|[eclipse.org-committers] Webmaster Update|
Greetings, It's been a while since I sent one of these... I'll try to keep it short. 1. Access Forbidden to Update sites 2. New bugzilla keyword: Contributed (bug 153774) 3. Web pages on download.eclipse.org (and Phoenix) 4. SSH attacks 1. Access Forbidden to Update sites ===================================We get many e-mails from confused users who see an Update Manager URL for your project, and assume the URL is usable in a browser. When they try, they get an Access Forbidden message. For instance, http://download.eclipse.org/technology/buckminster/updates/
Some projects create an index.html or an index.php file alongside their site.xml. Witness: http://update.eclipse.org/updates/3.1/
Although I have modified our standard "Access Forbidden" message to explain the reason why it's "forbidden", I think it would be great for everyone if a basic index page was created to kindly provide "How-to use the Update Manager URL" instructions.
2. New bugzilla keyword: Contributed (bug 153774) ================================================= Kim asked for a new Keyword: Contributed. Use it as described. The complete list of Bugzilla keywords is here: https://bugs.eclipse.org/bugs/describekeywords.cgi 3. Web pages on download.eclipse.org (and Phoenix) ==================================================There's some interesting discussion about web pages hosted on download.eclipse.org, and Phoenix. Worth a read if you maintain the download pages for your project.
https://bugs.eclipse.org/bugs/show_bug.cgi?id=154626 4. SSH attacks ==============I know I've mentioned this before, but eclipse.org servers get about one to four SSH attacks daily. Users try to brute-force logins to our servers by using your user IDs with password dictionaries, or they try to use system accounts, or even root.
To protect your login (and the code) we detect such attacks and swiftly block them. The process is automatic, undiscriminating and unforgiving, so please avoid these actions:
- trying to login to any eclipse.org server as root == Instant banishment.- repeatedly trying to connect as someone who doesn't exist. Make sure you're using the right user id.
- repeatedly trying to SSH to dev.eclipse.org as a valid user, but with the wrong password.
False positives don't happen very often, so this is no big deal; however, do keep this in mind before hitting the "retry" button of a failed login. Don't hesitate to contact us to confirm your user id, or to reset your password.
Thanks a bunch. Denis -- Eclipse WebMaster - webmaster@xxxxxxxxxxxQuestions? Consult the WebMaster FAQ at http://wiki.eclipse.org/index.php/Webmaster_FAQ
View my status at http://wiki.eclipse.org/index.php/WebMaster
Back to the top