We've been attacked too - It also adds a long list of links to http://buy-ativan.fil.ph lower on the page.
we had:
$wgSpamRegex="/overflow:auto/";
in LocalSettings.php
but an extra space has been added after the ...overflow: auto....
so now we have both $wgSpamRegex="/overflow:auto/"; $wgSpamRegex="/overflow: auto/";
hope that helps
Paul
On 12/12/05, Sterling D. Allan sterlingda@pureenergysystems.com wrote:
PESWiki.com has been hit with an automated spam attack that circumvents
- requirement that edits be done only by logged-in users
- spamblock script that was installed.
It seems to target non-populated pages, such as talk pages and category pages and not-yet-built page links, and posts spam links from them.
It logs in as one user, then after a few hours, logs in as another user, and hits the same pages again.
So far today, I've been hit by three users.
It is not a mission critical attack inasmuch as the pages it is hitting are not high traffic pages, and it doesn't remove content, it only appends its spam links at the end.
Any ideas?
Sterling _______________________________________________ MediaWiki-l mailing list MediaWiki-l@Wikimedia.org http://mail.wikipedia.org/mailman/listinfo/mediawiki-l
-- Yellowikis is to Yellow Pages, as Wikipedia is to The Encyclopedia Britannica