EPrints Technical Mailing List Archive

See the EPrints wiki for instructions on how to join this mailing list and related information.

Message: #07061


< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

Re: [EP-tech] Archive under attack, security issue


Hello,
sorry the right url is: http://www.rmoa.unina.it

@john: where do I find errors?

The server contains only eprints instances.

I try to upgrade the script, and I'll let you know.

Thanks
Alfredo

2018-01-03 14:59 GMT+01:00 John Salter <J.Salter@leeds.ac.uk>:

Hi Alfredo,

Is there anything in the error logs?

Can your server access other websites? It need to be able to contact the Recaptcha service to confirm the response.

 

It might also be worth looking at:

https://github.com/eprints/eprints/pull/468

which updates the reCaptcha to v2, and has a configuration setting for a proxy - if you server uses on when trying to contact external services.

 

I think it should work OK on v3.3.14.

 

Cheers,

John

 

From: eprints-tech-bounces@ecs.soton.ac.uk [mailto:eprints-tech-bounces@ecs.soton.ac.uk] On Behalf Of Alfredo Cosco
Sent: 03 January 2018 13:34
To: eprints-tech@ecs.soton.ac.uk
Subject: [EP-tech] Archive under attack, security issue

 

Hello,

it's some days that one of my archives is under a flood of fake registrations.

 

I activated a re-captcha plug-in but nothing changed.

 

The Archive is: http://www.rmaos.unina.it

 

How can I stop this?

 

I need help

 

Thanks,

Alfredo


*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
*** Archive: http://www.eprints.org/tech.php/
*** EPrints community wiki: http://wiki.eprints.org/
*** EPrints developers Forum: http://forum.eprints.org/