Bug 152887 - wiki was spammed
wiki was spammed
Status: CLOSED NOTABUG
Product: Fedora Legacy
Classification: Retired
Component: General (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Fedora Legacy Bugs
http://www.fedoralegacy.org/wiki/
LEGACY
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-01-27 02:58 EST by Arnaud Abélard
Modified: 2007-04-18 13:22 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-04-12 13:48:54 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description David Lawrence 2005-03-30 18:31:01 EST
The fedora legacy wiki has been spammed and all the informations from the first
page was lost it was "Last edited on Thursday, January 27, 2005 12:17:32 am."



------- Additional Comments From deisenst@gtw.net 2005-01-31 03:09:02 ----

Created an attachment (id=978)
Spamming & DeSpamming over past 7 days

Unfortunately, the wiki seems to be constantly spammed...  I just cleaned it
the other day again.  As a matter of fact, it is spammed again already.

The attachment is a lynx listing of
   <http://www.fedoralegacy.org/wiki/index.php/RecentEdits?days=7>
that's showing the same cycle for the last 7 days.  

This is even more eye-opening:
   <http://www.fedoralegacy.org/wiki/index.php/RecentEdits?days=90>

I wonder if there is something we can do to make the wiki harder to spam??
Can we, say, configure it to reject POSTS from certain IPs or IP ranges?
(If we're running Apache on fedoralegacy.org, I know it can be done somehow.)



------- Additional Comments From b.pennacchi@istc.cnr.it 2005-02-04 03:07:47 ----

just 2 links as food for thought:

<http://phpwiki.sourceforge.net/phpwiki/WikiSpam>

<http://phpwiki.sourceforge.net/phpwiki/SpamAssassinIntegration>
(this one at this moment looks like overkill, since our spammers insofar just
spew out a long and boring list of URLS)

All in all, maybe just upgrading phpwiki to the first version issued after 06
December (that has in it the limit on the number of links per edit) will help us
tone down those linkspammers...




------- Bug moved to this database by dkl@redhat.com 2005-03-30 18:31 -------

This bug previously known as bug 2403 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=2403
Originally filed under the Fedora Legacy product and General component.

Attachments:
Spamming & DeSpamming over past 7 days
https://bugzilla.fedora.us/attachment.cgi?action=view&id=978

Unknown priority P2. Setting to default priority "normal".
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.

Comment 1 Arnaud Abélard 2005-03-31 02:29:35 EST
Using the rel=nofollow trick won't stop the spammings but will make them useless
and by the time spammers get bored every wiki in the world will have been
spammed at least 100 times.

The only effiscient ways to stop spammers is either to use an authentification
system with a simple registration or use a captcha test
(http://en.wikipedia.org/wiki/Captcha), even though those tests aren't always
usefull (http://sam.zoy.org/pwntcha/).

another way could be to rename the wiki's default pages to defeat the
spam-robots or change the forms' variables... 

PS: i just noticed the wiki has been updated.. unfortunately it's also broken:
lib/WikiDB/backend/PearDB.php:32: Fatal[256]: Can't connect to database:
wikidb_backend_mysql: fatal database error

    * DB Error: unknown error
    * ( [nativecode=Commands out of sync; You can't run this command now] **
mysql://legwik:XXXXXXXX@unix(/var/lib/mysql/mysql.sock)/legacywiki)
Comment 2 Matthew Miller 2005-04-12 13:48:54 EDT
We're planning to move to fedoraproject.org wiki space, which will either solve
this or make it a different sort of problem. Either way, this is a meta-issue
not a package bug, so NOTABUG seems appropriate.

Note You need to log in before you can comment on or make changes to this bug.