Page MenuHomePhabricator

Set up notification for when/if Google's safe browsing spots something on wiki*
Closed, ResolvedPublic

Description

http://www.google.com/safebrowsing/diagnostic?site=wikimedia.org/

http://www.google.com/safebrowsing/diagnostic?site=upload.wikimedia.org/

Reported on IRC

CC'ing Ariel as I believe the Google auth has already been done, so is easier to use the same account than authorising many others


Version: unspecified
Severity: normal

Details

Reference
bz28898

Event Timeline

bzimport raised the priority of this task from to Unbreak Now!.Nov 21 2014, 11:26 PM
bzimport set Reference to bz28898.
bzimport added a subscriber: Unknown Object (MLST).

Ariel, I'm assigning this to you. Let me know if you can't do it.

I don't have auth on upload. I have it on www. (which is practically worthless, basically. But I needed it for Google Storage.)

Is there someone else who might have the auth necessary to look at this?

If we ask RobH or Ryan Lane to setup the dns entries, so someone can gain access

Probably the simplest way

Clarification from in person discussion.

The task is setting up with Google so when they display these errors, we are notified about them.

We now have webmaster@wikimedia.org authorized for enwikinews so it seems like we could do the same for other sites. I *assume* they're going to send us notices about enwikinews now..

pyoungmeister told me he would set up nagios to do this.

In addition to nagios, maybe we could ask google to send an email notification as well?

(In reply to comment #9)

In addition to nagios, maybe we could ask google to send an email notification
as well?

Might be possible. Emails should go to webmaster@wikimedia.org if someone sets up email notifications.

Emailed google security team and cced Mark:


Dear Google security team,

I am one of the Wikipedia system administrator volunteer, Mark A. Hershberger (in cc mah@everybody.org) is Wikimedia bugmeister.

I am contacting you regarding the Safe Browsing diagnostic page you have setup at:

http://www.google.com/safebrowsing/diagnostic?site=wikipedia.org/

We are wondering if it could be possible to receive email notifications whenever a new problem is detected on one of our domains.

For future reference, our tracking number is 'bug 28898':

https://bugzilla.wikimedia.org/28898

Note that we would like this to be set up on *.wikipedia.org,
*.wikibooks.org, etc. Not just wikipedia.org.

From http://www.google.com/support/webmasters/bin/answer.py?answer=163633, they send notices to the following email addresses for the domain any time they find something:

abuse@
admin@
administrator@
contact@
info@
postmaster@
support@
webmaster@

So making sure all the verious domains webmaster@ emails go to webmaster@wikimedia.org should be fine.

(Updating b/c the automatic response to Ashar's email said they wouldn't respond since we weren't giving them a report on a security vulnerability.)

notifications should now be working for the following domains:

wikimedia.org
wikimediafoundation.org
wikipedia.org
wiktionary.org
wikiquote.org
wikibooks.org
wikisource.org
wikinews.org
wikiversity.org
mediawiki.org