When spammers hit your wiki
First, put the wiki on lockdown
To temporarily disable account creation and anonymous editing, a sysadmin can put this in LocalSettings.php:
$wgGroupPermissions['*']['createaccount'] = false; $wgGroupPermissions['*']['edit'] = false;
Then install Block and Nuke [1] extension. NB you need to edit BlockandNuke.php see [2].
This will block all users and delete their posts apart from those specified. It won't delete page revisions either.
SSH to your host, edit whitelist.txt and use
php ban.php --hammer
(it will do a dry run if you don't use the hammer!)
Only after this, try to use the web version if you feel you must. Don't worry if it doesn't work, continue here.
in the maintenence/ directory there are a few scripts to run with php-cli as well:
deleteArchivedRevisions.php to purge deleted edits from your database,
removeUnusedAccounts.php --delete to also purge accounts.
purgeOldText.php --purge
Find your users in the user table in the database and export them to an sql file. truncate the user table and then re-insert them.
Find from when the logging was screwed. Delete the logging from then (eg DELETE FROM `logging` WHERE log_timestamp like '20160612%')
Find from when the archive was screwed. Delete the archive from then (eg DELETE FROM `logging` WHERE log_timestamp like '20160612%')
Then you need to start emptying from the following tables in the database: filearchive, ipblocks, objectcache, querycachetwo, recentchanges