On Wed, Jul 28, 2010 at 12:11 PM, Hiram Clawson hiram@soe.ucsc.edu wrote:
Good Morning MediaWiki Fans:
Our wiki site suffered a spam attack this weekend. (version 1.13.0) The attack evidently
had some method to work-around the new account Captcha barrier, and the
authorized user email allowed to edit setting. I'm curious if anyone
else has encountered such attacks and if there are new ways to block
bogus account creation.
--Hiram
We suffered such an attack and fortunately had OpenID login installed and so decided to disable native wiki account creation with this in LocalSettings.php
# Prevent new user registrations except by sysops $wgGroupPermissions['*']['createaccount'] = false;
Then updated http://wiki.sugarlabs.org/go/MediaWiki:Loginprompt to suggest that new users create accounts with an OpenID.
This has prevented the spam, but the server and database may still be under attack.
--Fred