From Erfwiki
Revision as of 17:15, 7 May 2011 by HistoricAccount Abb3w (Talk | contribs) (branching SpamWar off from Maintenance Portal)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Branched off from main ErfWiki:Maintenance Portal page. (It's a Wiki. You don't like it, move it back.) Abb3w 22:15, 7 May 2011 (UTC)

From Maintenance Portal

  • As long as pages can be edited by anyone without a captcha-protected login, spambots can do whatever they want
  • Add spambot IPs to [[Category:Spammer]]
    • No IP is being used more than once. All this accomplishes is blacklisting a massive pile of random IPs. --ChroniclerC 21:49, 2 May 2011 (UTC)
      • The spambots are like that, but the wandering vandal i spent a few hours reverting last night does double back over his IP's a bit, probably using a limited number of proxies. Slapping those down would deal with that part of the problem eventually. --Pickled Tink 02:49, 7 May 2011 (UTC)
  • List of steps recommended by MediaWiki's manual:
    • Requiring user logins to edit pages
    • Requiring email and CAPTCHA validations of user creation
    • Requiring CAPTCHA for edits, from users who are not well known.
    • Blocking edits which add specific key words or external links
    • Blocking usernames and page title patterns that are commonly used by bots
    • Blocking registration using known spam domains (
    • Using several blacklist services
    • Cleanup scripts that revert changes caused by recently identified spammers
  • List of steps not recommended by MediaWiki's manual
    • Don't use MediaWiki for low-volume/maintenance wikis with anonymous editing policies

--- Question here, and I'm not sure where else to put this: Do you have an autorevert script in mind or already set up? Do you need help with one? Is there a specific place we could discuss this? A thread on the forum seems like a good idea, but I don't see one. --- -- Oh, and if I could post this, then a spammer can post whatever they want, too. Requirin user registration, and hassling contributers until they're recognized as not spammers might drive off some users, but spam drives many more people off. -- 00:08, 3 May 2011 (UTC)

-- Over at the unofficial exalted wiki, I found that the most successful thing with fixing spam was switching to a straight type-in-the-word captcha on account creation - recaptcha and logic puzzles are pretty much cracked, but the spammers are generally not targeting single wikis, so something like 'type in the name of the wiki' cut my spam down to zero. - Xyphoid

I would suggest something more specific - the KH Wiki asks you to type in the name of the main protagonist, so something like that would be wise. Like "Who is the Perfect Warlord? Parson Gotti." 05:12, 7 May 2011 (UTC)
I'll second this approach - spambots don't target sites in particular, they're just designed to crack common captchas, so site-unique captchas tend to kill them dead. They won't keep out deliberate spammers, of course, but they're far rarer than bots these days. --Tommy 21:13, 7 May 2011 (UTC)

-- Another ham handed, but simple, method would be to simply create a bot that automatically banned any new user with a username between five and eight characters in length (This is true of almost every single bot), and leave a note on the registration page that this happens. I merely add it here because the lazy option must always be presented. --Pickled Tink 11:21, 7 May 2011 (UTC)

-- I see you're running Apache. Do you have access to change Apache or is this shared hosting? If you can change your Apache configs and install modules I would highly suggest installing mod_security and then ASL Lite (free ruleset for modsec). Won't stop all your spam but it would cut down some of the nastier stuff. --