Hi,
The Referata problems were due to a security leak that has now been
identified and fixed. (It was not in MediaWiki itself, but rather in the
Site Settings extension - which I believe is only used on Referata,
fortunately.) There are still some problems, like wikis missing their
logos, but in general the running of the wiki farm is now back to normal, I
am very relieved to say.
-Yaron
On Sun, May 12, 2019 at 2:14 PM Amanda Quad <amandaquad(a)yahoo.com> wrote:
Hello,
Referata is still down/hacked/locked/not working.
I've looked into the issue more, and it appears that my initial conclusion
that the hacker was a globally locked and enwiki-banned WMF user was
incorrect. The hacker in question exposed the personal information of said
banned user, and I thought that they had outed themselves. My bad.
I did dig around a bit though trying to figure out who or what "Delicious"
was... the only thing that I found was
https://en.wikipedia.org/wiki/Delicious_(website) but I would highly
doubt that there's any connection to that since Referata and that website
don't appear to be even remotely similar.
-- Amanda
On Sunday, May 5, 2019, 8:36 PM, Amanda Quad <amandaquad(a)yahoo.com> wrote:
Hi Yaron,
It appears that the latest hack has quoted something from the Referata
Meta frequently asked questions regarding security (or lack thereof) as
their "justification" for hacking, so that may be something that needs to
be cleaned up.
Also, I do know who the current hacker is. At least from a non-sysadmin
perspective, when attempting to access Referata, an IP address is visible
in the lower right hand corner of the "Hacked by Delicious" message. There
is a string of capital letters in front of the IP address that just looks
like some random hash code, but in actuality is the former username (from
before a global rename) of a now-globally locked and enwiki-banned WMF user.
Additionally, I noticed that a user account by the name of "BEWARE HACKER"
with exclamation points on either side had been created on the Referata
main site/Meta wiki. I've noticed that the main site/Meta Wiki has
virtually been abandoned and as a result heavily spammed - you might want
to take a good look through the 30 day-500 changes recent changes display
once the wiki is up again and hand out some blocks/perform some deletions.
-- Amanda
On Sunday, May 5, 2019, 8:05 PM, Yaron Koren <yaron(a)wikiworks.com> wrote:
Hi Amanda,
Sorry about that. Yes, Referata is currently hacked, and has been hacked
repeatedly by someone in the last few days. No, Referata is not going away.
I had hoped this problem could have been fixed I already, but I'm hoping to
get it fixed soon, and to get rid of whatever security vulnerability
they're currently exploiting.
-Yaron
On Sun, May 5, 2019, 1:23 PM Amanda Quad <amandaquad(a)yahoo.com> wrote:
Hey everyone,
Does anyone know what happened to the Referata MediaWiki hosting service (
http://referata.com) - it seems to have died or something, as no site
hosted under Referata's domain name, nor the main "meta" website itself is
accessible. CC'ing Yaron Koren who I believe is the lead sysadmin of the
service. If we have indeed lost another free MediaWiki host, I will
definitely say that it is a major setback and has the potential to impact
many poeple. Too many free MediaWiki hosts have either died, had a change
of management and are now ad-spammed, and/or have become pay-only services.
-- Amanda
_______________________________________________
MediaWiki-l mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l