Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

中文标题【避免和清理垃圾】

如果你的 Confluence 是允许公众访问的话,你可能会遇到垃圾内容的骚扰。

阻止垃圾发布者

希望阻止垃圾发布者:

  1. 启用验证码(Captcha),请参考页面 Configuring Captcha for Spam Prevention
  2. 将 Confluence 运行在 Apache webserver 之后,然后在 Apache 服务器上创建垃圾发布者的 IP 阻止策略。

在 Apache 或者系统级别阻止垃圾

如果一个垃圾发布机器人攻击你的 Confluence 站点,这些程序可能来自于同一个 IP 地址,或者是一个比较小范围的 IP 地址段。希望找到攻击者的 IP 地址,请参考 Apache access logs 中的实时内容同时找到这些攻击者攻击的页面。

例如,一个垃圾发布者正在创建用户,你可以在日志中查找 signup.action:

No Format
$ tail -f confluence.atlassian.com.log | grep signup.action
1.2.3.4 - - [13/Jan/2010:00:14:51 -0600] "GET /signup.action HTTP/1.1" 200 9956 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 37750

比较实际垃圾用户创建的内容和日志中的内容,确保你没有组织实际使用用户的访问。在默认的情况下,Apache 的日志将会在日志的第一段中记录访问者的 IP 地址。

一旦你获取到了攻击你 Confluence 站点的 IP 地址或者 IP 地址段,你可以添加这个地址或者地址段到你的防火墙黑名单中。例如,针对 Linux 的平台,使用 Shorewall 防火墙,你可以简单的运行下面的命令:

No Format
# echo "1.2.3.4" >> /etc/shorewall/blacklist
# /etc/init.d/shorewall reload

希望在 Apache 级别阻止一个 IP 地址,添加这行到你 Apache 的 vhost 配置中:

No Format
Deny from 1.2.3.4

你可以在启动 Apache 的时候添加  "graceful" 命令,这个命令将会运行你重新启动 Apache 同时保持当前用户的会话。

如果你还不能组织垃圾用户的话,你可以考虑禁用允许公共用户注册。

删除垃圾

属性(profile)垃圾

By 'profile spam', we mean spammers who create accounts on Confluence and post links to their profile page.

If you have had many such spam profiles created, the easiest way to delete them is via SQL.

To delete a spam profile:

  • Shut down Confluence and back up your database. 
    Note: This step is essential before you run any SQL commands on your database.
  • Find the last real profile:

    属性垃圾的定义为,一个垃圾用户在 Confluence 创建了用户,但是这个用户在自己的属性页面中添加了垃圾 URL。

    如果你有很多垃圾用户在你的系统中创建了属性,你可以使用下面的 SQL 很容易的一次性删除。

    如何删除属性中的垃圾:

    1. 停止 Confluence 实例然后备份好你的数据库。
      备注:这个步骤应该在你在数据库运行下面的 SQL 之前进行操作。
    2. 找到最后的真实属性:

      Code Block
      languagesql
       SELECT bodycontentid,body FROM bodycontent WHERE contentid IN 
        (SELECT contentid FROM content WHERE contenttype='USERINFO') 
        ORDER BY bodycontentid DESC; 
    3. Look through the bodies of the profile pages until you find where the spammer starts. You may have to identify an number of ranges.
    4. Find the killset:查看属性页面中的内容,直到你找到垃圾用户的状态。你可能需要要求一系列的区间。
    5. 找到需要删除的集合:

      Code Block
      languagesql
      CREATE TEMP TABLE killset AS SELECT bc.bodycontentid,c.contentid,c.username FROM 
        bodycontent bc JOIN content c ON bc.contentid=c.contentid WHERE 
        bodycontentid >= BOTTOM_OF_SPAM_RANGE AND bodycontentID <= TOP_OF_SPAM_RANGE 
        AND  c.contenttype='USERINFO';
      
      DELETE FROM bodycontent WHERE bodycontentid IN (SELECT bodycontentid FROM killset);
      
      DELETE FROM links WHERE contentid IN (SELECT contentid FROM killset);
      
      DELETE FROM content WHERE prevver IN (SELECT contentid FROM killset);
      
      DELETE FROM content WHERE pageid IN (SELECT contentid FROM killset);
       
      DELETE FROM content WHERE contentid IN (SELECT contentid FROM killset);
      
      DELETE FROM os_user_group WHERE user_id IN (SELECT id FROM killset k JOIN os_user o ON o.username=k.username);
      
      DELETE FROM os_user WHERE username IN (SELECT username FROM killset);

      If you're using 如果你使用的是 Confluence 5.6 or earlier use the SQL commands below:或者早期的版本,请使用下面的 SQL 命令:

      Expand
      titleFor Confluence 5.6 and earlier...
      Code Block
      languagesql
       CREATE TEMP TABLE killset AS SELECT bc.bodycontentid,c.contentid,c.username FROM 
        bodycontent bc JOIN content c ON bc.contentid=c.contentid WHERE 
        bodycontentid >= BOTTOM_OF_SPAM_RANGE AND bodycontentID <= TOP_OF_SPAM_RANGE 
        AND  c.contenttype='USERINFO';
      
      DELETE FROM bodycontent WHERE bodycontentid IN (SELECT bodycontentid FROM killset);
      
      DELETE FROM links WHERE contentid IN (SELECT contentid FROM killset);
      
      DELETE FROM content WHERE prevver IN (SELECT contentid FROM killset);
      
      DELETE FROM attachments WHERE pageid IN (SELECT contentid FROM killset);
       
      DELETE FROM content WHERE contentid IN (SELECT contentid FROM killset);
      
      DELETE FROM os_user_group WHERE user_id IN (SELECT id FROM killset k JOIN os_user o ON o.username=k.username);
      
      DELETE FROM os_user WHERE username IN (SELECT username FROM killset);
    6. Once the spam has been deleted, restart Confluence and rebuild the index. This will remove any references to the spam from the search index.一旦垃圾内容被删除后,重启 Confluence 然后重构内容索引。这操作将会从索引查找对话框中删除任何相关的垃圾内容。