EPrints Technical Mailing List Archive

See the EPrints wiki for instructions on how to join this mailing list and related information.

Message: #07052


< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

Re: [EP-tech] Archive under attack, security issue


Hi Alfredo,

Is there anything in the error logs?

Can your server access other websites? It need to be able to contact the Recaptcha service to confirm the response.

 

It might also be worth looking at:

https://github.com/eprints/eprints/pull/468

which updates the reCaptcha to v2, and has a configuration setting for a proxy - if you server uses on when trying to contact external services.

 

I think it should work OK on v3.3.14.

 

Cheers,

John

 

From: eprints-tech-bounces@ecs.soton.ac.uk [mailto:eprints-tech-bounces@ecs.soton.ac.uk] On Behalf Of Alfredo Cosco
Sent: 03 January 2018 13:34
To: eprints-tech@ecs.soton.ac.uk
Subject: [EP-tech] Archive under attack, security issue

 

Hello,

it's some days that one of my archives is under a flood of fake registrations.

 

I activated a re-captcha plug-in but nothing changed.

 

The Archive is: http://www.rmaos.unina.it

 

How can I stop this?

 

I need help

 

Thanks,

Alfredo