[ietf86-tech] Trac Spam
Bjoern A. Zeeb
bzeeb-lists at lists.zabbadoz.net
Fri Mar 15 06:03:10 PDT 2013
On Fri, 15 Mar 2013, Lucy Lynch wrote:
> All -
>
> I've reset trac to require a log-in to create or append to a ticket.
>
> Hate to do this but many of you will see injections to old tickets this
> am and this is the second time we've seen this kind of attack this week.
>
> Please ignore the tickets and we'll need to craft up text next time
> to let folks know they can use their IETF log-in if they want to do
> web submissions.
Yeah I kept pondering things. Two options might be (whether we can
implement with trac is a different question but I can look at this):
(1) only allow anonymous submissions from within the conference
network by web; would still allow anonymous submissions by email
(2) add a captcha (if you are outside the conference network)
(3) change a detail so that the default trac installation scripts of
spammers do not work anymore (paths, locations, names of
buttons, ..) << something possibly not maintainable easily.
/bz
--
Bjoern A. Zeeb Charles Haddon Spurgeon:
"Friendship is one of the sweetest joys of life. Many might have failed
beneath the bitterness of their trial had they not found a friend."
More information about the ietf86-tech
mailing list