[OpenStack-Infra] Wiki.o.o sustaining spam attack
Paul Belanger
pabelanger at redhat.com
Wed Feb 24 20:50:21 UTC 2016
On Wed, Feb 24, 2016 at 02:33:41PM -0600, JP Maxwell wrote:
> It looks like you are using it (you can see it in the mobile login view),
> but it is not being used once you are logged in:
>
> $wgGroupPermissions['user' ]['skipcaptcha'] = true;
>
> I think you need to remove the above line. And add in the two below:
> $wgCaptchaTriggers['edit'] = true;
> $wgCaptchaTriggers['create'] = true;
>
>
> J.P. Maxwell | tipit.net [http://tipit.net] | fibercove.com
> [http://www.fibercove.com]
> On Wed, Feb 24, 2016 at 2:23 PM, Elizabeth K. Joseph <lyz at princessleia.com>
> wrote:
>
> > $wgCaptchaTriggers['edit'] = true;
> > $wgCaptchaTriggers['create'] = true;
>
>
> We're now storing our Settings.php (LocalSettings.php points at it) in
> git and people can submit patches against it in the puppet-mediawiki
> module:
>
>
> https://git.openstack.org/cgit/openstack-infra/puppet-mediawiki/tree/templates/Settings.php.erb
>
> A quick glance looks like we're already loading QuestyCaptcha, but it
> seems to not be enabled/used?
>
I've started updating our LocalSettings.pp based on we're talking about here.
We'll start with edit / create captcha then move to other pages if spaming
continues.
More information about the OpenStack-Infra
mailing list