#3512: Preventing spam in osgeo.org
--------------------------------+-----------------------
Reporter: jsanz | Owner: robe
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: SysAdmin/Wordpress | Keywords:
--------------------------------+-----------------------
Last hours we had a small incident in osgeo.org where a compromised
account (leaked password) created a bunch of spam content. Fortunately,
the content was created in the default "posts" section of the website and
did not reach our public website because we only publish two custom
content types (community news from the planet and foundation news).
Spam has been removed, and the user reset his account so we are good, but
it was suggested that maybe we can take a look at the security set up.
Maybe we can enforce 2FA for our editors? I just set up mine, and it
works, but it is optional. Or maybe some form of spam prevention from the
publishing form?
--
Ticket URL: <Making sure you're not a bot!;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.