[okfn-labs] Spam combat on OKFN wikis
Nick Stenning
nick at whiteink.com
Wed May 9 11:49:26 UTC 2012
Dear all,
Just a few notes from a couple of hours spent combating spam on wiki.okfn.org:
1) pywikipediabot[1] is your friend. I've been using a combination of
pywikipediabot and some scripts written by Danny O'Brien[2] to
identify spam users and merge them all into one überspam user[3]. When
I get a chance I'll upload my modifications to a wiki-gardening repo
on OKFN Github.
[1]: http://www.mediawiki.org/wiki/Manual:Pywikipediabot
[2]: https://github.com/dannyob/secretaribot
[3]: http://wiki.okfn.org/User:SpammerHellDontDelete
2) reCaptcha appears to be broken. We've had it enabled (via the MW
ConfirmEdit extension) on signup for a while, but still get a couple
dozen spam users signing up every day. I don't think it's worth
disabling, but it's not a complete solution.
3) Requiring email confirmation before editing is allowed seems like a
good idea. I've enabled this for wiki.okfn.org with the following
lines in LocalSettings.php:
$wgEnableEmail = true;
$wgEmailAuthentication = true;
$wgEmailConfirmToEdit = true;
4) The *single most effective* measure I've taken, or so it would
seem, is enabling DNS blacklisting for signups and edits. This
requires the following lines in LocalSettings.php
$wgEnableDnsBlacklist = true;
$wgDnsBlacklistUrls = array('zen.spamhaus.org', 'dnsbl.tornevall.org');
The first of these blacklists catches spammers and compromised PCs,
while the second catches known open proxies. Enabling this feature
(which does a DNS lookup for each attempted signup and edit but
otherwise shouldn't affect site performance) appears to have all but
halted spam user signups. I would urge anyone with responsibility for
other wikis to turn this feature on.
That's all for now, folks,
Nick
More information about the okfn-labs
mailing list