Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Current »

中文标题【避免和清理垃圾】

如果你的 Confluence 是允许公众访问的话,你可能会遇到垃圾内容的骚扰。

阻止垃圾发布者

希望阻止垃圾发布者:

  1. 启用验证码(Captcha),请参考页面 Configuring Captcha for Spam Prevention
  2. 将 Confluence 运行在 Apache webserver 之后,然后在 Apache 服务器上创建垃圾发布者的 IP 阻止策略。

在 Apache 或者系统级别阻止垃圾

如果一个垃圾发布机器人攻击你的 Confluence 站点,这些程序可能来自于同一个 IP 地址,或者是一个比较小范围的 IP 地址段。希望找到攻击者的 IP 地址,请参考 Apache access logs 中的实时内容同时找到这些攻击者攻击的页面。

例如,一个垃圾发布者正在创建用户,你可以在日志中查找 signup.action:

$ tail -f confluence.atlassian.com.log | grep signup.action
1.2.3.4 - - [13/Jan/2010:00:14:51 -0600] "GET /signup.action HTTP/1.1" 200 9956 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 37750

比较实际垃圾用户创建的内容和日志中的内容,确保你没有组织实际使用用户的访问。在默认的情况下,Apache 的日志将会在日志的第一段中记录访问者的 IP 地址。

一旦你获取到了攻击你 Confluence 站点的 IP 地址或者 IP 地址段,你可以添加这个地址或者地址段到你的防火墙黑名单中。例如,针对 Linux 的平台,使用 Shorewall 防火墙,你可以简单的运行下面的命令:

# echo "1.2.3.4" >> /etc/shorewall/blacklist
# /etc/init.d/shorewall reload

希望在 Apache 级别阻止一个 IP 地址,添加这行到你 Apache 的 vhost 配置中:

Deny from 1.2.3.4

你可以在启动 Apache 的时候添加  "graceful" 命令,这个命令将会运行你重新启动 Apache 同时保持当前用户的会话。

如果你还不能组织垃圾用户的话,你可以考虑禁用允许公共用户注册。

删除垃圾

属性(profile)垃圾

By 'profile spam', we mean spammers who create accounts on Confluence and post links to their profile page.

If you have had many such spam profiles created, the easiest way to delete them is via SQL.

To delete a spam profile:

  1. Shut down Confluence and back up your database. 
    Note: This step is essential before you run any SQL commands on your database.
  2. Find the last real profile:

     SELECT bodycontentid,body FROM bodycontent WHERE contentid IN 
      (SELECT contentid FROM content WHERE contenttype='USERINFO') 
      ORDER BY bodycontentid DESC; 
  3. Look through the bodies of the profile pages until you find where the spammer starts. You may have to identify an number of ranges.
  4. Find the killset:

    CREATE TEMP TABLE killset AS SELECT bc.bodycontentid,c.contentid,c.username FROM 
      bodycontent bc JOIN content c ON bc.contentid=c.contentid WHERE 
      bodycontentid >= BOTTOM_OF_SPAM_RANGE AND bodycontentID <= TOP_OF_SPAM_RANGE 
      AND  c.contenttype='USERINFO';
    
    DELETE FROM bodycontent WHERE bodycontentid IN (SELECT bodycontentid FROM killset);
    
    DELETE FROM links WHERE contentid IN (SELECT contentid FROM killset);
    
    DELETE FROM content WHERE prevver IN (SELECT contentid FROM killset);
    
    DELETE FROM content WHERE pageid IN (SELECT contentid FROM killset);
     
    DELETE FROM content WHERE contentid IN (SELECT contentid FROM killset);
    
    DELETE FROM os_user_group WHERE user_id IN (SELECT id FROM killset k JOIN os_user o ON o.username=k.username);
    
    DELETE FROM os_user WHERE username IN (SELECT username FROM killset);

    If you're using Confluence 5.6 or earlier use the SQL commands below:

     For Confluence 5.6 and earlier...
     CREATE TEMP TABLE killset AS SELECT bc.bodycontentid,c.contentid,c.username FROM 
      bodycontent bc JOIN content c ON bc.contentid=c.contentid WHERE 
      bodycontentid >= BOTTOM_OF_SPAM_RANGE AND bodycontentID <= TOP_OF_SPAM_RANGE 
      AND  c.contenttype='USERINFO';
    
    DELETE FROM bodycontent WHERE bodycontentid IN (SELECT bodycontentid FROM killset);
    
    DELETE FROM links WHERE contentid IN (SELECT contentid FROM killset);
    
    DELETE FROM content WHERE prevver IN (SELECT contentid FROM killset);
    
    DELETE FROM attachments WHERE pageid IN (SELECT contentid FROM killset);
     
    DELETE FROM content WHERE contentid IN (SELECT contentid FROM killset);
    
    DELETE FROM os_user_group WHERE user_id IN (SELECT id FROM killset k JOIN os_user o ON o.username=k.username);
    
    DELETE FROM os_user WHERE username IN (SELECT username FROM killset);
  5. Once the spam has been deleted, restart Confluence and rebuild the index. This will remove any references to the spam from the search index.
  • No labels