WikiSpam
WikiSpam seems to be on the rise. Today, a link to a porn site was added. It didn't last long, but perhaps we should begin planning for the inevitable.
I'm not a big fan of blacklists, nor do I think this would be particularly effective in this case. The latest was by somebody simply surfing in on a Google query for wiki.
Things I am considering:
- Locking down the FrontPage, and possibly the Roadmap. These seem to be the primary point of entry and are rarely updated except to leave and revert spam.
- Creating a wiki-wide password, which I will freely share on the atom-syntax mailing list. The goal here is to lock out the casual opportunists, not the people who desire to contribute.
- Require registration and login. May have the side effect of reducing contributions, but in fact doesn't actually exclude anyone who desires to contribute.
Suggestions welcome.
Require registration. For the audience the wiki is for, i doubt you would have trouble getting people to sign up.
Posted by Darryl at
How about making passwd/registration a second step for edits that contain external links?
Posted by Robert Sayre at
Jay Allen's MT-Blacklist blocks spam by recognising the URLs the spammers are inserting. Since the URLs change relatively slowly, it is effective - I'm blocking at least four out of five blogspams.
I would get an even better hit rate if I regularly shared and updated the URL blacklist. Perhaps the wiki community will be better at sharing than the blogging community.
Posted by Alan Green atSam Ruby on Wiki spam
Sam Ruby has observed Wiki spammers reaching his sites through Google crawls. The WikiSpam has begun....... [more]Trackback from Niall Kennedy's Weblog at
I've been dealing with this on my personal wiki ([link]) and the Personal Telco wiki ([link]) for ages.
To my surprise I've discovered that simply making the few entry pages (FrontPage, RecentChanges and any other main points of entry) read only almost completely solved it. As a work around I used the include macro so the actual content was on another open page but wasn't obvious to people stopping by.
Even better, simply using MoinMoin's ACL feature to require registration on those pages (which is automatic and easy) for editing privledges worked just as well and had no effect on anyone that wanted to contribute.
Posted by Adam Shand atThe ATOM wiki as a wiki testbed is important, please start small and add as necessary.
Surprised you didn't mention forced preview.
Posted by DeanG atGenerate an image of a random string, ask the poster to enter the character in a randomly chosen position. Just like how Yahoo (?) does it for signing up for an account.
This will stop the bots.
Posted by Ng Pheng Siong atOn the other hand, Hotmail has an audio option for the CAPTCHA, which is sufficiently ungarbled that you can actually hear it. Which surely means that it's bot-decipherable without even using horny decoders.
Sam, are we looking for bot-defenses, or human opportunist defenses? Makes an enormous difference, whether the POST comes thirty seconds after the GET or a fraction of a second.
The most appropriate defense, though, would seem to be encouraging everyone to subscribe to a feed of changes to the most vulnerable pages, with a revert link in the item content. You might get a little excess load as dozens of people all hit the link at once, screaming "die puny spammer!", but it ought to work. (I see that MoinMoin also has an email subscription feature, not turned on, but that's not nearly as much fun.)
Posted by Phil Ringnalda atSam, are we looking for bot-defenses, or human opportunist defenses?
Opportunist humans.
It looks like the best bet is to require login for select pages. This is easily accomplished with MoinMoin 1.2. I'm currently running 1.0, so an upgrade is in order.
The line to be added to the top of those pages would look something like this:
#acl Known:admin,read,write,delete,revert All:readPosted by Sam Ruby at
To Mark: Why do spammers need free mail accounts? All 'from' addresses are fake anyway. I don't read any spam so I don't know how one is supposed to respond to such: By visiting a web site or sending reply to one of these free mail accounts?
Anyways yeah a human who drives by and wants to paint graffiti on a wiki will answer the captcha.
How about displaying a word in 'leet or SMS-ese and asking the human to type in the correct spelling! ;-) Need not be an image, works with blind people too.
Posted by Ng Pheng Siong atEtcetera: 2004-03-18
Ah, souvenir, quand tu nous tiens… Saviez-vous que certains vieux disques vinyl contenaient des données informatiques [1]? C’était à l’époque glorieuse de notre tout premier ordinateur (le boulier chinois ne comptant pas): le ”Speccy [2]” Après...Excerpt from Almaren at
Testing MoinMoin 1.2.1
I've installed and configured a test version of the Atom wiki using MoinMoin 1.2.1. The intent is to cut over so that Acess Control can be used to require valid logins on selected pages in an attempt to reduce WikiSpam. At the moment, POSTs are disa... [more]Trackback from Sam Ruby at
Sam Ruby on Wiki spam
Sam Ruby has observed Wiki spammers reaching his sites through Google crawls. The WikiSpam has begun....Excerpt from Niall Kennedy's Weblog: Spammers Archives at
Sam Ruby on Wiki spam
Sam Ruby has observed Wiki spammers reaching his sites through Google crawls. The WikiSpam has begun.......Excerpt from Niall Kennedy's Weblog at
LinkDump
Blog Maverick The Mark Cuban Weblog microsöft.com Google PageRank Report WikiSpam RSS and BitTorrent Bruce Sterling Rant-A-Thon, 2004...... [more]Trackback from Full Speed at