On Fri, 23 Nov 2012 05:22:29 -0500
TJ Frazier <[email protected]> wrote:
> On 11/23/2012 04:20, jan iversen wrote:
> > I am happy for the help, Clayton has already giving me lot of information,
> > instead of me having to dig it out. It is also securing to have a helping
> > hand in the background who know our wiki very well.
> >
> > Is there a gentle way, to make Infra do the last bit, so I can get access,
> > as far as I can see it is 2 simple things:
> > - Copy my ssh public key to the wiki server
> > - Provide the mysql root password
> >
> > I am a bit afraid of this long US weekend, and hope we do not have to wait
> > until next week.
> >
> > Jan.
>
> Report from the trenches: the spam is getting no worse, but no better
> either. The wonderful crew of volunteers (I play only a small part) is
> getting it all. Max spam page lifetime is about an hour; typical is only
> a few minutes. We may be humans fighting bots, but we're winning — or at
> least not losing. ("John Henry said to the captain ...") I also fear the
> long weekend.
>
> The urgent items I see, first = most important:
> 1) "invitation only" fix to LocalSettings.php. This turns off the faucet.
> 2) SQL delete of all unused accounts (no contributions in any space).
> This eliminates the spammers' backlog of new accounts, so we sysops
> don't have to block them one at a time. This will hit a lot of old
> accounts, too. Good; that's overdue. It is possible that a few
> legitimate accounts could be hit, but contributors normally go right in
> and fix something, and/or create their user pages, so those accounts
> should be exempt.
>
> Other items can be dealt with at leisure:
> 3) Deleting all blocked accounts, the blocks themselves, and any
> associated deleted pages. This is a trash clean-up. It removes any
> backscatter left over from the anti-spam effort, and recovers a minor
> amount of space.
> 4) Upgrades, extensions, better spam prevention, &c.
>
> /tj/
>
> >
> > On 23 November 2012 09:00, C <[email protected]> wrote:
> >
> >> On Fri, Nov 23, 2012 at 1:16 AM, Andrea Pescetti <[email protected]>
> >> wrote:
> >>> Thanks Clayton, you probably know the inner details of our Mediawiki
> >>> configuration better than most people here, so it is great that you are
> >>> going to coordinate with Jan to neutralize this attack.
> >>
> >>
> >> Jan will be leading the defense. I'll be hanging around more in the
> >> background trying to explain why things are wonky with historical
> >> configuration :-)
> >>
> >> The Spam problem can definitely be delt with... just takes a bit of
> >> time to sort things out, do a few upgrades and a few configuration
> >> tweaks.
> >>
> >> Meanwhile anyone with current Wiki Admin rights is welcome to scan the
> >> "Recent changes" on the Wiki once in a while and:
> >> - Delete Spam pages (created 1 page every 2 minutes on average)
> >> - Block the spam accounts (I would suggest that you do not block IP
> >> address, a check box on the block page, because you risk blocking
> >> legit users on dynamic IPs)
> >>
> >>
> >> Clayton
> >>
> >
>
>
>
I suggest locking the page "for maintenance" for the long w/e.
--
Rory O'Farrell <[email protected]>
