--- Sj 2.718281828@gmail.com wrote:
The Main Page on en: was vandalized yesterday, when a penis image remained on the page for many minutes. It was vandalized again today -- a goatse image remained there for almost /20 minutes/.
What we need is the ability to protect pages pages/images with expiry times (just like with blocks). That way any image linked from the Main Page can be protected for the limited amount of time and nobody has to worry about unprotecting it. Doing this automatically whereby any image that is displayed on a protected page even via a template is autoprotected while this is the case, would be better. But this would very likely a huge drain on the servers.
I'd also would really like to see uploads be limited to users accounts that have been around for more than 0 edits and 0 days (100 edits and/or 30 days sounds good to me). This would at least make it much more time-consuming to perform any similar attack in the future (not to mention give people time to learn the dos and don'ts of image uploads and tagging).
- Code: add an 'emergency mode' that redirects all visitors to a
static read-only snapshot of the site taken once a day
This is a very good suggestion.
2.2) Code: add a one-click (js widget?) option [maybe 2 clicks with some kind of pop-up confirmation that doesn't require rendering another whole WP-page] so that even when the site is very slow, evil images can be deleted in under 15 minutes
Something like rollback but for images? Sounds good.
2.3) More Code: add a different 'emergency mode' that only allows a limited set of users [logged-in users? users on a specific list?] to use the site.
With so many thousands of users it may even have to be limited to admins. I dunno....
- Code + Image Policy: add an IMAGE REVIEW step that imposes a time
delay (or requires user approval) before an image can be displayed live on a page [until then the image could still be linked to via an html link]
I don't think that will be necessary. It mainly frustrates good people with proven records of making good edits. If there are any such limitations, they need to be directed toward users with unproven edit records.
-- Daniel Mayer (aka mav)
__________________________________ Do you Yahoo!? Meet the all-new My Yahoo! - Try it today! http://my.yahoo.com