Voldemort attacks wiki

[Lobster]

This bot is using a genuine sounding name (with the same name as the page)
http://puppylinux.org/wikka/CamelCase

(have left the page unaltered to show that the page is not genuine editing)

Please remove the user CamelCase
Has the wiki been backed up?

This may herald a new form of abuse
Please keep an eye on 'recently updated' (top of wiki)
The only posts where user and page name should match is personal pages

I will (with apologies) be deleting some of these 'personal pages' that are only two lines or seem like 'tests'

If anyone feels like putting some kindly suggestions to wikka developers that their security needs updating and a major upgrade is overdue . . . that would be useful (remeber wikka is free - no one is entitled to development work - play nice)

http://wikkawiki.org/HomePage

We are two versions behind (in terms of wikka software) but I am using the latest wikka at tmxxine.com and experiencing similar problems to the puppy wiki

[John Doe]

(have left the page unaltered to show that the page is not genuine editing)

cool. thanks, i see now.

it's "spam via a twist of spew".

looks like an ingenius effort to get the google bot to bump their page rating (on some page up the pyramid) via lots of "link to's" on random forums and wikis.

google bot says, "WOW THESE MOFO"S GOT THE BITCHENIST RING TONES AND standing tall!!" DAMN!!!

[John Doe]

poisonous crap

that's strange. i didn't type that. i said "v1agra". looks like a regex got my funny all twisted up.

[raffy]

CamelCase and similar company were long gone - it's safe to delete those "poisonous links" now.

phpBB has a feature that substitutes phrases for some words.

[Lobster]

Wiki seems OK again
If there are any pages that you think need deleting (for what ever reason) let me know

Many thanks to everyone helping to sort this. We get wiki attacks aprox once per month. A bit of spam on pages, which I revert. It is normally a two day attack. This one extended to a third day and so required a bit more attention

[Lobster]

Just reverted "UsabilityIssues"

Wiki under attack . . . Death Eaters, spammers, unregistered users suspected . . .

Protect the women and muggles

http://puppylinux.org/wikka/RecentChanges

[raffy]

Lobster, can you set the access so that only registered users can post in the wiki? (if not, then I have to do it in the config file.)

[Lobster]

No

I have limited powers (and no cape)
You will have to set it raffy if possible

The problem is the wiki attacks are getting more frequent (they used to be about once a month and were easy to cope with)

[raffy]

The access control (ACL) in the config is correct - write and comments by registered users only. I wonder if some pages had revised ACLs from the past.

[Lobster]

I can change the ACL's manually - I did this with the breached sites and reverted them

[John Doe]

I don't own my page anymore

http://www.puppylinux.org/wikka/ShellScriptsExamples

[Lobster]

You do again
just changed it


(had to change for some reason due to recent attack - changed back again)

Any other pages I own you also want (or anyone wants) please ask

It is a while since I have put any of my pages in public ownership (no owner) because of any registered spammers

So anyone seeing public pages, please take ownership

Also any pages that are combined leaving a spare page
I can delete the superflous page

[John Doe]

thanks.

Any other pages I own you...

only have one and leave all others alone. the one i have is just my notes. figured rather than keeping them locally i'd try to share them.

thanks for the help.

[Lobster]

raffy

here is some potential code for blocking the spam
http://wikkawiki.org/SpamBlacklist

[Lobster]

An unregistered user
thaisimobiliaria34.static.gvt.net.br

placed some nonsense word on top of this page
http://puppylinux.org/wikka/ConvertingFormats

(I deleted the word) - check out page history if you are interested
The word is used as a locating beacon for a future spam attack by spam bots

Keep an eye out for this behaviour

[raffy]

Yeah, I wonder why unregistered users can make an edit. Probably, the wiki needs checking of page ACL (some pages that escaped scrutiny in the past).

[Lobster]

this can be done from the SQL database - which you have access to Raffy

I think there is a ACL section and then click on Browse - something like that . . .

also the following pages will be locked page index and comments as there is no reason to edit the
but I have seen spammers edit them to cover their tracks

http://puppylinux.org/wikka/PageIndex
http://puppylinux.org/wikka/RecentlyCommented

as these are often targeted (so you can not see what is happened - I will go and do that now - should be able to . . .

I have loosened ACL's for this page TalkingStickIdeas
but if the death eaters strike, then it will be tightened again . . .

[raffy]

Thanks, Lobster. I did a quick check and some pages can be commented by the public (*). Will have to set these to "registered-users only" (+).

[Lobster]

Will have to set these to "registered-users only" (+).

May have to do it again
Several pages have been attacked with spurious comments. This is normally the precursor for a deluge.

I will go through them and delete but that is normally the trigger for more . . .

[raffy]

I have reset the default comment ACL to registered users only. Admins, please take note. Thanks.