<p dir="ltr">If anyone wants to approve this I am still happy to help. </p>
<p dir="ltr"><a href="https://review.openstack.org/#/c/285641/1">https://review.openstack.org/#/c/285641/1</a></p>
<p dir="ltr">I don't think you are ever going to be successful at blocking accounts or IPs. You must block the creation of the spam by the bots. IMHO focusing on improving the captcha or understanding the bypass path around the captcha is the best short term path to accomplish this. <br><br></p>
<p dir="ltr">J.P. Maxwell | <a href="http://tipit.net">tipit.net</a> | <a href="http://fibercove.com">fibercove.com</a></p>
<div class="gmail_quote">On Mar 22, 2016 8:15 AM, "Paul Belanger" <<a href="mailto:pabelanger@redhat.com">pabelanger@redhat.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Tue, Mar 22, 2016 at 03:32:23PM +0800, Tom Fifield wrote:<br>
> Hi all,<br>
><br>
><br>
> I'm sad to say that:<br>
><br>
> * spammers are back - 100-odd pages have gone in over the weekend<br>
> <a href="https://wiki.openstack.org/wiki/Special:NewPages" rel="noreferrer" target="_blank">https://wiki.openstack.org/wiki/Special:NewPages</a><br>
><br>
> * Cleanup was ineffective, with many spam pages still existing on the wiki<br>
> (scroll through the NewPages link above)<br>
><br>
So, we are still working through the clean up of the wiki.  Right now, we've<br>
only stopped the creation of new accounts.  Both from openid and mobile users.<br>
<br>
We're going to be adding SmitSpam[1] to allow admins to run some cleanup tools.<br>
But that hasn't landed yet.<br>
<br>
Until now, I am going into the wiki every few days to ban existing accounts that<br>
have already been created manually.<br>
<br>
[1] <a href="https://review.openstack.org/#/c/287232/" rel="noreferrer" target="_blank">https://review.openstack.org/#/c/287232/</a><br>
><br>
><br>
> Regards,<br>
><br>
><br>
> Tom<br>
><br>
><br>
> On 28/02/16 01:11, JP Maxwell wrote:<br>
> >Elizabeth<br>
> ><br>
> >I hope you feel better.<br>
> ><br>
> >Just FYI, this is going full force in IRC right now.  I’ve bowed out as<br>
> >the approach I was suggesting didn’t get traction.<br>
> ><br>
> >I proposed to manually iterate on this to confirm precisely which change<br>
> >solves the spam problem.  Once that has been identified we can revert<br>
> >and come up with a proper patch.  Right now the assumption is that<br>
> >disabling manual accounts will solve the problem (and it might).  As a<br>
> >result the team is trying to solve for the consequences of not having<br>
> >manual accounts.  Some bots currently use manual accounts among other<br>
> >issues.  If the assumption is correct, these efforts will be worth it.<br>
> >  However, if it isn’t it will have been a great waste of energy.<br>
> ><br>
> >In any case have a good weekend everyone.  I’m off to eat some delicious<br>
> >central Texas BBQ!<br>
> ><br>
> ><br>
> >*J.P. Maxwell* | <a href="http://tipit.net" rel="noreferrer" target="_blank">tipit.net</a> <<a href="http://tipit.net" rel="noreferrer" target="_blank">http://tipit.net</a>> | <a href="http://fibercove.com" rel="noreferrer" target="_blank">fibercove.com</a><br>
> ><<a href="http://www.fibercove.com" rel="noreferrer" target="_blank">http://www.fibercove.com</a>><br>
> ><br>
> >On Sat, Feb 27, 2016 at 10:15 AM, Elizabeth K. Joseph<br>
> ><<a href="mailto:lyz@princessleia.com">lyz@princessleia.com</a>> wrote:<br>
> ><br>
> >    We'll be getting together on Monday around 1700 UTC to work through<br>
> >    this together in a debug session in #openstack-infra (I'm too sick<br>
> >    this weekend, plus we need a time when more infra-root folks with<br>
> >    the institutional knowledge are around).<br>
> ><br>
> >    On Feb 27, 2016 05:37, "Marton Kiss" <<a href="mailto:marton.kiss@gmail.com">marton.kiss@gmail.com</a><br>
> >    <mailto:<a href="mailto:marton.kiss@gmail.com">marton.kiss@gmail.com</a>>> wrote:<br>
> ><br>
> >        Yeah, the Settings.php was overriden by the latest puppet run.<br>
> >        We need to wait for some infra guys to approve my patches and<br>
> >        make it permanent:<br>
> >        <a href="https://review.openstack.org/285669" rel="noreferrer" target="_blank">https://review.openstack.org/285669</a> Disable standard password<br>
> >        based auth<br>
> >        <a href="https://review.openstack.org/285672" rel="noreferrer" target="_blank">https://review.openstack.org/285672</a> Disable mobile frontend<br>
> ><br>
> >        M.<br>
> ><br>
> >        On Sat, Feb 27, 2016 at 2:27 PM JP Maxwell <<a href="mailto:jp@tipit.net">jp@tipit.net</a><br>
> >        <mailto:<a href="mailto:jp@tipit.net">jp@tipit.net</a>>> wrote:<br>
> ><br>
> >            FYI. Still seeing the mobile view...<br>
> ><br>
> >            J.P. Maxwell | <a href="http://tipit.net" rel="noreferrer" target="_blank">tipit.net</a> <<a href="http://tipit.net" rel="noreferrer" target="_blank">http://tipit.net</a>> | <a href="http://fibercove.com" rel="noreferrer" target="_blank">fibercove.com</a><br>
> >            <<a href="http://fibercove.com" rel="noreferrer" target="_blank">http://fibercove.com</a>><br>
> ><br>
> >            On Feb 27, 2016 6:53 AM, "Marton Kiss"<br>
> >            <<a href="mailto:marton.kiss@gmail.com">marton.kiss@gmail.com</a> <mailto:<a href="mailto:marton.kiss@gmail.com">marton.kiss@gmail.com</a>>> wrote:<br>
> ><br>
> >                Yes, applied them manually. Let's wait a few hours, and<br>
> >                check for new spam content / user accounts.<br>
> ><br>
> >                M.<br>
> >                JP Maxwell <<a href="mailto:jp@tipit.net">jp@tipit.net</a> <mailto:<a href="mailto:jp@tipit.net">jp@tipit.net</a>>><br>
> >                (időpont: 2016. febr. 27., Szo, 13:50) ezt írta:<br>
> ><br>
> >                    Cool. Are these applied? Any indication it has<br>
> >                    stopped the spam? Should we clear out these non<br>
> >                    launchpad accounts from the DB?<br>
> ><br>
> >                    J.P. Maxwell | <a href="http://tipit.net" rel="noreferrer" target="_blank">tipit.net</a> <<a href="http://tipit.net" rel="noreferrer" target="_blank">http://tipit.net</a>> |<br>
> >                    <a href="http://fibercove.com" rel="noreferrer" target="_blank">fibercove.com</a> <<a href="http://fibercove.com" rel="noreferrer" target="_blank">http://fibercove.com</a>><br>
> ><br>
> >                    On Feb 27, 2016 6:47 AM, "Marton Kiss"<br>
> >                    <<a href="mailto:marton.kiss@gmail.com">marton.kiss@gmail.com</a><br>
> >                    <mailto:<a href="mailto:marton.kiss@gmail.com">marton.kiss@gmail.com</a>>> wrote:<br>
> ><br>
> >                        And the mobile frontend will be disabled<br>
> >                        permanently with this patch:<br>
> >                        <a href="https://review.openstack.org/285672" rel="noreferrer" target="_blank">https://review.openstack.org/285672</a> Disable<br>
> >                        mobile frontend<br>
> ><br>
> >                        M.<br>
> ><br>
> >                        On Sat, Feb 27, 2016 at 1:39 PM Marton Kiss<br>
> >                        <<a href="mailto:marton.kiss@gmail.com">marton.kiss@gmail.com</a><br>
> >                        <mailto:<a href="mailto:marton.kiss@gmail.com">marton.kiss@gmail.com</a>>> wrote:<br>
> ><br>
> >                            I made some investigation, and it seems to<br>
> >                            be that the spam pages are created by<br>
> >                            accounts registered with password accounts,<br>
> >                            and the launchpad openid auth is not<br>
> >                            affected at all.<br>
> ><br>
> >                            So the spam script is creating accounts like<br>
> >                            this:<br>
> >                            mysql> select * from user where user_name =<br>
> >                            'CedricJamieson'\G;<br>
> >                            *************************** 1. row<br>
> >                            ***************************<br>
> >                            user_id: 7494<br>
> >                            user_name: CedricJamieson<br>
> >                            user_real_name: Cedric Jamieson<br>
> >                            user_password:<br>
> >                            :pbkdf2:sha256:10000:128:Mlo9tdaP+38niZrrEka7Ow==:jEVnrTclkwIpE1RzJywDlrSvkY5G3idYwOwYRkv5O0J/MSHjY+gdhtKmArQ53v6/w7o8E1wXb2QOR6HdL5TPfOI1bswS/fYXVVYjPjkEEdxqZ8q9L5p2f3N6rEYpMfT5tk+wDiy+j5aimrHrGSga44hndAHgX9/SnqUyxlutDVY=<br>
> >                            user_newpassword:<br>
> >                            user_newpass_time: NULL<br>
> >                            user_email: <a href="mailto:balashkina.evdokiya@mail.ru">balashkina.evdokiya@mail.ru</a><br>
> >                            <mailto:<a href="mailto:balashkina.evdokiya@mail.ru">balashkina.evdokiya@mail.ru</a>><br>
> >                            user_touched: 20160227052454<br>
> >                            user_token: 7c39e44e849fb0e2bfae8790d6cc1379<br>
> >                            user_email_authenticated: NULL<br>
> >                            user_email_token:<br>
> >                            be963ac3bd43e70ff2f323063c61e320<br>
> >                            user_email_token_expires: 20160305052441<br>
> >                            user_registration: 20160227052441<br>
> >                            user_editcount: 2<br>
> >                            user_password_expires: NULL<br>
> ><br>
> >                            The user_password field is always filled<br>
> >                            with a value, meanwhile this field of<br>
> >                            non-infected user accounts with openid<br>
> >                            logins is empty.<br>
> >                            We have 423 total accounts with passwords:<br>
> >                            mysql> select count(*) from user where<br>
> >                            user_password != '';<br>
> >                            +----------+<br>
> >                            | count(*) |<br>
> >                            +----------+<br>
> >                            | 423 |<br>
> >                            +----------+<br>
> >                            1 row in set (0.00 sec)<br>
> ><br>
> >                            Mediawiki logs-in the newly created users<br>
> >                            without any preliminary email confirmation,<br>
> >                            right after the registration. I disabled the<br>
> >                            standard user login page, as described here:<br>
> >                            <a href="https://www.mediawiki.org/wiki/Manual:Special_pages#Disabling_Special:UserLogin_and_Special:UserLogout_pages" rel="noreferrer" target="_blank">https://www.mediawiki.org/wiki/Manual:Special_pages#Disabling_Special:UserLogin_and_Special:UserLogout_pages</a><br>
> ><br>
> >                            And I made this patch to make it permanent:<br>
> >                            <a href="https://review.openstack.org/285669" rel="noreferrer" target="_blank">https://review.openstack.org/285669</a> Disable<br>
> >                            standard password based auth<br>
> ><br>
> >                            Just for the record, the last spam user account:<br>
> >                            7536 | EarthaChester22<br>
> ><br>
> >                            Marton<br>
> ><br>
> ><br>
> >                            On Sat, Feb 27, 2016 at 8:31 AM Marton Kiss<br>
> >                            <<a href="mailto:marton.kiss@gmail.com">marton.kiss@gmail.com</a><br>
> >                            <mailto:<a href="mailto:marton.kiss@gmail.com">marton.kiss@gmail.com</a>>> wrote:<br>
> ><br>
> >                                Hi,<br>
> ><br>
> >                                I created the following patch, infra<br>
> >                                cores must approve that:<br>
> >                                <a href="https://review.openstack.org/285641" rel="noreferrer" target="_blank">https://review.openstack.org/285641</a> Add<br>
> >                                ssh key of JP Maxwell to wiki.o.o<br>
> ><br>
> >                                Marton<br>
> ><br>
> >                                On Sat, Feb 27, 2016 at 6:41 AM JP<br>
> >                                Maxwell <<a href="mailto:jp@tipit.net">jp@tipit.net</a><br>
> >                                <mailto:<a href="mailto:jp@tipit.net">jp@tipit.net</a>>> wrote:<br>
> ><br>
> >                                    Marton has SSH access and applied a<br>
> >                                    patch earlier today. It appears the<br>
> >                                    spam continues to flow:<br>
> ><br>
> >                                    <a href="https://wiki.openstack.org/wiki/40_Thoughts_Of_Using_Open_Shelves_On_A_Kitchen" rel="noreferrer" target="_blank">https://wiki.openstack.org/wiki/40_Thoughts_Of_Using_Open_Shelves_On_A_Kitchen</a><br>
> ><br>
> >                                    Marton let me know if you can look<br>
> >                                    at it some more or Infra if you want<br>
> >                                    to give me SSH I'll do so as well in<br>
> >                                    the morning (public key attached).<br>
> ><br>
> ><br>
> ><br>
> >                                    ssh-rsa<br>
> >                                    AAAAB3NzaC1yc2EAAAABIwAAAQEA2b5I7Yff9FCrtRmSjpILUePi54Vbc8zqJTbzrIAQZGFLBi3xd2MLlhV5QVgpDBC9H3lGjbdnc81D3aFd3HwHT4dvvvyedT12PR3VDEpftdW84vw3jzdtALcayOQznjbGnScwvX5SgnRhNxuX9Rkh8qNvOsjYPUafRr9azkQoomJFkdNVI4Vb5DbLhTpt18FPeOf0UuqDt/J2tHI4SjZ3kjzr7Nbwpg8xGgANPNE0+2pJbwCA8YDt4g3bzfzvVafQs5o9Gfc9tudkR9ugQG1M+EWCgu42CleOwMTd/rYEB2fgNNPsZAWqwQfdPajVuk70EBKUEQSyoA09eEZX+xJN9Q==<br>
> >                                    <a href="mailto:jpmaxman@tipit.net">jpmaxman@tipit.net</a><br>
> >                                    <mailto:<a href="mailto:jpmaxman@tipit.net">jpmaxman@tipit.net</a>><br>
> ><br>
> ><br>
> ><br>
> ><br>
> >                                    J.P. Maxwell / <a href="http://tipit.net" rel="noreferrer" target="_blank">tipit.net</a><br>
> >                                    <<a href="http://www.tipit.net" rel="noreferrer" target="_blank">http://www.tipit.net</a>><br>
> ><br>
> ><br>
> >                                    On Fri, Feb 26, 2016 at 12:09 PM,<br>
> >                                    Jimmy McArthur <<a href="mailto:jimmy@openstack.org">jimmy@openstack.org</a><br>
> >                                    <mailto:<a href="mailto:jimmy@openstack.org">jimmy@openstack.org</a>>> wrote:<br>
> ><br>
> >                                        Super thankful for all the folks<br>
> >                                        that have jumped in over the<br>
> >                                        last couple of days to help with<br>
> >                                        the puppetization, etc... I just<br>
> >                                        feel like we're taking a very<br>
> >                                        wrong approach here.<br>
> ><br>
> >                                        Paul Belanger wrote:<br>
> ><br>
> >                                            Right, and I don't have an issue with that approach.  Based on the work we did<br>
> >                                            yesterday, anybody can do that via our workflow. Please submit a patch to<br>
> >                                            puppet-mediawiki[1] and ping an infra-root in #openstack-infra IRC.<br>
> ><br>
> >                                        What I'm proposing is the<br>
> >                                        workflow is really meant for<br>
> >                                        software, not for web<br>
> >                                        applications. It's tedious and<br>
> >                                        time consuming when what's<br>
> >                                        needed here is a set of tests on<br>
> >                                        the server. Submitting a patch,<br>
> >                                        waiting for a +1, then getting<br>
> >                                        on IRC to find someone with<br>
> >                                        access (and time) to paste the<br>
> >                                        logs is a pretty time consuming<br>
> >                                        process for what should be a<br>
> >                                        series of rapid-fire<br>
> >                                        changes/fixes on the server.<br>
> >                                        Especially when we're dealign<br>
> >                                        with an active attack.<br>
> ><br>
> >                                            We can then have somebody look at the logs.  I think it is more about scheduling<br>
> >                                            the task since more infra-root as travling back from the mid-cycle last night<br>
> >                                            and today.<br>
> ><br>
> >                                        Right, this is my point. This<br>
> >                                        has been going on for 3 weeks<br>
> >                                        (or more). Tom Fifeldt was<br>
> >                                        asking for help without<br>
> >                                        response. And here we are<br>
> >                                        through another week and no<br>
> >                                        closer to stemming the flow.<br>
> ><br>
> >                                        I'm fully aware what I'm<br>
> >                                        proposing goes against what<br>
> >                                        Infra and the OpenStack workflow<br>
> >                                        is all about, but I'd ask you<br>
> >                                        all to look at this from a web<br>
> >                                        development perspective instead<br>
> >                                        of a software development<br>
> >                                        perspective.<br>
> ><br>
> >                                        Jimmy<br>
> ><br>
> >                                            Last email from me, just on a plane.  Will follow up when I land.<br>
> ><br>
> >                                            [1]<a href="https://git.openstack.org/cgit/openstack-infra/puppet-mediawiki" rel="noreferrer" target="_blank">https://git.openstack.org/cgit/openstack-infra/puppet-mediawiki</a><br>
> ><br>
> ><br>
> >                                                J.P. Maxwell |<a href="http://tipit.net" rel="noreferrer" target="_blank">tipit.net</a> <<a href="http://tipit.net" rel="noreferrer" target="_blank">http://tipit.net</a>>  [<a href="http://tipit.net" rel="noreferrer" target="_blank">http://tipit.net</a>] |<a href="http://fibercove.com" rel="noreferrer" target="_blank">fibercove.com</a><br>
> >                                                <<a href="http://fibercove.com" rel="noreferrer" target="_blank">http://fibercove.com</a>><br>
> >                                                [<a href="http://www.fibercove.com" rel="noreferrer" target="_blank">http://www.fibercove.com</a>]<br>
> >                                                On Fri, Feb 26, 2016 at 11:25 AM, Paul Belanger<<a href="mailto:pabelanger@redhat.com">pabelanger@redhat.com</a>><br>
> >                                                <mailto:<a href="mailto:pabelanger@redhat.com">pabelanger@redhat.com</a>><br>
> >                                                wrote:<br>
> >                                                On Fri, Feb 26, 2016 at 11:08:18AM -0600, Jimmy McArthur wrote:<br>
> ><br>
> >                                                    Given the state of the wiki a the moment, I think taking the quickest path<br>
> >                                                    to get it fixed would be prudent. Is there a way we can get JP root access<br>
> >                                                    to this server, even temporarily? We get 25% of our website traffic (2<br>
> >                                                    million visitors) to the wiki. I realize we're all after the same thing,<br>
> ><br>
> >                                                but<br>
> ><br>
> >                                                    spammers are not going to hit the dev environment, so there's really no<br>
> ><br>
> >                                                way<br>
> ><br>
> >                                                    to tell if teh problem is fixed without actually working directly on the<br>
> >                                                    production machine. This should be a 30 minute fix.<br>
> ><br>
> >                                                I am still unclear what the 30min fix is. If really 30mins, then it<br>
> >                                                shouldn't be<br>
> >                                                hard to get the fix into our workflow. Could somebody please elaborate.<br>
> ><br>
> >                                                If we are talking about deploying new versions of php or mediawiki manually,<br>
> >                                                I<br>
> >                                                not be in-favor of this. To me, while the attack sucks, we should be working<br>
> >                                                on<br>
> >                                                2 fronts. Getting the help needed to mitigate the attack, then adding the<br>
> >                                                changes into -infra workflow in parallel.<br>
> ><br>
> >                                                    I realize there is a lot of risk in giving ssh access to infra machines,<br>
> ><br>
> >                                                but<br>
> ><br>
> >                                                    I think it's worth taking a look at either putting this machine in a place<br>
> >                                                    where a different level of admin could access it without giving away the<br>
> >                                                    keys to the entire OpenStack infrastructure or figuring out a way to set<br>
> ><br>
> >                                                up<br>
> ><br>
> >                                                    credentials with varying levels of access.<br>
> ><br>
> >                                                As a note, all the work I've been doing to help with the attack hasn't<br>
> >                                                require<br>
> >                                                SSH access for me to wiki.o.o. I did need infra-root help to expose our<br>
> >                                                configuration safely. I'd rather take some time to see what the fixes are,<br>
> >                                                having infra-root apply changes, then move them into puppet.<br>
> ><br>
> >                                                It also has been discussed to simply disable write access to the wiki if we<br>
> >                                                really want spamming to stop, obviously that will affect normal usage.<br>
> ><br>
> >                                                    Jimmy<br>
> ><br>
> >                                                    Paul Belanger wrote:<br>
> ><br>
> >                                                        On Fri, Feb 26, 2016 at 10:12:12AM -0600, JP Maxwell wrote:<br>
> ><br>
> >                                                            But if you wanted to upgrade everything, remove the mobile view<br>
> ><br>
> >                                                extension,<br>
> ><br>
> >                                                            test in a dev/staging environment then deploy to production fingers<br>
> >                                                            crossed, I think that would be a valid approach as well.<br>
> ><br>
> >                                                        Current review up[1]. I'll launch a node tonight / tomorrow locally to<br>
> ><br>
> >                                                see<br>
> >                                                how<br>
> ><br>
> >                                                        puppet reacts. I suspect there will be some issues.<br>
> ><br>
> >                                                        If infra-roots are fine with this approach, we can use that box to test<br>
> ><br>
> >                                                against.<br>
> ><br>
> >                                                        [1]<a href="https://review.openstack.org/#/c/285405/" rel="noreferrer" target="_blank">https://review.openstack.org/#/c/285405/</a><br>
> ><br>
> >                                                            J.P. Maxwell |<a href="http://tipit.net" rel="noreferrer" target="_blank">tipit.net</a><br>
> >                                                            <<a href="http://tipit.net" rel="noreferrer" target="_blank">http://tipit.net</a>>  |<a href="http://fibercove.com" rel="noreferrer" target="_blank">fibercove.com</a> <<a href="http://fibercove.com" rel="noreferrer" target="_blank">http://fibercove.com</a>><br>
> >                                                            On Feb 26, 2016 10:08 AM, "JP Maxwell"<<a href="mailto:jp@tipit.net">jp@tipit.net</a>><br>
> >                                                            <mailto:<a href="mailto:jp@tipit.net">jp@tipit.net</a>>  wrote:<br>
> ><br>
> >                                                                Plus one except in this case it is much easier to know if our efforts<br>
> ><br>
> >                                                are<br>
> ><br>
> >                                                                working on production because the spam either stops or not.<br>
> ><br>
> >                                                                J.P. Maxwell |<a href="http://tipit.net" rel="noreferrer" target="_blank">tipit.net</a> <<a href="http://tipit.net" rel="noreferrer" target="_blank">http://tipit.net</a>>  |<a href="http://fibercove.com" rel="noreferrer" target="_blank">fibercove.com</a><br>
> >                                                                <<a href="http://fibercove.com" rel="noreferrer" target="_blank">http://fibercove.com</a>><br>
> >                                                                On Feb 26, 2016 9:48 AM, "Paul Belanger"<<a href="mailto:pabelanger@redhat.com">pabelanger@redhat.com</a>><br>
> >                                                                <mailto:<a href="mailto:pabelanger@redhat.com">pabelanger@redhat.com</a>>  wrote:<br>
> ><br>
> >                                                                    On Fri, Feb 26, 2016 at 09:18:00AM -0600, JP Maxwell wrote:<br>
> ><br>
> >                                                                        I really think you might consider the option that there is a<br>
> ><br>
> >                                                                    vulnerability<br>
> ><br>
> >                                                                        in one of the extensions. If that is the case black listing IPs will<br>
> ><br>
> >                                                be<br>
> ><br>
> >                                                                    an<br>
> ><br>
> >                                                                        ongoing wild goose chase.<br>
> ><br>
> >                                                                        I think this would be easily proven or disproven by making the questy<br>
> >                                                                        question impossible and see if the spam continues.<br>
> ><br>
> >                                                                    We'll have to let an infra-root make that call. Since nobody would be<br>
> >                                                                    able to<br>
> >                                                                    use the wiki. Honestly, I'd rather spend the time standing up a mirror<br>
> ><br>
> >                                                dev<br>
> ><br>
> >                                                                    instance for us to work on, rather then production.<br>
> ><br>
> >                                                                        J.P. Maxwell |<a href="http://tipit.net" rel="noreferrer" target="_blank">tipit.net</a><br>
> >                                                                        <<a href="http://tipit.net" rel="noreferrer" target="_blank">http://tipit.net</a>>  |<a href="http://fibercove.com" rel="noreferrer" target="_blank">fibercove.com</a><br>
> >                                                                        <<a href="http://fibercove.com" rel="noreferrer" target="_blank">http://fibercove.com</a>><br>
> >                                                                        On Feb 26, 2016 9:12 AM, "Paul Belanger"<<a href="mailto:pabelanger@redhat.com">pabelanger@redhat.com</a>><br>
> >                                                                        <mailto:<a href="mailto:pabelanger@redhat.com">pabelanger@redhat.com</a>><br>
> ><br>
> >                                                wrote:<br>
> ><br>
> >                                                                            On Thu, Feb 25, 2016 at 08:10:34PM -0800, Elizabeth K. Joseph wrote:<br>
> ><br>
> >                                                                                On Thu, Feb 25, 2016 at 6:35 AM, Jeremy Stanley<<a href="mailto:fungi@yuggoth.org">fungi@yuggoth.org</a>><br>
> >                                                                                <mailto:<a href="mailto:fungi@yuggoth.org">fungi@yuggoth.org</a>><br>
> ><br>
> >                                                                            wrote:<br>
> ><br>
> >                                                                                    On 2016-02-25 02:46:13 -0600 (-0600), JP Maxwell wrote:<br>
> ><br>
> >                                                                                        Please be aware that you can now create accounts under the mobile<br>
> >                                                                                        view in the wiki native user table. I just created an account for<br>
> >                                                                                        JpMaxMan. Not sure if this matters but wanted to make sure you<br>
> >                                                                                        were aware.<br>
> ><br>
> >                                                                                    Oh, yes I think having a random garbage question/answer was in<br>
> ><br>
> >                                                                    fact<br>
> ><br>
> >                                                                                    previously preventing account creation under the mobile view. We<br>
> >                                                                                    probably need a way to disable mobile view account creation as it<br>
> >                                                                                    bypasses OpenID authentication entirely.<br>
> ><br>
> >                                                                                So that's what it was doing! We'll have to tackle the mobile view<br>
> ><br>
> >                                                                    issue.<br>
> ><br>
> >                                                                                Otherwise, quick update here:<br>
> ><br>
> >                                                                                The captcha didn't appear to help stem the spam tide. We'll want to<br>
> >                                                                                explore and start implementing some of the other solutions.<br>
> ><br>
> >                                                                                I did some database poking around today and it does seem like all<br>
> ><br>
> >                                                                    the<br>
> ><br>
> >                                                                                users do have launchpad accounts and email addresses.<br>
> ><br>
> >                                                                            So, I have a few hours before jumping on my plane and checked into<br>
> ><br>
> >                                                                    this.<br>
> ><br>
> >                                                                            We are<br>
> >                                                                            using QuestyCaptcha which according to docs, should almost be<br>
> ><br>
> >                                                                    impossible<br>
> ><br>
> >                                                                            for<br>
> >                                                                            spammers to by pass in an automated fashion. So, either our captcha<br>
> ><br>
> >                                                                    is too<br>
> ><br>
> >                                                                            easy, or we didn't set it up properly. I don't have SSH on wiki.o.o<br>
> ><br>
> >                                                                    so<br>
> ><br>
> >                                                                            others<br>
> >                                                                            will have to check logs. I did test new pages and edits, and was<br>
> ><br>
> >                                                                    promoted<br>
> ><br>
> >                                                                            by<br>
> >                                                                            captcha.<br>
> ><br>
> >                                                                            As a next step, we might need to add additional apache2<br>
> ><br>
> >                                                configuration<br>
> ><br>
> >                                                                    to<br>
> ><br>
> >                                                                            blacklist IPs. I am reading up on that now.<br>
> ><br>
> >                                                                                --<br>
> >                                                                                Elizabeth Krumbach Joseph || Lyz || pleia2<br>
> ><br>
> >                                                                                _______________________________________________<br>
> >                                                                                OpenStack-Infra mailing list<br>
> >                                                                                <a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a><br>
> >                                                                                <mailto:<a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a>><br>
> ><br>
> >                                                                            <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra</a><br>
> >                                                                            _______________________________________________<br>
> >                                                                            OpenStack-Infra mailing list<br>
> >                                                                            <a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a><br>
> >                                                                            <mailto:<a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a>><br>
> ><br>
> >                                                                        <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra</a><br>
> ><br>
> >                                                        _______________________________________________<br>
> >                                                        OpenStack-Infra mailing list<br>
> >                                                        <a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a><br>
> >                                                        <mailto:<a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a>><br>
> >                                                        <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra</a><br>
> ><br>
> >                                                    _______________________________________________<br>
> >                                                    OpenStack-Infra mailing list<br>
> >                                                    <a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a><br>
> >                                                    <mailto:<a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a>><br>
> >                                                    <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra</a><br>
> ><br>
> >                                                _______________________________________________<br>
> >                                                OpenStack-Infra mailing list<br>
> >                                                <a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a><br>
> >                                                <mailto:<a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a>><br>
> >                                                <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra</a><br>
> ><br>
> ><br>
> ><br>
> >                                    _______________________________________________<br>
> >                                    OpenStack-Infra mailing list<br>
> >                                    <a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a><br>
> >                                    <mailto:<a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a>><br>
> >                                    <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra</a><br>
> ><br>
> ><br>
> >        _______________________________________________<br>
> >        OpenStack-Infra mailing list<br>
> >        <a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a><br>
> >        <mailto:<a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a>><br>
> >        <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra</a><br>
> ><br>
> ><br>
> ><br>
> >_______________________________________________<br>
> >OpenStack-Infra mailing list<br>
> ><a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a><br>
> ><a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra</a><br>
> ><br>
><br>
> _______________________________________________<br>
> OpenStack-Infra mailing list<br>
> <a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a><br>
> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra</a><br>
<br>
_______________________________________________<br>
OpenStack-Infra mailing list<br>
<a href="mailto:OpenStack-Infra@lists.openstack.org">OpenStack-Infra@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra</a><br>
</blockquote></div>