[MediaWiki-l] Restoring MediaWiki after the Drupal exploit?

Boris Steipe boris.steipe at utoronto.ca
Sun Nov 2 22:53:28 UTC 2014

Dear all -

As most of you will know, Drupal has recently announced a critical vulnerability and automated MySQL injection attacks in the wild have compromised servers(1). Our sysadmins are wiping affected machines, in order to reinstall data from pre Oct. 15 backups. We users need to figure out how to handle the data loss from Oct. 15 to current.

If I understand the Drupal advisory correctly, backdoors could have been installed in the database. I don't know nearly enough about this, but I suspect this could mean that a backdoor could reappear on the new machine if I were to dump my current Wiki tables from the old machine and reinstall them on the new machine. Is this correct? And if so, what would the best strategy be for recovery? I hope this can be done more efficiently than copy/pasting Wikitext.

Any insight much appreciated.

(1) https://www.drupal.org/PSA-2014-003

More information about the MediaWiki-l mailing list