[Moin-user] Cracked...advice sought on how to proceed
Desmond Rivet
desmond.rivet at gmail.com
Mon Jun 17 19:36:56 EDT 2013
On Sun, Jun 16, 2013 at 5:24 PM, Paul Boddie <paul at boddie.org.uk> wrote:
>
> I wouldn't immediately re-install Moin. It might be interesting to know
> what
> kind of authentication measures you provide, whether you have a restrictive
> ACL policy, and whether the "newaccount" action is enabled. Generally, to
> prevent bogus edits you can require users to be registered in order to make
> edits, you can thereby require authentication, and you can forbid new
> accounts by putting the following in the class in your configuration file:
>
> actions_excluded = ["newaccount"] # plus any others you exclude
>
> At that point, maybe the only new files that get created are session files
> and
> cache files, as far as I can tell.
>
I made myself the super user:
superuser = [u"DesmondRivet", ]
And I disabled editing all around:
acl_rights_default = u"All:read"
And I granted full rights to the WebmasterGroup:
acl_rights_before = u"WebmasterGroup:read,write,delete,revert,admin"
of which I am a part.
I am not aware of the actions_excluded option. I'll take a look.
I cam across the moint maint cleanpages utility, which has proven very
useful here.
All this being said...I've now tried logging in to my wiki and I'm finding
that it's hanging with no response...not sure where to look for problems.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/moin-user/attachments/20130617/cf06f25a/attachment.html>
More information about the Moin-user
mailing list