[Moin-user] Wiki Page corruption

Reimar Bauer rb.proj at gmail.com
Tue Jul 10 09:37:33 EDT 2012 

Hi

you can get the Wikis Version by reading the page SystemInfo on your wiki.

The history of all Security Fixes to the MoinMoin Wiki Software can be
looked up from http://moinmo.in/SecurityFixes

If you have a very old version you should hand that page also to your IT
department and of course ask for upgrade then,

We provide a migration script for all wiki content to a newer version.
But if you have own code added in your wiki which is not yet updated,
see http://moinmo.in/CategoryMarket that will need modifications too.

Also we offer lots of different possibilities for Support
http://moinmo.in/Support and try to help whenever possible.

You are welcome

cheers
Reimar

Am 10.07.2012 14:41, schrieb Paul Boddie:
> On Tuesday 10 July 2012 13:49:52 Peter Watson wrote:
>> Many thanks Reimar. I should point out I am not a developer but a moinmoin
>> wiki user so am not familiar with the behind the scenes python workings but
>> do do a lot of editing of pages! There is no common user sending the spam
>> (the spamming users are identified by different numbers and a lot seem to
>> come from USA). The word http is in all the spamming but we do add http
>> links to some of our pages so wouldn't want to disable that so I am not
>> sure BadContent would work but the TextChas sound interesting which as I
>> understand it prompt the user with a one-answer question to authorise page
>> saving.
> 
> TextChas only affect users who are not regarded as trusted, so you can avoid 
> annoying your regular users by putting them in a special group. Meanwhile, 
> the BadContent mechanism blacklists URLs used by spammers. Although it isn't 
> completely effective, it will stop widely observed spam messages provided 
> that the master list is kept up-to-date. Otherwise, you can use 
> LocalBadContent to identify spam URLs, but this can be exhausting work.
> 
> If your Wiki isn't meant to be publicly editable or has a restricted editing 
> group, you may wish to enforce restrictions on registration and editing. Some 
> people deploy Wikis thinking that it is somehow "against the Wiki way" to 
> impose restrictions on editing: this is nonsense and rather irresponsible, 
> too, given the nature of the Internet today.
> 
>> I have passed your suggestion onto the IT and wiki superuser here for their
>> thoughts. I am not sure of the moinmoin version we have but we have had
>> this since at least 2006 and it uses valid HTML 4.01 and the moinmoin link
>> we have links to an out-of-date URL http://moinmoin.wikiwikiweb.de/ so I am
>> guessing it is quite an old one.
> 
> I'm sure people on this list will be happy to offer any advice to you or your 
> IT administration about securing your Wiki. I feel that MoinMoin should 
> probably be deployed in a "hardened" state by default, which I don't think it 
> currently is, so no-one should feel bad about asking for advice on the 
> matter.
> 
> Paul
> 
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and 
> threat landscape has changed and how IT managers can respond. Discussions 
> will include endpoint security, mobile security and the latest in malware 
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>

More information about the Moin-user mailing list