Curt, I run 3 Mediawiki instances and have major empathies for what you're facing.
I managed to - for the moment - solve the issue by using this extension: http://www.mediawiki.org/wiki/Extension:ConfirmAccount It does add to the admin workload - but if you tell 'em to include a call sign or something pertinent in the BIO, it's simple to add users. Been running this on all 3 Wikis now for about 3 years and it's made a huge difference. 73 On Thu, Jun 12, 2014 at 10:32 PM, Curt, WE7U <[email protected]> wrote: > > 633: The number of new Wiki users created during the first four days the > new Wiki was up, all via script-kiddie scripts. There was an even larger > number of new Wiki pages created, but thankfully they didn't modify ANY of > the existing Wiki pages so I could just delete them. I didn't delete the > new users, but blocked them from further use. Later I may try to delete > them from the database but may also have to fix up the database references > in that case. The Wiki S/W doesn't appear to have a way to delete users, > so it will have to be MySQL commands and/or scripts to get that > accomplished. > > I'm considering blocking any Wiki accounts that don't have a callsign in > the username or in the account's Wiki homepage. There may be script-kiddie > accounts still in there from previous years waiting to be activated. If an > account hasn't been used to edit any pages and shows no sign of being a ham > login, it's fair game to block it. It can be unblocked easily if someone > complains. > > Today I backed up the existing Wiki and upgraded it to the latest S/W > release. I'll be attempting to get Captcha's going for it: I know we all > hate them, but it's one of the few ways we have to combat Wiki vandalism. > I may also set up the Wiki so an admin must personally OK each new Wiki > login. Seems like a good idea anyway. Right now no new Wiki accounts can > be created by users logging in for the first time. > > I need to upload or restore the few images we're missing on the Wiki. > Mostly the SAR page. > > The firewall is up protecting the few open ports on IPv4 and IPv6. I > should probably recheck the IPv6 firewall rules again though. > > I set up "fail2ban" against the SSH port today, giving it a timeout of 1 > day. It's doing its job keeping the hackers at bay, at least slowing them > down dramatically. I may add static firewall rules later for some of the > subnets it is finding. > > The mailing lists are up, but reverse DNS against the IP address points to > the VM service provider's DNS name instead of the xastir.org machine > names. I submitted a trouble ticket to ask them to add records so that > reverse DNS will work. After that is done, the most restrictive mail > servers which are currently rejecting the list mail may start accepting it. > Most of the list email is going out just fine though. > > The NWS Data changes can wait a bit, as can the new release and possible > minor changes. I'll get to them when the new server is secure and running > well. > > Please test the Wiki and mailing list out and let me know of any problems > you're seeing. With solutions if possible! I'll continue to work on the > Postfix rules: I started out with them very strict and relaxed them a bit > last night. I'll probably tighten them up again after the reverse DNS > issues are fixed (not that the two issues have any real relation). > > For those of you who don't know, Chuck decided to pass the server baton > after MANY YEARS of service to the Xastir project. We should all thank him > for the time and hard work he put in, as well as the funding for the domain > and the server. One never realizes how much work it actually is until one > has to do it! > > -- > Curt, WE7U. http://wetnet.net/~we7u > APRS Client Capabilities: http://wetnet.net/~we7u/aprs_capabilities.html > _______________________________________________ > Xastir mailing list > [email protected] > http://xastir.org/mailman/listinfo/xastir > -- Casper ARC - W7VNJ www.casperarc.net <http://casperarc.net> <http://wyominghamcon.org> _______________________________________________ Xastir mailing list [email protected] http://xastir.org/mailman/listinfo/xastir
