Page MenuHomePhabricator

https://meta.wikimedia.org/wiki/Special:Contact/Stewards is being abused by spammers
Closed, ResolvedPublic

Description

https://meta.wikimedia.org/wiki/Special:Contact/Stewards and other metawiki contact pages have been a couple of times the target of spamming bots. This would flood the OTRS queues that handle the emails generated by the contact pages and cause significantly more work for the volunteer OTRS agents.

While tracking down the IP and stopping a specific incident was possible up to now since the ContactPage [1] extension is configured to add that to the subject of the outgoing email, the attackers have switched patterns and are now sending those emails from multiple IPs ,effectively making this a game of whac a mole[2].

Spam filters are also not useful since those emails are generated from our own infrastructure which is inherently trusted (and we don't want to change that currently)

We have ConfirmEdit enabled so we can use that in the longer term to thwart those kinds of attacks

[1] https://www.mediawiki.org/wiki/Extension:ContactPage
[2] https://en.wikipedia.org/wiki/Whac-A-Mole

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 6 2018, 11:05 AM
Krd added a subscriber: Krd.Mar 6 2018, 11:06 AM
akosiaris triaged this task as Medium priority.Mar 6 2018, 11:06 AM

The above has been done in https://gerrit.wikimedia.org/r/#/c/416659/ and now the contact pages on metawiki have captchas enabled for non logged in users. I expect this to sufficiently address the problem.

Scoopfinder moved this task from Incoming to Backlog on the OTRS board.Mar 6 2018, 11:15 AM
Stryn added a subscriber: Stryn.Mar 6 2018, 2:48 PM
greg added a subscriber: greg.Mar 6 2018, 9:47 PM
Rxy added a subscriber: Rxy.Mar 7 2018, 4:46 PM

No complaints in 6 days, I consider the problem resolved. I 'll keep this open for a few more days so that any problems reported find their way into this and then I 'll resolve the task as well.

JJMC89 closed this task as Resolved.Oct 3 2018, 12:22 AM