Set up notification for when/if Google's safe browsing spots something on wiki*
Closed, ResolvedPublic

Description

http://www.google.com/safebrowsing/diagnostic?site=wikimedia.org/

http://www.google.com/safebrowsing/diagnostic?site=upload.wikimedia.org/

Reported on IRC

CC'ing Ariel as I believe the Google auth has already been done, so is easier to use the same account than authorising many others


Version: unspecified
Severity: normal

bzimport added a subscriber: wikibugs-l.
bzimport set Reference to bz28898.
Reedy created this task.Via LegacyMay 9 2011, 6:56 PM
MarkAHershberger added a comment.Via ConduitMay 11 2011, 3:54 PM

Ariel, I'm assigning this to you. Let me know if you can't do it.

ArielGlenn added a comment.Via ConduitMay 12 2011, 8:31 PM

I don't have auth on upload. I have it on www. (which is practically worthless, basically. But I needed it for Google Storage.)

MarkAHershberger added a comment.Via ConduitMay 12 2011, 10:54 PM

Is there someone else who might have the auth necessary to look at this?

Reedy added a comment.Via ConduitMay 13 2011, 12:48 PM

If we ask RobH or Ryan Lane to setup the dns entries, so someone can gain access

Probably the simplest way

RobH added a comment.Via ConduitMay 13 2011, 12:55 PM

Clarification from in person discussion.

The task is setting up with Google so when they display these errors, we are notified about them.

MarkAHershberger added a comment.Via ConduitJun 15 2011, 8:09 PM

We now have webmaster@wikimedia.org authorized for enwikinews so it seems like we could do the same for other sites. I *assume* they're going to send us notices about enwikinews now..

MarkAHershberger added a comment.Via ConduitJun 16 2011, 5:01 PM

If we want notices, we probably need to monitor http://www.google.com/safebrowsing/diagnostic?site=domainname.com

MarkAHershberger added a comment.Via ConduitJun 16 2011, 5:44 PM

pyoungmeister told me he would set up nagios to do this.

hashar added a comment.Via ConduitJun 23 2011, 8:58 PM

In addition to nagios, maybe we could ask google to send an email notification as well?

MarkAHershberger added a comment.Via ConduitJun 27 2011, 6:10 PM

(In reply to comment #9)

In addition to nagios, maybe we could ask google to send an email notification
as well?

Might be possible. Emails should go to webmaster@wikimedia.org if someone sets up email notifications.

hashar added a comment.Via ConduitJun 28 2011, 5:25 PM

Emailed google security team and cced Mark:


Dear Google security team,

I am one of the Wikipedia system administrator volunteer, Mark A. Hershberger (in cc mah@everybody.org) is Wikimedia bugmeister.

I am contacting you regarding the Safe Browsing diagnostic page you have setup at:

http://www.google.com/safebrowsing/diagnostic?site=wikipedia.org/

We are wondering if it could be possible to receive email notifications whenever a new problem is detected on one of our domains.

For future reference, our tracking number is 'bug 28898':

https://bugzilla.wikimedia.org/28898

MarkAHershberger added a comment.Via ConduitJun 28 2011, 6:12 PM

Note that we would like this to be set up on *.wikipedia.org,
*.wikibooks.org, etc. Not just wikipedia.org.

MarkAHershberger added a comment.Via ConduitJun 28 2011, 6:27 PM

From http://www.google.com/support/webmasters/bin/answer.py?answer=163633, they send notices to the following email addresses for the domain any time they find something:

abuse@
admin@
administrator@
contact@
info@
postmaster@
support@
webmaster@

So making sure all the verious domains webmaster@ emails go to webmaster@wikimedia.org should be fine.

(Updating b/c the automatic response to Ashar's email said they wouldn't respond since we weren't giving them a report on a security vulnerability.)

MarkAHershberger added a comment.Via ConduitJul 6 2011, 7:58 PM

notifications should now be working for the following domains:

wikimedia.org
wikimediafoundation.org
wikipedia.org
wiktionary.org
wikiquote.org
wikibooks.org
wikisource.org
wikinews.org
wikiversity.org
mediawiki.org

Add Comment

Column Prototype
This is a very early prototype of a persistent column. It is not expected to work yet, and leaving it open will activate other new features which will break things. Press "\" (backslash) on your keyboard to close it now.