Hi all, Yesterday, tracker.ceph.com was the target of a spam attack. The Redmine REST API was used to create bogus accounts which went on to create over a thousand bogus Redmine issues. The API was disabled yesterday morning to stop the attack. I've put some measures in place this morning to rate limit account creations and prevent issues from getting created via the API entirely. The API was re-enabled around 13:30 UTC today. A remaining side effect of the attack is the VM which Redmine is hosted on has been blocked from sending outgoing e-mails. All outgoing e-mail has been deferred since yesterday at 11:41 UTC. I've opened a ticket with OVH to resolve. Thanks for your patience, -- David Galloway Systems Administrator, RDU Ceph Engineering IRC: dgalloway -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
