcha and removed several access settings from the anonymous and reader users, but will also nuke the repo and re-import everything to avoid the bloat that a month of spamming has caused. i'm not sure how he wrote the wiki pages, but he overwrote every one of them. They were not committed using my account, and my account is the only one with wiki edit access. -- ----- stephan beal http://wanderinghorse.net/home/stephan/
_______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
