Fixing trac vandalism
Trac is especially prone to wiki vandalism. Worse thing, it is isn’t obvious how to fix the problem.
Attacks are often embedded in hidden html:
1 {{{ 2 #!html 3 4You need to have access to the trac-admin CLI.
trac-admin /home/hendry/trac permission list trac-admin /home/hendry/trac permission remove anonymous WIKI_CREATE trac-admin /home/hendry/trac permission remove anonymous WIKI_MODIFY trac-admin /home/hendry/trac permission remove anonymous WIKI_VIEW trac-admin /home/hendry/trac permission remove anonymous TICKET_CREATE trac-admin /home/hendry/trac permission remove anonymous TICKET_MODIFY trac-admin /home/hendry/trac permission help trac-admin /home/hendry/trac permission add anonymous WIKI_VIEW trac-admin /home/hendry/trac permission list trac-admin /home/hendry/trac permission add hendry WIKI_ADMINTrac defaults of WIKI_CREATE and WIKI_MODIFY for anonymous is just ripe for abuse. Notice the user hendry has to be created with htpasswd. That’s how users are managed with trac. Seems like a good idea at first, but it seems all too often a point of confusion. See my /etc/apache2/sites-enabled/001-trac for more clues.
Once I set myself up as WIKI_ADMIN I could only then “Delete this version” of the vandalised pages and roll/revert the page back to the original. This is a very frustrating procedure if the site has been vandalised numerous times! Use the timeline to delete each revision containing spam.
Use RSS to track attacks. Here is an example of a feed URL:
http://webpy.org/track/timeline?daysback=90&max=50&wiki=on&ticket=on&changeset=on&milestone=on&format=rss