[sword-devel] CrossWire wiki vandalism?
dmsmith555 at yahoo.com
Wed Jan 7 14:28:05 MST 2009
I have learned more about wikis and fighting spam than I ever wanted to;)
We have several anti-spam measures in place:
1) Anonymous edits are blocked. This was our first anti-spam measure.
Any account can edit pages immediately. This stopped most of the spam,
but not all.
2) New accounts cannot create pages for 4 days. It does not prevent
edits. This has been in place for quite a while. And it has been quite
effective and until recently was sufficient to block spam. What I found
out is that it does not prevent the creation of arbitrary "Talk" pages.
New as of today:
3) A user agent string is necessary to view the wiki. Without it a 503,
forbidden will be generated.
I've installed reCaptcha, which gives the user a choice of visual and
auditory captchas. I chose this one based on a much earlier thread that
expressed the concern that it be friendly to handicapped users. The
default implementation requires captcha for the following:
4) Creation of new accounts.
5) Adding an external URL to a page. (Let me know if this gets in the
way. I can turn it off.)
6) Failed login attempts (purpose is to foil automated password cracking).
If necessary I can add captcha to every edit and to every page creation.
Familie von Kaehne wrote:
> David Haslam wrote:
>> At a guess, VioudRonba was a
>> http://en.wikipedia.org/wiki/Wikipedia:Sock_puppetry sockpuppet for
>> Can we check the IP addresses too?
> Someone surely can. In the meantime the easiest is to wait for an actual
> vandal edit, I would guess
>> -- David
>> DM Smith-2 wrote:
>>> David Haslam wrote:
>>>> Now that the wiki is back up, I think we may have a problem with
>>>> Take a look at
>>>> Recent Changes .
>>>> The edits by RolcaBasbo and Freeelf look suspect to me.
>>>> -- David
>>> I'll see about fixing the spam blocking measures.
>>> RolcaBasbo is a spammer and now blocked.
>>> Freeelf is valid.
More information about the sword-devel