Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
HackerSpace - Adelaide, South Australia
Message from discussion The wiki is busted

View parsed - Show only message text

 Australia" <hackerspace-adelaide@googlegroups.com>
Received: by 10.66.81.98 with SMTP id z2mr1381429pax.19.1348780232369;
        Thu, 27 Sep 2012 14:10:32 -0700 (PDT)
X-BeenThere: hackerspace-adelaide@googlegroups.com
Received: by 10.68.197.72 with SMTP id is8ls11529379pbc.5.gmail; Thu, 27 Sep
 2012 14:10:31 -0700 (PDT)
Received: by 10.66.76.169 with SMTP id l9mr1593883paw.47.1348780231705;
        Thu, 27 Sep 2012 14:10:31 -0700 (PDT)
Received: by 10.66.76.169 with SMTP id l9mr1593882paw.47.1348780231689;
        Thu, 27 Sep 2012 14:10:31 -0700 (PDT)
Return-Path: <t...@spyderweb.com.au>
Received: from vmail.spyderweb.com.au ([202.189.78.109])
        by gmr-mx.google.com with ESMTPS id j3si1807450paz.2.2012.09.27.14.10.29
        (version=TLSv1/SSLv3 cipher=OTHER);
        Thu, 27 Sep 2012 14:10:29 -0700 (PDT)
Received-SPF: pass (google.com: domain of t...@spyderweb.com.au designates 202.189.78.109 as permitted sender) client-ip=202.189.78.109;
Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of t...@spyderweb.com.au designates 202.189.78.109 as permitted sender) smtp.mail=...@spyderweb.com.au
Received: from ns0.spyderweb.com.au ([150.101.8.17] helo=spyderweb.com.au)
	by vmail.spyderweb.com.au with smtp (Exim 4.77 (FreeBSD))
	(envelope-from <t...@spyderweb.com.au>)
	id 1THLLi-000Iap-PO
	for hackerspace-adelaide@googlegroups.com; Fri, 28 Sep 2012 06:40:24 +0930
Received: (qmail 62266 invoked from network); 28 Sep 2012 06:40:21 +0930
Received: from unknown (HELO webmail.spyderweb.com.au) (127.0.0.1)
  by localhost.spyderweb.com.au with SMTP; 28 Sep 2012 06:40:21 +0930
MIME-Version: 1.0
Content-Type: multipart/alternative;
 boundary="=_4b281d28541863a57ad42c8f6a705096"
Date: Fri, 28 Sep 2012 06:40:21 +0930
From: Tim Aslat <t...@spyderweb.com.au>
To: <hackerspace-adelaide@googlegroups.com>
Subject: Re: [HACK-ADL] The wiki is busted
Organization: Spyderweb Consulting
In-Reply-To: <CAH5StRSqjRxoTWOnYy=woQ8LAUFPmPAn4Et2uXXJ3YHJGWUDAg@mail.gmail.com>
References: <0ca1987c-aa2a-4f79-9e31-4cbcdff059e0@googlegroups.com>
 <1348739987.2758.16.camel@omega>
 <CAH5StRQRE_qi12UwADcwCLB4MoH-_oXFjfOJ8MLZkqtw4FC...@mail.gmail.com>
 <CAH5StRQuwk2009sGaSsy5RRtGTx_R=7CMqfMJYdgSwCYweH...@mail.gmail.com>
 <CAH5StRSqjRxoTWOnYy=woQ8LAUFPmPAn4Et2uXXJ3YHJGWU...@mail.gmail.com>
Message-ID: <4e4e64320b38281769771299c3a3c...@spyderweb.com.au>
X-Sender: t...@spyderweb.com.au
User-Agent: Roundcube Webmail/0.5.4
X-Spam-Score: -2.7 (--)
X-Spam-Report: SpamAssassin 3.3.2 on host vmail.spyderweb.com.au
 scan-date              = Fri, 28 Sep 2012 06:40:24 +0930
 score                  = -2.7
 bayes-score            = 0.0000
 bayes-token-summary    = Tokens: new, 34; hammy, 108; neutral, 46; spammy, 2.
 bayes-token-spam-count = 2
 bayes-token-ham-count  = 108
 bayes-token-spam       = Aslat, aslat
 bayes-token-ham        = isnt, HTo:D*googlegroups.com, H*Ad:D*googlegroups.com, hackadl, hack-adl, HACKADL, HACK-ADL, HTo:U*hackerspace-adelaide, H*Ad:U*hackerspace-adelaide, isn't, steven, Steven, pickles, Pickles, 0930, H*f:sk:CAH5StR
 bayes-auto-learned     = ham
 possible-languages     = 
 relayed-countries      = _RELAYCOUNTRY_
 pyzor                  = Reported 0 times.
 RBL                    = <dns:spyderweb.com.au> [150.101.8.17]
 <dns:17.8.101.150.list.dnswl.org> [127.0.5.0]
 <dns:spyderweb.com.au?type=MX> [5 vmail.spyderweb.com.au.]
 ==== ====================== ==================================================
  pts  rule name              description
 ---- ---------------------- --------------------------------------------------
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at http://www.dnswl.org/, no
                             trust
                             [150.101.8.17 listed in list.dnswl.org]
 -0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.8 RP_MATCHES_RCVD        Envelope sender domain matches handover relay domain
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
                             [score: 0.0000]
  0.0 HTML_MESSAGE           BODY: HTML included in message

--=_4b281d28541863a57ad42c8f6a705096
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=UTF-8

  

On Fri, 28 Sep 2012 00:02:58 +0930, Steven Pickles wrote: 

> Okay,
turned out that somehow "allow_fopen_url" had been disabled on the
server, and one of the mediawiki plugins, SpamBlacklist, was trying to
pull in a list of blacklisted links when checking a new edit. 
> Now
that we require captchas or signin to post external links, we should be
okay with this extension disabled. 
> Upgraded to the latest stable
version of MediaWiki in the process, which isn't a bad thing. 
> Let me
know if anything else is awry.

Hi All,

I disabled "allow_fopen_url"
for all hosted domains on my server, mainly because it's too easily
exploitable if you aren't careful, but I have now enabled it on the
hackadl.org domain. Any other settings that need changing to support
whatever is needed can be done easily enough once I'm
notified.

Cheers

Tim

-- 
Tim Aslat
Spyderweb Consulting
E:
t...@spyderweb.com.au
P: 0401 088 479
  
--=_4b281d28541863a57ad42c8f6a705096
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
<html><body>
<p>On Fri, 28 Sep 2012 00:02:58 +0930, Steven Pickles wrote:</p>
<blockquote type=3D"cite" style=3D"padding-left:5px; border-left:#1010ff 2p=
x solid; margin-left:5px; width:100%"><!-- html ignored --><!-- head ignore=
d --><!-- meta ignored -->
<p>Okay, turned out that somehow "allow_fopen_url" had been disabled on the=
 server, and one of the mediawiki plugins, SpamBlacklist, was trying to pul=
l in a list of blacklisted links when checking a new edit.</p>
<div>Now that we require captchas or signin to post external links, we shou=
ld be okay with this extension disabled.</div>
<div>Upgraded to the latest stable version of MediaWiki in the process, whi=
ch isn't a bad thing.</div>
<div>Let me know if anything else is awry.</div>
</blockquote>
<div>
<pre>Hi All,<br /><br />I disabled "allow_fopen_url" for all hosted domains=
 on my server, mainly because it's too easily exploitable if you aren't car=
eful, but I have now enabled it on the hackadl.org domain.  Any other setti=
ngs that need changing to support whatever is needed can be done easily eno=
ugh once I'm notified.<br /><br />Cheers<br /><br />Tim<br /><br /><br />--=
=20
Tim Aslat
Spyderweb Consulting
E: t...@spyderweb.com.au
P: 0401 088 479</pre>
</div>
</body></html>

--=_4b281d28541863a57ad42c8f6a705096--

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google