[Pdbwiki-devel] Security of PDBWiki
Jose M. Duarte
jose.m.duarte at gmail.com
Wed Oct 6 10:42:07 EDT 2010
Absolutely it is time to go back to bifx.org. I haven't got so much time
this week, but from next week I can help to start moving things.
One issue is the pdbase database. If I recall well we still depend on it but
the servers at MPI are going to be gone some time soon I guess. We could try
to have it in bifx.org but maybe that's asking for too much space. Another
thing we could do relatively easily is do without pdbase and use directly
the cif files but of course that still requires a local PDB copy. In any
case the update pipeline itself runs still from the MPI servers and it's
something we would need to move too.
Ok that's probably too many things for now, let's try to do one at a time ;)
Jose
On 6 October 2010 12:14, Dan Bolser <dan.bolser at gmail.com> wrote:
> Yup we should move back to bifx.org.
>
> I believe that MW is quite solid security wise, with security being
> improved all the time (i.e. we should upgrade MW when we move).
> However, extensions are another matter. One of the main reasons the
> MediaWiki Foundation sites carry so few extensions is that each one
> needs a security audit before it is allowed.
>
> The best we can do is to make sure we have up to date versions of all
> the extensions that we use and that the apache / php installs are also
> 'locked down' as best as possible.
>
> I'll start looking at migration this weekend.
>
> All the best,
> Dan.
>
> On 6 October 2010 09:59, Henning Stehr <stehr at molgen.mpg.de> wrote:
> > Some new user 'Bololoikak2' created pages with hidden links to russian
> > websites and uploaded obscure jpg files. At best, he is a spammer. To
> > me it looks like it could even be a hacking attempt.
> > I blocked the user and deleted his pages but this made me worry a bit
> > about security of the server. Does anyone know how bullet proof
> > MediaWiki is? Going from nobody to root is not such a big deal
> > (believe me).
> >
> > Would that be a good opportunity to move server again? We'll have to
> > do that soon anyways.
> >
> > _______________________________________________
> > Pdbwiki-devel mailing list
> > Pdbwiki-devel at bioinformatics.org
> > http://www.bioinformatics.org/mailman/listinfo/pdbwiki-devel
> > http://www.pdbwiki.org
> >
>
> _______________________________________________
> Pdbwiki-devel mailing list
> Pdbwiki-devel at bioinformatics.org
> http://www.bioinformatics.org/mailman/listinfo/pdbwiki-devel
> http://www.pdbwiki.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.bioinformatics.org/pipermail/pdbwiki-devel/attachments/20101006/fa53b9ad/attachment.html>
More information about the Pdbwiki-devel
mailing list