[eclipse.org-committers] Webmaster Update

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[eclipse.org-committers] Webmaster Update

From: "Eclipse WebMaster (Denis Roy)" <webmaster@xxxxxxxxxxx>
Date: Tue, 22 Aug 2006 15:56:37 -0400
Delivered-to: eclipse.org-committers@xxxxxxxxxxx
List-archive: <http://eclipse.org/pipermail/eclipse.org-committers>
List-help: <mailto:eclipse.org-committers-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/eclipse.org-committers>, <mailto:eclipse.org-committers-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/eclipse.org-committers>, <mailto:eclipse.org-committers-request@eclipse.org?subject=unsubscribe>
Organization: Eclipse Foundation, Inc.
User-agent: Thunderbird 1.5.0.2 (X11/20060420)

Greetings,

It's been a while since I sent one of these... I'll try to keep it short.

1. Access Forbidden to Update sites
2. New bugzilla keyword: Contributed (bug 153774)
3. Web pages on download.eclipse.org (and Phoenix)
4. SSH attacks


1. Access Forbidden to Update sites
===================================

We get many e-mails from confused users who see an Update Manager URLfor your project, and assume the URL is usable in a browser. When theytry, they get an Access Forbidden message. For instance,http://download.eclipse.org/technology/buckminster/updates/

Some projects create an index.html or an index.php file alongside theirsite.xml. Witness: http://update.eclipse.org/updates/3.1/

Although I have modified our standard "Access Forbidden" message toexplain the reason why it's "forbidden", I think it would be great foreveryone if a basic index page was created to kindly provide "How-to usethe Update Manager URL" instructions.



2. New bugzilla keyword: Contributed (bug 153774)
=================================================

Kim asked for a new Keyword: Contributed.  Use it as described.

The complete list of Bugzilla keywords is here:
https://bugs.eclipse.org/bugs/describekeywords.cgi



3. Web pages on download.eclipse.org (and Phoenix)
==================================================

There's some interesting discussion about web pages hosted ondownload.eclipse.org, and Phoenix. Worth a read if you maintain thedownload pages for your project.


https://bugs.eclipse.org/bugs/show_bug.cgi?id=154626



4. SSH attacks
==============

I know I've mentioned this before, but eclipse.org servers get about oneto four SSH attacks daily. Users try to brute-force logins to ourservers by using your user IDs with password dictionaries, or they tryto use system accounts, or even root.

To protect your login (and the code) we detect such attacks and swiftlyblock them. The process is automatic, undiscriminating and unforgiving,so please avoid these actions:


- trying to login to any eclipse.org server as root == Instant banishment.

- repeatedly trying to connect as someone who doesn't exist. Make sureyou're using the right user id.

- repeatedly trying to SSH to dev.eclipse.org as a valid user, but withthe wrong password.

False positives don't happen very often, so this is no big deal;however, do keep this in mind before hitting the "retry" button of afailed login. Don't hesitate to contact us to confirm your user id, orto reset your password.



Thanks a bunch.

Denis


--

Eclipse WebMaster - webmaster@xxxxxxxxxxx

Questions? Consult the WebMaster FAQ athttp://wiki.eclipse.org/index.php/Webmaster_FAQ

View my status at http://wiki.eclipse.org/index.php/WebMaster

Prev by Date: [eclipse.org-committers] Eclipse project declaration
Next by Date: [eclipse.org-committers] Eclipse project declaration
Previous by thread: Re: [eclipse.org-committers] WebMaster Update
Next by thread: [eclipse.org-committers] Webmaster update
Index(es):
- Date
- Thread

Breadcrumbs