EPrints Technical Mailing List Archive

See the EPrints wiki for instructions on how to join this mailing list and related information.

Message: #07052

Re: [EP-tech] Archive under attack, security issue

To: "eprints-tech@ecs.soton.ac.uk" <eprints-tech@ecs.soton.ac.uk>
Subject: Re: [EP-tech] Archive under attack, security issue
From: John Salter <J.Salter@leeds.ac.uk>
Date: Wed, 3 Jan 2018 13:59:04 +0000

Hi Alfredo,

Is there anything in the error logs?

Can your server access other websites? It need to be able to contact the Recaptcha service to confirm the response.

It might also be worth looking at:

https://github.com/eprints/eprints/pull/468

which updates the reCaptcha to v2, and has a configuration setting for a proxy - if you server uses on when trying to contact external services.

I think it should work OK on v3.3.14.

Cheers,

John

From: eprints-tech-bounces@ecs.soton.ac.uk [mailto:eprints-tech-bounces@ecs.soton.ac.uk] On Behalf Of Alfredo Cosco
Sent: 03 January 2018 13:34
To: eprints-tech@ecs.soton.ac.uk
Subject: [EP-tech] Archive under attack, security issue

Hello,

it's some days that one of my archives is under a flood of fake registrations.

I activated a re-captcha plug-in but nothing changed.

The Archive is: http://www.rmaos.unina.it

How can I stop this?

I need help

Thanks,

Alfredo

Follow-Ups:
- Re: [EP-tech] Archive under attack, security issue
  - From: John Salter <J.Salter@leeds.ac.uk>

References:
- [EP-tech] Archive under attack, security issue
  - From: Alfredo Cosco <alfredo.cosco@gmail.com>
- Re: [EP-tech] Archive under attack, security issue
  - From: John Salter <J.Salter@leeds.ac.uk>

Prev by Date: Re: [EP-tech] Archive under attack, security issue
Next by Date: [EP-tech] Refresh Abstracts removing Boxes from Summary Page
Previous by thread: [EP-tech] EPrints/CRIS
Next by thread: [EP-tech] DOI handling in orcid_support_advance
Index(es):
- Date
- Thread