We've been attacked too - It also adds a long list of links to
http://buy-ativan.fil.ph lower on the page.
we had:
$wgSpamRegex="/overflow:auto/";
in LocalSettings.php
but an extra space has been added after the ...overflow: auto....
so now we have both
$wgSpamRegex="/overflow:auto/";
$wgSpamRegex="/overflow: auto/";
hope that helps
Paul
On 12/12/05, Sterling D. Allan <sterlingda(a)pureenergysystems.com> wrote:
PESWiki.com has been hit with an automated spam attack
that circumvents
1) requirement that edits be done only by logged-in users
2) spamblock script that was installed.
It seems to target non-populated pages, such as talk pages and category pages and
not-yet-built page links, and posts spam links from them.
It logs in as one user, then after a few hours, logs in as another user, and hits the
same pages again.
So far today, I've been hit by three users.
It is not a mission critical attack inasmuch as the pages it is hitting are not high
traffic pages, and it doesn't remove content, it only appends its spam links at the
end.
Any ideas?
Sterling
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)Wikimedia.org
http://mail.wikipedia.org/mailman/listinfo/mediawiki-l
--
Yellowikis is to Yellow Pages, as Wikipedia is to The Encyclopedia Britannica