<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Tue, Feb 21, 2017 at 2:05 AM, Sebastian Silva <span dir="ltr"><<a href="mailto:sebastian@fuentelibre.org" target="_blank">sebastian@fuentelibre.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><span class="">
<p><br>
</p>
<br>
<div class="m_4607846137454030079moz-cite-prefix">On 18/02/17 14:03, Samuel Cantero
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">it was me.
<div><br>
</div>
<div>Ignacio, problem solved. It was a firewall issue. Go ahead.</div>
</div>
<div class="gmail_extra"><br>
</div>
</blockquote>
<br></span>
Hi Samuel,<br>
<br>
I had set the firewall in response to an attack on
<a href="http://network.sugarlabs.org" target="_blank">network.sugarlabs.org</a> (check Jan 18th "Please Help" email thread on
systems@). Having turned off the firewall, this attack has just
resumed.<br>
<br>
The attack consists of ~20 IP addresses issuing a POST request every
few seconds and updating a Sugar Network project with SPAM contents.<br></div></blockquote><div><br></div><div>Who is in charge of maintaining the site? An authentication must be done before allowing any POST data. Site must add authentication mechanism. We can block now 20 IPs but it'll be unstoppable over time. We can't block the whole internet.</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div bgcolor="#FFFFFF" text="#000000">
<br>
I have a script /root/block.sh with firewall rules that blocked the
IP addresses we isolated from the logs.<br>
<br>
Previously this script missed to allow https, but I've added this
now, so I've re-enabled the firewall. It looks to me like gitorious
works.<br>
<br>
I hope it doesn't cause other issues.<br>
<br>
Regards,<br>
Sebastian<br>
<br>
<br>
</div>
</blockquote></div><br></div></div>