[zeromq-dev] Wikidot overrun by spammers

Luca Boccassi luca.boccassi at gmail.com
Sat Jun 10 16:05:30 CEST 2017


On Fri, 2017-06-09 at 18:32 +0100, Luca Boccassi wrote:
> Hello,
> 
> I've set the wikidot pages for zeromq to read-only for members for
> the
> moment, while I try to do some cleanup and restore. I've also
> disabled
> new members signup.
> 
> It's been overrun by spam bots.
> 
> Is there anything anyone else can do to tighten security?
> 
> Kind regards,
> Luca Boccassi

With a free membership there is no API access, so I had to do a lot
manually...

Anyway, I have now:

1) Restored all existing pages that had been vandalised
2) Removed and banned all users that registered on the 9th of June,
when the spam wave started
3) Removed _some_ of the new spam pages that had been created, but
there are hundreds and hundreds so it's impossible to do manually
4) Sent an email to support at wikidot.com asking for help with the new
spam pages
5) Filed a request for help with the new spam pages at http://spambotde
athwall.wikidot.com/

New member registration is still not freely open, but has to be
approved by an admin.

Write permissions for existing members have been restored, but in a
limited capacity. Members can:

1) Create pages
2) Edit pages
3) Upload files

Members cannot:

1) Delete pages
2) Move/rename pages
3) Replace/move/delete files

This should hopefully contain the worst vandalism if there is still
some spambot that escaped the ban wave.

Please let us know if the spam starts again, or if I missed some
vandalised pages.

Kind regards,
Luca Boccassi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20170610/f3c4f765/attachment.sig>


More information about the zeromq-dev mailing list