Blackberry Mobile App Trac being targeted for hacks

We’ve noticed an influx of new entries in the BlackBerry Trac that are hacky/spammy. Example:

Can we block this from happening for the existing bad accounts posting and also prevent it from happening further? The BlackBerry app is also dead (for several years now) so we can freeze the entire site or get rid of it entirely.

#mobile #prio3

Make GSOC trac read-only

It’s getting pentested:

Can we make it read-only, and if not, then maybe back it up and shut it down, or put it behind proxy auth or something? It’d be nice to preserve the content for history, but it’s probably not worth maintaining anymore, and definitely not worth cleaning up after pentesters.


Add SSL redirect to

As per can we please enable a HTTP -> HTTPS redirect for that keeps the REQUEST_URI intact?


Can bbPress.trac please get Core’s…

Can bbPress.trac please get Core’s Ticket Workflow enabled for it? Same as Meta/BuddyPress already have.


#prio3 #trac

As per can we…

As per can we update all of the Trac instances to have default_charset = utf-8?

A number of Trac instances are set to default_charset = iso-8859-15.

#prio3 #trac

As per can we…

As per can we change the behaviour of the out-of-bounds pagination requests from return 404; to instead load /404.php?

It seems most of the 404 handlers in the web role already do this, and it’s only the out-of-bounds pagination rules on the load balancer which have that behaviour.


Can I get a deploy…

Can I get a deploy of the codex files?

I made a change to the DotorgRedirect plugin for the codex, to whitelist “” as a valid place for it to redirect to, per request of the docs team:

So, just need to get that one line change onto the codex.

cc @drewapicture


Make Blackberry Trac Read-Only is no longer used, but sometimes pentesters add a bunch of junk content to the wiki etc. Can we put it in read-only mode?


cc @otto42


The SSL certificate for “”…

The SSL certificate for “” is set to be the same one as the cert for “”. Presumably this is because they’re both pointing to the same place which is doing the redirection, but the incorrect domain on the certificate causes an error.

So, needs a new SSL certificate set up on it.


Remove ‘branch’ functionality from

As reported by #3686-meta the theme ‘Branches’ is appearing as a special item in the code browser.

Could the following rules be added to wp-themes/conf/trac.ini under [svn] to disable Trac’s default svn structure handling which we don’t use on that instance?

(I’ve tested that this works as expected under a local trac)

#prio3 #trac