[pmwiki-users] I know this will generate a good laugh from most of you

Petko Yotov 5ko at free.fr
Mon Apr 2 17:27:42 CDT 2007


On Monday 02 April 2007 23:33, Amy Sweetman wrote:
> Hello all:
>
> I feel absolutely ridiculous posting this, but perhaps some of you could
> use a good laugh...... and after you lift yourself off the floor, maybe you
> could offer some good advice.
>
> I need help in correcting something, I have emailed the list in the past
> and was advised to add passwords to my wiki, however this maliciousness was
> what occurred and I need help fixing the problem because although I can set
> passwords, I am not sure how to fix what has already been done.... so here
> it goes
>
>
> I run a website that is designed to allow psychology professors across the
> nation to post up teaching ideas and some how a person has used my links to
> post porn
>

Hello Professor.

It is not good at all. Someone uploaded .htm files to your groups:
* Main
* ResourcesByType
* ResourcesByTopic

that contain porn or redirect to porn sites.

What you should do is:

1. Set an edit password: in the file pmwiki/local/config.php add a line:

   $DefaultPasswords['edit'] = crypt('SecretWord');

2. Set an upload password: in the same file config.php, add:

   $DefaultPasswords['upload'] = crypt('SecretWord');

3. Go with FTP to your pmwiki site, and enter in the folder pmwiki/uploads
* go to each sub-folder (Main, ResourcesByType, ResourcesByTopic) and delete 
all files that you didn't upload (especially those with explicit names 
and .htm extension).


4. Tell your friends the password (in our example it is SecretWord). It is 
usually OK to write it in the help-FAQ pages as spammers don't read them 
(unless it is someone that knows you, wishes you bad and is determined to 
vandalize).

5. You can disallow the upload of .htm files by adding this to config.php:

   $UploadExtSize['htm'] = $UploadExtSize['html'] = 0;

If you don't plan to upload such files or don't know what it means, you should 
probably disallow them.

6. If someone posted spam/porn to your pages, there is a link "History" and 
you can see the additions, and click below them on the link "Restore" to 
remove them. See the page 
http://www.intropsychresources.com/pmwiki/pmwiki/pmwiki.php?n=Site.AllRecentChanges 
to see recent modifications. It is a good thing to always write your name in 
the Author field when editing, and also the brief summary, that way you know 
if the last modification was by you or not.

Greetings, and good luck,
Petko





More information about the pmwiki-users mailing list