[geeklog-devel] geeklog wiki overrun with spam bots
Dan Stoner
danstoner at gmail.com
Wed Oct 8 10:32:10 EDT 2025
> For spam pages to be added I assume the bots some how hacked into the
> website since a user account was required to update content?
Could be a number of mechanisms...
1. weak password on an existing account allowed hacker to use an
existing account (or an existing account was otherwise compromised
somehow)
2. old mediawiki contained a vulnerability that allowed a remote
privilege escalation / sql injection attack
3. old PHP contained a vulnerability, etc.
> It looks like the current version is 1.27.5 from 2016? Is this correct? (at
> least that is what the folder is labeled as)
Yes, that looks like the version.
> Do you know what PHP version etc... you are using on the server to host the
> Media Wiki?
I was using PHP in Docker:
docker.io/bitnami/php-fpm:5.6
- Dan
On Tue, Oct 7, 2025 at 12:06 AM Tom <websitemaster at cogeco.net> wrote:
>
> Hey Dan,
>
> Yeah that was a while ago... thanks for hosting for so long.
>
> I found the backup folder you mentioned.
>
> For spam pages to be added I assume the bots some how hacked into the
> website since a user account was required to update content?
>
> It has been a long time since I have used Media Wiki and I never have
> installed or maintained a website that uses it.
>
> Looking at the backups the compressed website files didn't really increase
> in size much but the database sql backup did especially starting in March of
> 2025.
>
> Just looking at the backup
> wiki.geeklog.net
> Media Wiki 1.27.5
> https://www.mediawiki.org/wiki/MediaWiki_1.27
>
> It looks like the current version is 1.27.5 from 2016? Is this correct? (at
> least that is what the folder is labeled as)
>
> Do you know what PHP version etc... you are using on the server to host the
> Media Wiki?
>
> BTW for those interested, the latest MediaWiki appears to be 1.44.2.
>
> It's too bad we didn't get the Wiki moved over to the Pair server at the
> time Dan wanted to do it...
>
> At this point I am sure it will take a bit of time to upgrade the version
> and figure out the best way to host it on the Pair server.
>
> I hate to not have the wiki up but it's unlikely I will have anytime soon to
> deal with it unless someone else volunteers.
>
> Thanks
>
> Tom
>
>
>
>
>
>
> -----Original Message-----
> From: geeklog-devel <geeklog-devel-bounces at lists.geeklog.net> On Behalf Of
> Dan Stoner
> Sent: October 5, 2025 7:04 PM
> To: Geeklog Development <geeklog-devel at lists.geeklog.net>
> Subject: [geeklog-devel] geeklog wiki overrun with spam bots
>
> I had to stop the PHP webserver for http://wiki.geeklog.net/.
>
> It had been overrun by spam bots generating thousands of pages of
> content and overloading the VPS server.
>
> I think it was 2016 that someone on this list mentioned a migration
> off my VPS server.
>
> I have been periodically sending backups over to a Pair server.
>
>
> Any thoughts on what to do with this situation?
>
> - Dan Stoner
>
>
> Sample of the spam page titles...
>
> +---------------------------------------------------------------------------
> ------------------------------------------------------------+
> | page_title
> |
> +---------------------------------------------------------------------------
> ------------------------------------------------------------+
> | AFK_Angel_Knights_Free_Currency_Generator_2025_Real_Working_New_Method
> |
> | AFK_Angel_Knights_Hack_Latest_Version_2025_New_Currency_(Unique)
> |
> |
> AFK_Arena_Cheats_Unlimited_Diamonds_Gold_IOS_Android_No_Survey_2025_(FREE_ME
> THOD)
> |
> | AFK_Arena_Hack_-_Generator_Android_And_Ios_Running_Method
> |
> | AFK_Dungeon_Idle_Action_RPG_Hack_Tool_Money_Generator_Cheats_(Ios_Android)
> |
> | AFK_Journey_Diamonds_2025_New_Working_Generator_(New_Method!)
> |
> | AFK_Journey_Gold_Generator_IOS_Android_No_Survey_2025_(NEW_STRATEGY)
> |
> |
> AFK_Magic_TD_Unlimited_Currency_Generator_IOS_Android_No_Survey_2025_(Reedem
> _Today)
> |
> |
> AFK_Three_Kingdoms_Hack_Unlimited_Gold_IOS_And_Android_No_Survey_2025_(free!
> !)
> |
> |
> ANGELICA_ASTER_Hack_-_Get_Free_ANGELICA_ASTER_Currency_Generator_2025_(Brand
> _New)
> |
> ...
>
> |
> | Zoo_Craft_Cheats_For_Money_Generator_No_Survey_(Unlimited-free)
>
> |
> | Zoo_Craft_Gold_Coins_2025_for_Android_iOS_(UPDATED_GENERATOR)
>
> |
> |
> Zoo_Island_Unlimited_Gold_Coins_Generator_No_Jailbreak_or_Root_(Premium_Orgi
> nal)
>
> |
> | Zoo_Life_Animal_Park_Game_Cheats_Money_IOS_Android_2025_(Money_Strategy)
>
> |
> | Zoo_Match_Cheats_Coins_Diamonds_IOS_Android_2025_(Coins_Diamonds_Strategy)
>
> |
> | Zoo_Park_Story_Free_Cash_Points_Generator_Fully_Works_No_Survey_Cheats
>
> |
> |
> Zooba_Fun_Battle_Royale_Games_Hack_-_Get_Free_Zooba_Fun_Battle_Royale_Games_
> Currency_Generator_2025_(Brand_New)
> |
> | Zooba_Fun_Shooting_Battle_2025_Working_(Money_Generator)
>
> |
> _______________________________________________
> geeklog-devel mailing list
> geeklog-devel at lists.geeklog.net
> https://pairlist8.pair.net/mailman/listinfo/geeklog-devel
>
>
> _______________________________________________
> geeklog-devel mailing list
> geeklog-devel at lists.geeklog.net
> https://pairlist8.pair.net/mailman/listinfo/geeklog-devel
More information about the geeklog-devel
mailing list