<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Tue, Feb 21, 2017 at 2:05 AM, Sebastian Silva <span dir="ltr"><<a href="mailto:sebastian@fuentelibre.org" target="_blank">sebastian@fuentelibre.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <div bgcolor="#FFFFFF" text="#000000"><span class=""> <p><br> </p> <br> <div class="m_4607846137454030079moz-cite-prefix">On 18/02/17 14:03, Samuel Cantero wrote:<br> </div> <blockquote type="cite"> <div dir="ltr">it was me. <div><br> </div> <div>Ignacio, problem solved. It was a firewall issue. Go ahead.</div> </div> <div class="gmail_extra"><br> </div> </blockquote> <br></span> Hi Samuel,<br> <br> I had set the firewall in response to an attack on <a href="http://network.sugarlabs.org" target="_blank">network.sugarlabs.org</a> (check Jan 18th "Please Help" email thread on systems@). Having turned off the firewall, this attack has just resumed.<br> <br> The attack consists of ~20 IP addresses issuing a POST request every few seconds and updating a Sugar Network project with SPAM contents.<br></div></blockquote><div><br></div><div>Who is in charge of maintaining the site? An authentication must be done before allowing any POST data. Site must add authentication mechanism. We can block now 20 IPs but it'll be unstoppable over time. We can't block the whole internet.</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div bgcolor="#FFFFFF" text="#000000"> <br> I have a script /root/block.sh with firewall rules that blocked the IP addresses we isolated from the logs.<br> <br> Previously this script missed to allow https, but I've added this now, so I've re-enabled the firewall. It looks to me like gitorious works.<br> <br> I hope it doesn't cause other issues.<br> <br> Regards,<br> Sebastian<br> <br> <br> </div> </blockquote></div><br></div></div>