Big "Thank you" to Woopert for alerting me and then running reverts. We're still trying to mop up this guy and guarantee he doesn't ever register again.

~Evan

Hmm?

'pedia suffered an attack. Just thanking those who've helped out with the aftereffects and letting people know.

Cleaning up some images he posted. I can't rename some od the things he changed.

L_X

Nobody touches anything ATM. We'll try to set up a more efficient way to clean it all up. Last thing we need is fifty people trying to rever everything at once and working at cross-purposes.

Considering his return, why don't we disable new users from signing up until we can find a more specific solution?

Because a certain (better not said out loud) by the name of Zhen Lin forgot to give anyone else the power to do that and He's offline right now!

Archaic has it, but probably doesn't know how to use it even if he were on.

Guys..he's back

No, really?

Getting on MSN and warning me *there* might work better.

Can we just uplug the server?

After this, we have to make getting an account harder.

We should force some way of making people wait for approval or have to provide a valid email address or something.

Banning someon doesn't do shit when they can make another account less than a minute later.

I can'T do a thing myself beyond blocking hte fuckwit when they show up. Need Zhen or Arcy to do more.

Is it possible to SID ban him?
People could keep backups.

SID ban?

Is it possible to SID ban him?
People could keep backups.

rofl

only on NetBattle 8)

If worst came to worst, we could always simply restore the 'pedia from before the server issues from backups anyway. We'd prefer not to of course though, which is why we're fighting this bastard.

We *will* be forcing accounts to require approval soon. It's not something we ever wanted to do, but this guy is leaving us with no choice. We're certainly not going to cave into their (likely fake) demands. That'd only make us all the more vulnerable to this kind of attack.

http://bulbapedia.bulbagarden.net/wiki/User:BulbaBot_%28power_Nazi%29

I think he might have been going a bit overboard... Considering it's a @#$%ing BOT!

Hmmm....he might not be using a bot afterall...

Love to know why he thinks we don't like non sysops editing pages. It's not like people have been blocked at any point from editing, excepting when we're doing maintence. Hell, look at the TPM pages. Most of the editing done there wasn't even done by people with BMGf accounts!

He called me a Power Nazi who doesn't like non-Sysops editing pages... but I'm not a Sysop...

I hate attacks. It has happened to my site/forum before twice in the past. It's such a pain to clean up.

I hope you guys find out a solution to easily undo things like this in the future, such as if you delete a user, you can delete all of his/her posts (or in this case, edits). I wonder who did this? (has an idea, but does not want to wear out his stay already)

Once we have the IP, we'll know. We'll match it to forum databases, and also go through referrer logs to find out where he first learnt of Bulbapedia.

IP's located. Checks will now be run on BMGf to match to users, and bans will be made if necessary.

201.224.75.198
212.244.131.100
62.0.13.2
200.140.131.194
63.99.211.212
193.251.137.13
82.237.216.153
80.227.56.42
203.131.71.114

EDIT: As expected, the attacker was using proxies. A pity. We'll continue to do everything we can to track him down.

If worst comes to worst, you could always look up their ISP and call them. Then if you give them the IP, they can tell you who they lent it to at the time.

Since he or she was using proxies, there's no way to do that sadly.

How does the regular Wikipedia handle these things, anyways?

They usually don't get people using bots on a grand scale like this, methinks.

of course they do lol, they just have a lot of sysops and other people to revert changes

Simple fix that should have been there in place: Limit on the number of edit per unit time for an account. Of course, if you make it necessary to have new accounts approved, this won't be as needed.

Edit throttling is around somewhere, I think. I've seen it before.

MediaWiki is highly admin-unfriendly. There is no web-based configuration, no web-based maintenance tools, and worse, no maintenance tools to deal with such massive vandalism. Wikipedia gets by fine because they have total control of the servers they use, have many technical operators, and many thousands of users pouncing on vandalism in seconds - so much so that automatic mass reversion is not needed.

In the meantime, congratulations to Zeta and Woopert! (http://bmgf.bulbagarden.net/showthread.php?p=116922)

Yesterday shall henceforth be known as the Great Bulbapedia Turkey Shoot.

Works for me.

*Creates Bulbapedia article, hoping that it's alright to use caps for all the words*

Anyone care to create the timeline of events?

As a non-analytic name, it is a proper noun, so yes, the titling is correct.

Since the database has been almost totally purged of all traces of the attack, the timeline and details will have to be reconstructed from chat logs.

I'm sure we've got enough of those.

We'll have to reopen registrations to everyone eventually though I think. Taking away the ability to quickly register and edit something will really hamper the ability of casual users to edit articles on a whim I feel.

/me wants to create an account ;_;
(This whole mess sparked by interest in the project. XD)

Sign up and I'll approve it then. ^_^

I think the sign up form is hidden. Perhaps I'm still asleep. *_*
The user log in and registration page: http://bulbapedia.bulbagarden.net/w/index.php?title=Special:Userlogin&returnto=Special:Userlogin
Was the form hidden as a precaution?

Yeah, the registration form is hidden to users who don't already have an account, or aren't sysops. imo you should just open registration to everyone again and have tools ready to clean these things up... having open registration will help us reach the point where the tools are hardly needed anyways. I also don't think that such a big deal should really have been made out of this; some script kiddy running a bot is nothing special.

I know. As far as I am concerned, there is no further point in keeping registration locked.

Except maybe to frustrate the kid for a few more days until he gets bored and finds another target.