[okfn-labs] Spam combat on OKFN wikis

Nick Stenning nick at whiteink.com
Wed May 9 11:49:26 UTC 2012

Dear all,

Just a few notes from a couple of hours spent combating spam on wiki.okfn.org:

1) pywikipediabot[1] is your friend. I've been using a combination of
pywikipediabot and some scripts written by Danny O'Brien[2] to
identify spam users and merge them all into one überspam user[3]. When
I get a chance I'll upload my modifications to a wiki-gardening repo
on OKFN Github.

[1]: http://www.mediawiki.org/wiki/Manual:Pywikipediabot
[2]: https://github.com/dannyob/secretaribot
[3]: http://wiki.okfn.org/User:SpammerHellDontDelete

2) reCaptcha appears to be broken. We've had it enabled (via the MW
ConfirmEdit extension) on signup for a while, but still get a couple
dozen spam users signing up every day. I don't think it's worth
disabling, but it's not a complete solution.

3) Requiring email confirmation before editing is allowed seems like a
good idea. I've enabled this for wiki.okfn.org with the following
lines in LocalSettings.php:

    $wgEnableEmail         = true;
    $wgEmailAuthentication = true;
    $wgEmailConfirmToEdit  = true;

4) The *single most effective* measure I've taken, or so it would
seem, is enabling DNS blacklisting for signups and edits. This
requires the following lines in LocalSettings.php

    $wgEnableDnsBlacklist = true;
    $wgDnsBlacklistUrls = array('zen.spamhaus.org', 'dnsbl.tornevall.org');

The first of these blacklists catches spammers and compromised PCs,
while the second catches known open proxies. Enabling this feature
(which does a DNS lookup for each attempted signup and edit but
otherwise shouldn't affect site performance) appears to have all but
halted spam user signups. I would urge anyone with responsibility for
other wikis to turn this feature on.

That's all for now, folks,


More information about the okfn-labs mailing list