Greetings all! First post here. I'm a seasoned developer and do a lot of work with FOSS, particularly PHP. I do a ton of work with WordPress and have hosted a few MediaWiki and other wiki sites. So I'm not new to the game, just to this software. I've offered to assist with an installation for a FOSS app running Hogfather, in need of a core and plugin updates plus other admin love. The site has 21 thousand user accounts, 98% of which seem to be bogus.
I do not yet have OS-level access and do not know if that would be required or helpful for getting at site data or configs. Please advise if that would be helpful and I'll work on it.
I'd like to understand the current wisdom for eliminating the trash.
Is there is a timestamp attached to account creation?
Is there a last-login timestamp? Or a log of logins?
With that data we can find old accounts that have never signed in since account creation, delete them, and disable more recent accounts pending confirmation.
Or... is there a technique that actually works? 😀
Other advice is certainly welcome.
Thanks!