George Herbert wrote:
We have a pattern abuser showing up on English Wikipedia, creating page after page full of 1-pixel versions of random images from throughout the site. This appears to be a slow ramp-up to a larger denial of service attack on the image servers for en.wp.
The pattern is easy to spot, once they do it, but "easy" in this case is normal reaction time of admins / alert users, most of whom haven't seen the pattern up close to know what's going on.
Is there anything that can or should be done ahead of time, at the site operations level or developer level, to try and keep the presumed end-case massive DOS attack on the systems from succeeding?
They're telegraphing their actions out pretty obviously, practicing for what I strongly suspect is coming. But I don't know that we can, with in-wiki tools, find them / block them out effectively enough...
Thanks for the report, we'll keep an eye on it. I don't think there's any urgent need for action, and I don't think there's a need to advertise his actions and thus give him more satisfaction than he deserves.
-- Tim Starling