[sword-devel] CrossWire wiki vandalism?

DM Smith dmsmith555 at yahoo.com
Wed Jan 7 14:28:05 MST 2009


I have learned more about wikis and fighting spam than I ever wanted to;)
We have several anti-spam measures in place:
1) Anonymous edits are blocked. This was our first anti-spam measure. 
Any account can edit pages immediately. This stopped most of the spam, 
but not all.
2) New accounts cannot create pages for 4 days. It does not prevent 
edits. This has been in place for quite a while. And it has been quite 
effective and until recently was sufficient to block spam. What I found 
out is that it does not prevent the creation of arbitrary "Talk" pages.

New as of today:
3) A user agent string is necessary to view the wiki. Without it a 503, 
forbidden will be generated.
I've installed reCaptcha, which gives the user a choice of visual and 
auditory captchas. I chose this one based on a much earlier thread that 
expressed the concern that it be friendly to handicapped users. The 
default implementation requires captcha for the following:
4) Creation of new accounts.
5) Adding an external URL to a page. (Let me know if this gets in the 
way. I can turn it off.)
6) Failed login attempts (purpose is to foil automated password cracking).
If necessary I can add captcha to every edit and to every page creation.

In Him,
    DM

Familie von Kaehne wrote:
> David Haslam wrote:
>   
>> At a guess, VioudRonba was a 
>> http://en.wikipedia.org/wiki/Wikipedia:Sock_puppetry sockpuppet  for
>> RolcaBasbo.
>>
>> Can we check the IP addresses too?
>>     
>
> Someone surely can. In the meantime the easiest is to wait for an actual
>  vandal edit, I would guess
>
> Peter
>
>   
>> -- David
>>
>>
>> DM Smith-2 wrote:
>>     
>>> David Haslam wrote:
>>>       
>>>> Now that the wiki is back up, I think we may have a problem with
>>>> vandalism.
>>>>
>>>> Take a look at 
>>>> http://www.crosswire.org/mediawiki/index.php?title=Special:RecentChanges&days=30&hideminor=0
>>>> Recent Changes .
>>>>
>>>> The edits by RolcaBasbo and Freeelf look suspect to me.
>>>>
>>>> -- David
>>>>   
>>>>         
>>> I'll see about fixing the spam blocking measures.
>>>
>>> RolcaBasbo is a spammer and now blocked.
>>> Freeelf is valid.
>>>       




More information about the sword-devel mailing list