Michael Koziarski wrote:
I have cleaned those now. I used Watir to visit the Edit screen for
every page, check the content for spam, and remove it if present.
If you can give us some regular expressions that you used with watir,
we may be able to protect the wiki with mod_security. This will at
least save us some grief while we look for a longer term solution.
Thanks - I'll send you those off-list. I've modified the Watir-based
solution to work from the Recently Revised list, back to the time I last
ran it... running it earlier today found 40 newly-spammed pages (and
they are starting to impersonate my spam-eater - or maybe they just copy
the previous updater's name)
While the pages were flashing by on Watir I saw some spam that didn't
match the patterns I'd picked up, so I am pressing on with something I
had on my to do list - counting the URLs in each page. I'll use this to
look for new signatures. (Just got those results into a spreadsheet.)
One spammer is still operating from 82.131.14.155 (34 changes yesterday).
While in normal use the removal of Wiki pages is not recommended (as it
would break bookmarks) this concern wouldn't apply to pages that were
created by spammers. (Also, empty pages wouldn't be very valuable to
bookmark.) Are you able to remove pages? If we can get the footprint of
the Wiki down a bit it will become easier to manage and monitor.
regards
Justin
_______________________________________________
Rails-core mailing list
Rails-core@lists.rubyonrails.org
http://lists.rubyonrails.org/mailman/listinfo/rails-core
