Hi!
The bot user TaxonBot@TaxonBot has been blocked for 2 days by this login attack, to login to dewiki.
Error: result Failed reason {You have made too many recent login attempts. Please wait 2 days before trying again.}
The bot has to do much important task and edits to dewiki, so I need it now (Unbreak now!) So please count down the time to wait of 2 days to 0 minutes please.
Thanks ...
Regarding the priority, please see https://www.mediawiki.org/wiki/Phabricator/Project_management#Setting_task_priorities
About the source of the block, I think this is unrelated to the failed login attempts, as I understand it $wgPasswordAttemptThrottle is per ip, per user. So a DoS could not be done against a user (unless from the same ip).
Perhaps some could clarify if the user for $wgPasswordAttemptThrottle is the sul account or it botpasswords are considered separate users. If it is considered separate, the easy solution is to create a new botpassword and use that.
Ad priority) I concur the UBN traiging.
In theory, the attack's source can be ToolForge or other Cloud VPS.
The easiest solution how to find out if the variable is counted per login method is to try it :).
A summary of the issue for NDA-users https://logstash.wikimedia.org/goto/dd24dcbf5ce722b12b23276c91bed73e
I think it can only originate from the same VPS instance. Dewiki will see its IP on the login attempt not a general egress address
This definitely has nothing to do with the attack (Except possibly you changed your password which resulted in your bot giving the wrong password)
So the normal bot seems to be logging in fine
2018-05-08T16:33:04mw1228 INFO Login succeeded for normal TaxonBot from 10.68.23.150 - 10.68.23.150, 10.64.32.107, 10.64.32.107 - TaxonBot@de.wikipedia <animalia@gmx.net> – MediaWiki Tcl Bot Framework 0.5 - :::::v4
But i guess its just the TaxonBot@TaxonBot bot password version, which mostly has a whole bunch of:
`authentication for 'TaxonBot@TaxonBot' failed due to missing account`
Also weirdly, we are not seeing the throttle message in the logs. Perhaps the throttle doesn't get logged in the botpasssword case. Something to look into later.
@doctaxon Do you see a TaxonBot entry in https://meta.wikimedia.org/wiki/Special:BotPasswords ?
I am going to clear the throttle, but please make sure your bot is working as well (It would also be good for it to not repetitively try to login during errors), or it will just get throttled again.
Mentioned in SAL (#wikimedia-operations) [2018-05-08T17:00:28Z] <bawolff> Clear botpassword throttle for [[User:TaxonBot]] (T194160)
@Bawolff I changed the botpassword about 10:45 UTC, May 9th. A login is successful now, but it was not successful on a first test with the old botpassword before.
Can root detect a botpassword change for TaxonBot@TaxonBot on meta, what I have not done by myself May 7th?