Difference between revisions of "Talk:Main Page/Discussion"

From DIYWiki
Jump to navigation Jump to search
(IT1229c dove vendita tadalafil on line)
m (Reverted edits by AcbozElbob (Talk); changed back to last version by John Rumm)
 
(18 intermediate revisions by 5 users not shown)
Line 6: Line 6:
 
* [[Talk:Main Page/Archive 20070630|30th June 2007]]
 
* [[Talk:Main Page/Archive 20070630|30th June 2007]]
 
* [[Talk:Main Page/Archive 20070815|15th August 2007]]
 
* [[Talk:Main Page/Archive 20070815|15th August 2007]]
 +
* [[Talk:Main Page/Archive 20080229|29th February 2008]]
 +
----
 +
== Time to protect pages from spam? ==
  
http://cailis.20six.de/ - come acquisto cialis on line <a href="http://cailis.20six.de/">come acquisto cialis on line</a> http://cailis.20six.de/
+
Following up from discussion of spam in [[Talk:Main_Page/Archive_20080229]] and looking at the current level of spamming I think it's time we protected all the wiki so that only registered users can edit pages.
http://cailis.20six.fr/ - dove acquisto cialis on line <a href="http://cailis.20six.fr/">come vendita cialis generico</a> http://cailis.20six.fr/
 
http://cailis.myblog.es/ -  compra cialis generico <a href="http://cailis.myblog.es/">come acquisto cialis  </a> http://cailis.myblog.es/
 
http://cailis.myblog.de/ - come vendita cialis on line <a href="http://cailis.myblog.de/">  vendita cialis generico</a> http://cailis.myblog.de/
 
http://cailis.20six.nl/ -  acquisto cialis on line <a href="http://cailis.20six.nl/">come vendita cialis on line</a> http://cailis.20six.nl/
 
  
== Spam avoidance: CAPTCHA ==
+
Earlier I had hoped/suggested that keeping the wiki open would encourage casual visitors to start contributing with little edits such as typos, clarifications etc, and maybe move on to becoming more heavyweight contributors. However this doesn't seem to be happening anyway, and the quantity of spam is getting unmanageable.
  
I think I've found what I was looking for.
+
The quality of the wiki would probably be improved more by having less spam and less work for regulars to do patrolling it, than any notional contribution from unregistered users. Also when/if unregistered users do contribute there's a danger their input may be mistaken for spam and their IP get blocked.
  
http://www.mediawiki.org/wiki/Extension:ConfirmEdit
+
A wiki-wide change is probably a Grunff-config thing. If others (NT, JR) agree I'll ask him to do it.
  
I'm off to ask Grunff if it would be possible for him to install this, if we want. Can we have a quick show of hands that we do want it?
+
--[[User:John Stumbles|John Stumbles]] 20:37, 29 February 2008 (GMT)
  
I suggest we have it configured for:
+
OK by me --[[User:John Rumm|John Rumm]] 23:01, 29 February 2008 (GMT)
  
* $wgCaptchaTriggers['addurl'] = true; -- Check on edits that add URLs
+
==Mass block==
 +
Is there any way to block IPs en masse? Any way at all would be a big help here.
 +
[[User:NT|NT]] 10:36, 9 April 2008 (BST)
  
with
+
Alas not that I am aware of.
  
* $ceAllowConfirmedEmail, (Allow users who have confirmed their e-mail addresses to post URL links without being harassed by the captcha)
+
We could also do with a global config file change to disable anonymous edits altogether. The policy of setting protection on individual articles to limit edits to registered users only, seems to have worked reasonably well[1] - but it is a bit slow to work through them all. Also it does not stop them creating new articles.
  
 +
I am tempted to protect the talk main page and see what happens. It will probably cause them to look for new articles to spam - but we can revert and protect any they find as it happens, so the workload may not be too much. It would certainly cut down the noise and leave them an ever decreasing pool of articles to fiddle with.
  
Also:
+
[1] I have only seen one edit to a protected file - and that was from a user that we had pre-emptively banned anyway. I am not sure how that happened - but it may have been because the user had tried it once before and got a limited duration ban which expired after my permanent ban was set. Perhaps the expiration of the temporary one overrode the permanent one?
 
 
* $wgCaptchaTriggers['createaccount'] = true; -- Check on account creation.
 
 
 
And what about these also?
 
* $wgCaptchaTriggers['create'] = true; -- Check on page creation.
 
* $wgCaptchaTriggers['badlogin'] = true; -- Check after a failed log-in attempt.
 
 
 
--[[User:John Stumbles|John Stumbles]] 13:50, 8 September 2007 (BST)
 
 
 
 
 
Excellent idea!
 
[[User:NT|NT]] 21:59, 8 September 2007 (BST)
 
 
 
 
 
Yup, Sounds good to me as well. Options look fine (although I have not read the description of all those available yet!
 
--[[User:John Rumm|John Rumm]] 00:26, 9 September 2007 (BST)
 
 
 
Over to you then Grunff please, if you can? --[[User:John Stumbles|John Stumbles]] 12:32, 9 September 2007 (BST)
 
 
 
Ah, ok.... took me a moment to work out what was going on (for obvious reasons!). Will do.
 
--[[User:John Rumm|John Rumm]] 21:07, 11 September 2007 (BST)
 
 
 
== Protect ==
 
I'm getting fed up with daily despamming, and think maybe its time to protect all pages that get spammed until we get the captcha up and running. What do you think?
 
 
 
: The danger there is that when a bot originated update fails, it will presumably draw the attention of a human to locate another suitable page. The problem then just shifts. Before long the whole site is protected. We could restrict posts to registered users, but even there I notice the number of accounts has been growing recently - possibly in anticipation of that move. (it also blocks the small but useful numbers of useful edits we get from IPs). --[[User:John Rumm|John Rumm]] 02:34, 19 October 2007 (BST)
 
 
 
Or is there a way we can get it going? Or block all edits with http in them? etc?
 
[[User:NT|NT]] 23:46, 18 October 2007 (BST)
 
 
 
: Did we get any response from Grunff on that capatcha mod? Not aware of much else we can do without assistance from the server maintainer.
 
 
 
He said it's not compatible with the version of MW we're running even though the docs say it should be. Upgrading to a later version of MW may solve the problem, but he can't commit the time to it at present. I came across another MW which seemed to avoid spam quite well by blacklisting certain domains (e.g. *.cn!). I don't know if that'd work for us, and whether we could set that up ourselves of if Grunff would have to do it. Fraid I haven't time ATM... -- [[User:John Stumbles|John Stumbles]] 12:33, 19 October 2007 (BST)
 
 
 
 
 
I'm aware we'd soon have a site with all protected pages, and that we'd lose out on the occasional input - and its not where I want the wiki to go, just am getting weary of despamming it day after day, knowing full well that blocking IPs has no real effect on the spammers. How do you feel about the daily despam?
 
[[User:NT|NT]] 14:02, 19 October 2007 (BST)
 
 
 
: We can try it - but it is obviously hard to go back from. Having said that we can relax the restrictions if we do get effective spam control in the future. I would suggest setting the block to "unregistered" users to start with and seeing if that has any effect. It may just result in spammers registering, but it might increase their hassle factor a tad. Shall we try it for one article to stat with? Say the fitting TRVs to microbore one? --[[User:John Rumm|John Rumm]] 00:11, 20 October 2007 (BST)
 
 
 
:: uncanny that - I post the above edit and guess which article the latest dweeb had fiddled with as I was typing! OK set the protection on it to registered users only now. Let's see what occurs. --[[User:John Rumm|John Rumm]] 00:17, 20 October 2007 (BST)
 
 
 
== stats ==
 
I did some analysis of the spam rate...
 
 
 
You can see the results in a spreadsheet here:
 
[http://spreadsheets.google.com/pub?key=pkLLMiLv7N81wM4-e-Tq1fg]
 
 
 
So August resulted in 14 hits, 75 in sept, and 118 in the first couple of weeks of oct! Clearly not an acceptable trend.
 
 
 
--[[User:John Rumm|John Rumm]] 22:44, 20 October 2007 (BST)
 
 
 
 
 
not good :( I hope something will get done so we contributions vaneasier again, but for now it just has to stay alive.
 
[[User:NT|NT]] 22:53, 20 October 2007 (BST)
 
 
 
==Results==
 
 
 
Interesting results over the last few days... talk:main page seems to be taking the vast bulk of the spam and black holing it quite nicely, with the rest mopped up here. My general feeling is that we ought to leave these two pages unprotected so that they can carry on doing this without raising attention. The anticipated diversion to other target articles does not seem to have happened (yet!)
 
 
 
I did a bit of hunting though the logs and concluded that we have never had a genuine edit from an IP that has been used for spam (typically not even from the same country as the IP is from). Of the IPs we have banned for short periods, a number of them have re-offended after the ban elapsed. I am tempted to suggest a policy of feeding an offending IP into samspade.org, to see where it is based. If it looks like an unlikely country to be participating in a UK based wiki, just ban it permanently on the first offence. If it ever turns out that someone was genuinely attempting to edit from there they can always email to be unblocked. Any thoughts?
 
 
 
--[[User:John Rumm|John Rumm]] 03:26, 29 October 2007 (GMT)
 
 
 
Sounds like sense to me John. Spam is a threat to the existence of the wiki, and I'm not sure how useful a uk wiki is in outer mongolia, nor what contribution we could really expect from distant foreign countries.
 
 
 
I suspect that often banned spammers will simply come in with the same junk from another IP, and in the case of talk:main a daily trim to remove spam avoids the relatively large workload of banning an increasingly large number of spammers. And the number may just keep increasing.
 
 
 
Perhaps between the 2 approaches life will become easier: ban those that are easily banned en masse, using the methods you describe, and just trim the ones that get through that net.
 
 
 
Any targeted site needs a honeypot, and it looks like we've got one already working. Not sure why they pick it but they do, and thats good enough.
 
[[User:NT|NT]] 00:02, 1 November 2007 (GMT)
 
  
 +
--[[User:John Rumm|John Rumm]] 13:24, 9 April 2008 (BST)
  
 
<!-- ATTENTION! real contributors - add your contribution before this anti-spam device ...
 
<!-- ATTENTION! real contributors - add your contribution before this anti-spam device ...

Latest revision as of 03:14, 3 January 2009

This page is for discussion of the DIY Wiki main page, and the Wiki as a whole.

It also seems to be a favoured place for spammers advertising dodgy pharmaceuticals, fakereplica Rolexes and so on <sigh>

Previous discussions on this page have been Archived

Time to protect pages from spam?

Following up from discussion of spam in Talk:Main_Page/Archive_20080229 and looking at the current level of spamming I think it's time we protected all the wiki so that only registered users can edit pages.

Earlier I had hoped/suggested that keeping the wiki open would encourage casual visitors to start contributing with little edits such as typos, clarifications etc, and maybe move on to becoming more heavyweight contributors. However this doesn't seem to be happening anyway, and the quantity of spam is getting unmanageable.

The quality of the wiki would probably be improved more by having less spam and less work for regulars to do patrolling it, than any notional contribution from unregistered users. Also when/if unregistered users do contribute there's a danger their input may be mistaken for spam and their IP get blocked.

A wiki-wide change is probably a Grunff-config thing. If others (NT, JR) agree I'll ask him to do it.

--John Stumbles 20:37, 29 February 2008 (GMT)

OK by me --John Rumm 23:01, 29 February 2008 (GMT)

Mass block

Is there any way to block IPs en masse? Any way at all would be a big help here. NT 10:36, 9 April 2008 (BST)

Alas not that I am aware of.

We could also do with a global config file change to disable anonymous edits altogether. The policy of setting protection on individual articles to limit edits to registered users only, seems to have worked reasonably well[1] - but it is a bit slow to work through them all. Also it does not stop them creating new articles.

I am tempted to protect the talk main page and see what happens. It will probably cause them to look for new articles to spam - but we can revert and protect any they find as it happens, so the workload may not be too much. It would certainly cut down the noise and leave them an ever decreasing pool of articles to fiddle with.

[1] I have only seen one edit to a protected file - and that was from a user that we had pre-emptively banned anyway. I am not sure how that happened - but it may have been because the user had tried it once before and got a limited duration ban which expired after my permanent ban was set. Perhaps the expiration of the temporary one overrode the permanent one?

--John Rumm 13:24, 9 April 2008 (BST)


Retrieved from "https://wiki.diyfaq.org.uk/index.php?title=Talk:Main_Page/Discussion&oldid=10549"