THANKS....would it not have been nice, if it was noted in the ticket... I am already looking at opie...so now I only need the mysql root password.
Jan On 23 November 2012 14:05, Oliver-Rainer Wittmann <orwittm...@googlemail.com > wrote: > Hi, > > > On 23.11.2012 14:01, Oliver-Rainer Wittmann wrote: > >> Hi, >> >> On 23.11.2012 13:47, jan iversen wrote: >> >>> A big thank to those fighting in the trenches !!! >>> >>> I am still waiting for infra, but now I am available, so the minute I get >>> the mail I will be on to it, and change to "invite only". >>> >>> The point list of tj will be my work order. But I hope that someone could >>> give infra a polite hint, that we really need this closed, infra must >>> install my ssh public key, and give the mysql root password. >>> >>> >> You can reach ASF infra on irc://freenode/asfinfra >> >> I am on this chat - may be I can pass your requests to them. >> command "infrabot: beer" helps a lot in this chat with ASF infra ;-) >> >> > infra people just told me on irc the following: > "orw: if you see jani tell him he has access and can he please set up opie > as per." > "orw: Go and have a look at http://s.apache.org/opie to learn how to > setup OPIE" > > Best regards, Oliver. > > > Best regards, Oliver. >> >> I will open a new thread later, with "wiki maintenance", so you all can >>> follow what is planned to happen (and when it happens). >>> >>> Clayton pointed me to the "maintenance page" which contains loads of >>> valuable information. >>> >>> jan >>> >>> >>> On 23 November 2012 11:47, Rory O'Farrell <ofarr...@iol.ie> wrote: >>> >>> On Fri, 23 Nov 2012 05:22:29 -0500 >>>> TJ Frazier <tjfraz...@cfl.rr.com> wrote: >>>> >>>> On 11/23/2012 04:20, jan iversen wrote: >>>>> >>>>>> I am happy for the help, Clayton has already giving me lot of >>>>>> >>>>> information, >>>> >>>>> instead of me having to dig it out. It is also securing to have a >>>>>> >>>>> helping >>>> >>>>> hand in the background who know our wiki very well. >>>>>> >>>>>> Is there a gentle way, to make Infra do the last bit, so I can get >>>>>> >>>>> access, >>>> >>>>> as far as I can see it is 2 simple things: >>>>>> - Copy my ssh public key to the wiki server >>>>>> - Provide the mysql root password >>>>>> >>>>>> I am a bit afraid of this long US weekend, and hope we do not have to >>>>>> >>>>> wait >>>> >>>>> until next week. >>>>>> >>>>>> Jan. >>>>>> >>>>> >>>>> Report from the trenches: the spam is getting no worse, but no better >>>>> either. The wonderful crew of volunteers (I play only a small part) is >>>>> getting it all. Max spam page lifetime is about an hour; typical is >>>>> only >>>>> a few minutes. We may be humans fighting bots, but we're winning — or >>>>> at >>>>> least not losing. ("John Henry said to the captain ...") I also fear >>>>> the >>>>> long weekend. >>>>> >>>>> The urgent items I see, first = most important: >>>>> 1) "invitation only" fix to LocalSettings.php. This turns off the >>>>> faucet. >>>>> 2) SQL delete of all unused accounts (no contributions in any space). >>>>> This eliminates the spammers' backlog of new accounts, so we sysops >>>>> don't have to block them one at a time. This will hit a lot of old >>>>> accounts, too. Good; that's overdue. It is possible that a few >>>>> legitimate accounts could be hit, but contributors normally go right in >>>>> and fix something, and/or create their user pages, so those accounts >>>>> should be exempt. >>>>> >>>>> Other items can be dealt with at leisure: >>>>> 3) Deleting all blocked accounts, the blocks themselves, and any >>>>> associated deleted pages. This is a trash clean-up. It removes any >>>>> backscatter left over from the anti-spam effort, and recovers a minor >>>>> amount of space. >>>>> 4) Upgrades, extensions, better spam prevention, &c. >>>>> >>>>> /tj/ >>>>> >>>>> >>>>>> On 23 November 2012 09:00, C <smau...@gmail.com> wrote: >>>>>> >>>>>> On Fri, Nov 23, 2012 at 1:16 AM, Andrea Pescetti < >>>>>>> pesce...@apache.org >>>>>>> >>>>>> >>>>> wrote: >>>>>>> >>>>>>>> Thanks Clayton, you probably know the inner details of our Mediawiki >>>>>>>> configuration better than most people here, so it is great that you >>>>>>>> >>>>>>> are >>>> >>>>> going to coordinate with Jan to neutralize this attack. >>>>>>>> >>>>>>> >>>>>>> >>>>>>> Jan will be leading the defense. I'll be hanging around more in the >>>>>>> background trying to explain why things are wonky with historical >>>>>>> configuration :-) >>>>>>> >>>>>>> The Spam problem can definitely be delt with... just takes a bit of >>>>>>> time to sort things out, do a few upgrades and a few configuration >>>>>>> tweaks. >>>>>>> >>>>>>> Meanwhile anyone with current Wiki Admin rights is welcome to scan >>>>>>> the >>>>>>> "Recent changes" on the Wiki once in a while and: >>>>>>> - Delete Spam pages (created 1 page every 2 minutes on average) >>>>>>> - Block the spam accounts (I would suggest that you do not block >>>>>>> IP >>>>>>> address, a check box on the block page, because you risk blocking >>>>>>> legit users on dynamic IPs) >>>>>>> >>>>>>> >>>>>>> Clayton >>>>>>> >>>>>>>
