List of security measures taken for this site

From eagle-rock.org

Restrict Permissions

Eagle-rock.org was established in December 2011. At that time it was decided to allow visitors to create user accounts in order to read and contribute to the site. Over the years we had forgotten about the setting that allowed this until finally in September 2015 the site was targeted by spam bots. Spam bots have gotten sophisticated enough to create an account and post articles. Once a spam bot gets in, it automatically calls other bots until there is a tidal wave of spam bots hammering the website. We learned this lesson the hard way. The only solution is restrict permissions using the following codes entered into LocalSettings.php

$wgGroupPermissions['*']['createaccount'] = false;
This setting blocks nonusers from creating accounts. All accounts therefore must be created by an Administrator.

$wgGroupPermissions['*']['edit'] = false;
This setting blocks nonusers from editing pages. In order to edit a page, a user must get an account created by an Administrator.