Folks, has anyone else had problems with Dokuwiki being hacked?
I’ve got tens (hundreds?) of pages added to the wiki in Polish. The username associated is that of the wiki admin. I’ve changed user password for that. It looks like I’m on automatic upgrade, so I don’t see a patch needed to secure things.
Other advice (for cleaning up the mess and/or locking the door more securely) is appreciated.
I’ve definitely had cases where Dokuwiki installs that were left to open registration or open editing get hit with a ton of spam. You may want to lock it down so that registration is required to create/edit content (see more on permissions at acl [DokuWiki]). As far as cleanup the easiest thing I’ve found since Dokuwiki is a flat file system is to access the account by FTP and sort by modified date. If the additional pages were added en masse after a certain date that can be easier to select all of them and delete.
Thanks. Indeed, cleanup was much easier than expected given the file system. I was able to delete all newer pages. However, as best I could tell, the spam bot had login access via the admin account (mine), or was spoofing that account name in create new pages. I’ve locked it down, changed the password, and will be watching for any other activity.