[wsfii-discuss] Deletion of false users on wsfii site

Thu Oct 1 02:34:06 UTC 2009

>
>From: Bjarke Nielsen <bjarke at djurslands.net>
>To: dpaufler at leo34.net; Discuss list on the World Summit on Free Information Infrastructure <wsfii-discuss at lists.okfn.org>
>Sent: Thursday, 1 October, 2009 1:37:04
>Subject: Re: [wsfii-discuss] Deletion of false users on wsfii site
>
>
>"charlotte Administrator" was actually the first admin for the site, when it started to be administered by DIIRWB, as she used to be the manager of DIIRWB.
>
>Please let it be until further notice from DIIRWB.
>
>Greetings from Bjarke :-)
>Founder of DIIRWB and the DjurslandS.net in Denmark
>
>
>>Daniel Paufler skrev:
>
>Hey
>>
>>Vickram Crishna wrote:
>>  
>>Here is the remaining list of authorised users (in fact, several are listed as 'authors', so please pardon the pun). I have put the ones listed as 'admins' at the end. I still don't recognise a couple, and request for help. 
>>>
>>>DanielP 
>>>    
>>thats me.
>>
>>  
>>julianpriest
>>>    
>>imo known
>>
>>  
>>saul
>>>    
>>saul albert perhaps
>>
>>  
>>rob
>>>Saurabh Shukla 
>>>sjoachim 
>>>    
>>dont know
>>
>>  
>>test Test (Klavs) 
>>>vickram Administrator
>>>KlavsAdministrator 
>>>    
>>ok.
>>
>>  
>>kloschi Administrator 
>>>    
>>kloschi from Leipzig
>>
>>  
>>charlotte Administrator
>>>    
>>seems to be a fake spam admin account.
>>
>>  
>>Seems that anyone can register themselves as users, given a valid email ID. Maybe we should start exercising our right to complain to spamhaus etc for the spammers (most of whom were listed with popular email service providers, some had major European ISPs)? 
>>>    
>>To the admins:
>># switch off user self-reg
>># install akismet-spam for wordpress (api-key from wordpress.com required)
>># update the ancient version 2.5.1 to fix a lot of spam-holes.

* Rob is Rob Dyke

If we don't get any more clarifications, I will remove the others by the weekend. 

I have already requested DIIRWB to update wordpress. It needs server access, but not a lot of techie knowledge, so I do hope this will be done soon.I assume the sysads at DIIRWB do not encourage remote login, or limit it to specific IP addresses (which is still not very secure).

I think the akismet-spam feature is inbuilt with wordpress. I will try and activate it remotely, which should be possible, but it may only manage 'comments' and not 'blogposts'. The problem with switching off user self-reg is that listmembers won't be able to post. I am quite happy to keep checking now and then to delete rubbish and remove false IDs, unless they swamp us with bots or something. 

Maybe some of our posts on the list should be posted as blog items. It's a bit more work, but at least we won't have a site that looks like it hiccuped and went to sleep in 2007. Let me give it a shot over the next few days, but all assistance (and suggestions for particular list-items too, if any) appreciated, thanks. 
 Vickram
http://communicall.wordpress.com
http://vvcrishna.wordpress.com