We’re currently investigating unusual activity on the OpenWrt Wiki server and decided to shut down the machine since we have reasons to suspect a security compromise.
We'll follow up with further details in this thread as soon as we have more information. Since we do have to review the integrity of our wiki backups, restoring the website might take a little while.
Update:
After reviewing the situation we found no indication of any unauthorized access to the system.
Background:
During maintenance work to implement performance improvements for the table of hardware (ToH) views on the wiki, which are currently the primary reason for severe system load, we encountered a debug log containing username and passwords of login attempts in clear text.
What we initially believed to be a malicious modification of the DokuWiki PHP code turned out to be leftover debug code from an earlier wiki migration. We removed the offending debug functionality and purged the related log file. As a precaution, we're going to force a password reset for all users.
Note that the user database itself contains one-way password hashes and was not compromised, neither did we find an indication of any unauthorized access.