Menu
▾
▴
Re: [Phpwiki-talk] forum.php spam pages
|
From: Reini U. <ru...@x-...> - 2008-08-13 18:39:57
|
[oops, wrong list initially] Reini Urban schrieb: > Philip J. Hollenback schrieb: >> Please approve the message I posted to phpwiki-talk a couple days ago: > > Sorry, I don't see your message in my admin interface which goes back to > middle of July. > >> Begin forwarded message: >>> From: "Philip J. Hollenback" <ph...@po...> >>> Date: August 10, 2008 9:39:01 AM PDT >>> To: php...@li... >>> Subject: forum.php spam pages >>> >>> I've got my phpwiki (www.hollenback.net) locked to all users except >>> myself for adding or editing pages. However, some spammer continues >>> to exploit some phpwiki bug or error in my config to create bogus >>> forum.php pages. These pages just contain lists of spam lnks. One >>> gets created about once a week. >>> >>> Is anyone else seeing this, and any suggestion for how I can fix it? >>> I know this is vague but I'm not sure where the hole is. I've had my >>> wiki running for quite a while with no problems so my first suspicion >>> is this is exploiting a hole in phpwiki. Please remove lib/plugin/AddComment.php, lib/plugin/WikiBlog.php and lib/plugin/WikiForum.php. These plugins can be used by spammers. -- Reini Urban http://phpwiki.org/ http://murbreak.at/ |
