[EP-tech] Archive under attack, security issue

John Salter J.Salter at leeds.ac.uk
Wed Jan 3 13:59:04 GMT 2018


Hi Alfredo,
Is there anything in the error logs?
Can your server access other websites? It need to be able to contact the Recaptcha service to confirm the response.

It might also be worth looking at:
https://github.com/eprints/eprints/pull/468
which updates the reCaptcha to v2, and has a configuration setting for a proxy - if you server uses on when trying to contact external services.

I think it should work OK on v3.3.14.

Cheers,
John

From: eprints-tech-bounces at ecs.soton.ac.uk [mailto:eprints-tech-bounces at ecs.soton.ac.uk] On Behalf Of Alfredo Cosco
Sent: 03 January 2018 13:34
To: eprints-tech at ecs.soton.ac.uk
Subject: [EP-tech] Archive under attack, security issue

Hello,
it's some days that one of my archives is under a flood of fake registrations.

I activated a re-captcha plug-in but nothing changed.

The Archive is: http://www.rmaos.unina.it

How can I stop this?

I need help

Thanks,
Alfredo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20180103/0b7a239a/attachment-0001.html 


More information about the Eprints-tech mailing list