Menu

Wiki spam

Website
2005-10-25
2013-04-08
  • Kevin O'Rourke

    Kevin O'Rourke - 2005-10-25

    The wiki seems to be suffering badly from spam, I just reverted the main page to the last pre-spam revision.

    Is there an easy way to revert to an old version?  I just copied the source for the old one and pasted it in as a new edit.

     
    • Thomas Hansen

      Thomas Hansen - 2005-10-25

      On 10/25/05, SourceForge.net <noreply@sourceforge.net> wrote:
      >
      > Read and respond to this message at:
      > https://sourceforge.net/forum/message.php?msg_id=3398279
      > By: kevin_i_orourke
      >
      > The wiki seems to be suffering badly from spam, I just reverted the main page
      > to the last pre-spam revision.
      >
      > Is there an easy way to revert to an old version?  I just copied the source
      > for the old one and pasted it in as a new edit.

      Thanx, I just ran a "tracert" to the IP and I think he thanked me with a DOS attack!!
      Bastard &%%& asshole spammer!!!!

      I think he is located in Rumania (tracert returned .ru)
      Is there someway to stop this guy from doing what he des??
      Blocking IP in Wiki setup??
      (Jared...??)

      .t

       
    • Nobody/Anonymous

      I don't know how much control you have over the server hosting the wiki but here are some suggestions:

      1.  use Shorewall.  this non-gui tool makes it *very* easy to manage iptables and provides many simple tasks from command-line such as banning an ip address or viewing activity reports. there's even a blacklist file available if you want to permanently ban an ip address.

      2.  use mod_evasive.  it is very effective against dos attacks targetting web servers

      3. use mod_security. it prevents most known attacks against Apache and can be configured very easily to block specific new attacks

      4. as last-resort, use mod_geoip.  if none of your legit users are from a specific country, and you keep getting attacks from that country, then banning a country for 1+ hour might be sufficient in getting the attacker bored enough to move on.  this isn't recommended unless the problem is severe.

       
      • Jared

        Jared - 2005-10-28

        All good ideas, but we have very little control over the server. We can only really use PHP/MySQL and .htaccess files (with major restrictions).

        I'm thinking of enabling mandatory logins.

         
        • Thomas Hansen

          Thomas Hansen - 2005-10-28

          Mandatory logins sounds like a GREAT idea!!
          I think you should go for that if you can!!

          .t

           

Log in to post a comment.