Puppy Linux Discussion Forum

HairyWill · Joined: 26 May 2006 Posts: 2949 Location: Southampton, UK

the database connection details should be wikka.config.php

JaDy · Joined: 04 May 2005 Posts: 156 Location: SE PA USA

There is a way to undo a bad edit and prevent them.

Thanks to GuestToo for this (my re-wording):
Click the date at the bottom of the page for a list of the versions of the page and select the version desired.

The BootParms page was ruined so I reverted it to a previous version in this manner. And, to prevent unauthorized changes, I've put a list of known wiki editors in the Write ACL list box within Edit ACL. I've dont this to all my pages. Here's my current list:

BarryDavidKauler
BarryKauler
BlackAdder
CatmanDru
CrustyLobster
GuestToo
HairyWill
IanMul
JaDy
JeyRey
KethD
PuppianL

If you want to be added, please shout.

I know this is a headache to maintain but I can't think of a better way. I had done this in a previous year and for some reason (unknown, don't remember) had changed it to + (registered users) but the evil-doers got through. Evil or Very Mad

HairyWill · Joined: 26 May 2006 Posts: 2949 Location: Southampton, UK

Some pages are being edited but not damaged. I presume they are checking to see if their changes are reverted or not. Is it better to leave them alone and make it look like the page is not maintained or is it better to revert them?

As to the ACL it works but its a bit like locking the library doors to stop people stealing the books. My beef with this method is that if someone asks for write access it has to be granted on a page by page basis. (or an admin facility to apply an ACL mod to all pages)

I think that a better authentication method and an easy way for an admin to roll back changes are preferable.

Lobster · Posted: Thu 05 Jul 2007, 10:28 Post subject:

raffy · Joined: 25 May 2005 Posts: 4636 Location: Manila

I did a check of the config and CrustyLobster is admin. You must have some special powers over the wiki.

(The wiki database and directory setup was handled directly by Barry.)

Am quite afraid of making database changes (other than edit entries) through phpmyadmin. Maybe deletion of entry is better left to the wiki admin (so that the scripts will be able to complete the subsequent tasks).

Lobster · Posted: Thu 05 Jul 2007, 11:47 Post subject:

Hi Raffy

yes I am admin which gives me some abilities

BUT I do not have access to the SQL database (which is separate) which is the only way to delete users

I do not have access to servage directly

If you are worried about making a mistake, do a backup first

Someone seems in there now as the wiki is down

Many thanks

Smile

jimhap · Joined: 03 Mar 2007 Posts: 63

just wondering- how come you don't use MediaWiki? Does it have more bugs or something? Question

Wolf Pup · Joined: 27 Apr 2006 Posts: 637

When will the wiki be available again?

raffy · Joined: 25 May 2005 Posts: 4636 Location: Manila

Hmm, Barry must have changed the password, so I updated the config file. The wiki is available again.

Re: mediawiki - it is not as small and fast as wikka.

John Doe · Joined: 01 Aug 2005 Posts: 1689 Location: Michigan, US

HairyWill · Joined: 26 May 2006 Posts: 2949 Location: Southampton, UK

I can't seem to find anything there on authentication

however this looks good for rolling back changes
http://wikkawiki.org/DeleteSpamAction

If you go with the ACLs idea you can create groups. The implementation in the page below would allow you to create a page that defined the members of a group Every member of the group could be given write access to the page, so that they could add another user. If we had a second page where new users could put their names to be added to the editors group anyone already in the editors group could do it. This method does allow one editor to maliciously remove another editor from the editors group, not sure if this would be an issue.
http://wikkawiki.org/ACLsWithUserGroups

This system coupled with email notificationsfor all members of editors group for the WikkiEditors page and the MakeMeAnEditor page would allow new users to get added to the editors list in a few hours. Though every editor would receive 2 emails for each new user.
http://wikkawiki.org/NotifyOnChange

I've just realised that this system has a flaw if a spammer gets added to the editors list accidentally, they could remove all other users from the editors list. This would then require an admin to log in and fix the editors. This risk seems low and not catastophic as it can be repaired.

raffy · Joined: 25 May 2005 Posts: 4636 Location: Manila

OK, more than a thousand suspected spambots removed - it's good that my mouse is still working after that. Smile

Number of users is now down to 944 from close to 2,000.

Please PM me with the name of any more user posting spam in the wiki.

And Lobster, please be ready to hear complaints about missing user accounts, in case some people have used unusual usernames, and their accounts were deleted. Wink

My apologies. Embarassed

Lobster · Posted: Fri 06 Jul 2007, 05:49 Post subject:

Excellent. Many thanks Raffy.

Good ideas from HairyWill. Changes can now be rolled back HairyWIll

Also be aware that bots are still registering and I noticed some bots in that 944 list . . .

Very Happy

HairyWill · Joined: 26 May 2006 Posts: 2949 Location: Southampton, UK

done
I started at the bottom of recent changes and worked forwards, not sure how to go further back than that.

There were some pages created by bots that are now empty.

The referrers for RecentChanges seems to indicate that google is still indexing it.

raffy · Joined: 25 May 2005 Posts: 4636 Location: Manila