Wiki hacked by cretins (again)

There seems to be some hacker out there who has created/edited, the latter being a 2MB (!) page full of garbage search terms.

Just thought Torben would like to know.


Thanks for the hint. “index.php” was not a valid page anyway, so I have deleted it. If you find more spots which have been a victim of a spam bot, please let me know.

The Wiki is locked down now so that only registered users can edit pages. But I’m afraid those bots are even able to create themselves an account :frowning:

Oh dear!

Are you able to add one of those ‘type in the distorted letters shown in the image’ features to the Wiki, to stop the bots being able to ‘sign up?’

If not, I guess you’ll need to make Wiki registration something you personally control, and remove the ‘create an account’ feature from it. So then you would need to add new users upon request.

I don’t know how many real Wiki contributors there are altogether, but my guess is thee, me, and Charlie D! :smiley: So that second solution above is probably the best one … ?


It’s a shame that some have to spoilt it for others - Especially as Wiki is meant to involve everybody, it’d be a shame if only a select few could share their tips and/or contribute to it. The CAPTCHA feature would probably keep the problem at bay.

I will register at the wiki, but feel its handled admirably already.

Kind regards tony

Come on, Charlie, it’s not a big deal to create an account there. I also think it’s good when we can see who wrote a particular article.

Oh I know - and personally I’ve love to see more people contributing provided the well isn’t diluted any more :wink: (too many cooks and all that)… What I was getting at was that it’s annoying having to clean-up after the spammers and that locking it out completely would no doubt render the whole concept of the Wiki pointless :frowning:

I don’t agree, Charlie. All you would need is a line on the Wiki main page reading something like:
To contribute to this Wiki as an Editor, please join the mAirList Forum and post a request in the Wiki section for a Wiki sign-in ID.

You could even add a line explaining this has become necessary because of damage to the Wiki by malicious third parties.

As Torben said, it’s really not a big deal. Anyone genuine will go through the hoops; bots will not be able to get past the ‘send Torben a request in the Forum’ part. :wink: