On Wed, Jul 28, 2010 at 12:11 PM, Hiram Clawson <hiram(a)soe.ucsc.edu> wrote:
Our wiki site suffered a spam attack this weekend.
(version 1.13.0) The attack evidently
had some method to work-around the new account Captcha barrier, and the
authorized user email allowed to edit setting.
Which CAPTCHA plugin are you using? What do you mean by "the
authorized user email allowed to edit setting"?
$wgEmailConfirmToEdit?