On Wed, Jul 28, 2010 at 12:11 PM, Hiram Clawson hiram@soe.ucsc.edu wrote:
Our wiki site suffered a spam attack this weekend. (version 1.13.0) The attack evidently had some method to work-around the new account Captcha barrier, and the authorized user email allowed to edit setting.
Which CAPTCHA plugin are you using? What do you mean by "the authorized user email allowed to edit setting"? $wgEmailConfirmToEdit?