Page MenuHomePhabricator
Create Task
Maniphest T355605

Set up an alert for captcha failure
Closed, ResolvedPublic3 Estimated Story Points
Actions

Description

In order to be aware of any incidents, we need to setup an alert for captcha failures.

Refer to Investigations/nvestigation: Create-user exploit

To do

  • Create an IaC variable captcha_failure_threshold with a value of 50.
  • Create an IaC variable captcha_monitor window with a value of 24.
  • Monitor logs as follows for /ecs/auth_pr_wme log group. Send out a medium severity alert when the captcha failures log exceed more than 50 in 24 hours period.

{"level":"error","time":"2024-01-09T03:52:00Z","caller":"createuser/createuser.go:108","msg":"captcha verification failed"}

QA / Acceptance criteria

  • With a low threshold, perform some sign ups failing captcha. See that you get the alert as expected.

Event Timeline

prabhat created this task.Jan 22 2024, 9:27 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 22 2024, 9:27 PM
JArguello-WMF updated the task description. (Show Details)Mar 13 2024, 2:04 PM
JArguello-WMF set the point value for this task to 3.
JArguello-WMF moved this task from To Be Estimated/To Be Discussed to Estimated /Discussed on the Wikimedia Enterprise board.
JArguello-WMF moved this task from Estimated /Discussed to Sprint 57 on the Wikimedia Enterprise board.Mar 21 2024, 2:16 PM
JArguello-WMF edited projects, added Wikimedia Enterprise (Sprint 57); removed Wikimedia Enterprise.
JArguello-WMF triaged this task as Medium priority.Mar 21 2024, 2:19 PM
LDlulisa-WMF claimed this task.Mar 25 2024, 3:28 PM
LDlulisa-WMF moved this task from Next Up to In Progress on the Wikimedia Enterprise (Sprint 57) board.
REsquito-WMF claimed this task.Mar 26 2024, 9:56 AM
REsquito-WMF added a subscriber: LDlulisa-WMF.
REsquito-WMF moved this task from In Progress to MR on the Wikimedia Enterprise (Sprint 57) board.Mar 26 2024, 12:21 PM
REsquito-WMF moved this task from MR to QA on the Wikimedia Enterprise (Sprint 57) board.Apr 1 2024, 12:02 PM
REsquito-WMF moved this task from QA to Sign Off on the Wikimedia Enterprise (Sprint 57) board.Tue, Apr 2, 12:47 PM
REsquito-WMF moved this task from Sign Off to Done on the Wikimedia Enterprise (Sprint 57) board.Tue, Apr 2, 6:35 PM
JArguello-WMF closed this task as Resolved.Thu, Apr 11, 2:11 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL