On May 29, 2014, at 9:13 AM, Hynek Schlawack wrote: > So what *is* the status? The current state is really hardly bearable; the > spam is taking completely over. :( Wasn’t there a successful dry run at the > PyCon sprints?
I recently had a similar problem. I didn't realize a "one click install" on my shared provider for a private SVN repo created a public trac instance. there were nearly 1MM spam tickets in a 700MB sqlite database I ended up killing all tickets; but was able to use a raw sqlite3 connection on the db file to get in there and analyze the tickets ( and delete them ) Trac 1.0 has a spam filter -- http://trac.edgewall.org/wiki/SpamFilter Once upon a time, there was a mod_security plugin called ScallyWhack that was dedicated to Trac spam. It was officially supported by mod_security and still has a reserved rules range. unfortunately, it's disappeared off the net. I had to take my trac instance offline while working. my install was "known" to a few dozen botnets, and they kept hitting it. everything would lock up. if you can find any mod_security integration, I would strongly suggest using it -- because you can have the rules trigger an integration with fail_2_ban and just keep ip addresses/ranges from ever touching trac. _______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
