-
Vote on Oct 14!
Mar
2
(2006)
Vindictive Wiki Spammers
Filed under: Uncategorized. Tags: rants, spam, wiki, wiki.ucalgary.ca.
wiki.ucalgary.ca got hammered by a vindictive wiki spammer last night. But, here’s the thing - the spam prevention blacklist worked perfectly. The spammer wasn’t able to add any of their own links to the wiki. So, they decided to punish me by vandalizing 50 of the most popular pages on the wiki with an apparently random (and invalid) spam URL.
The software they used to do this evil deed automatically created a new account for each edit, and the whole thing took them less than 10 minutes to do. It took me 45 minutes to undo, even with rollbacks etc… because of their insidious creation of 50 separate accounts for 50 separate edits. I would have just reverted back to a nightly database backup to blow them all away in one fell swoop, but we had actual valid users making actual valid edits, and I won’t blow any of that away. Better to manually remove the detritus than to lose a single valid edit.
I’ll be installing Bad Behavior today, when I get a chance It’s not like I have anything better to do than to play a game of Wiki Detente with a cretin who would vandalize an open academic resource because I wouldn’t let them add their link to their ViagraCasinoPenisEnlargement Google Juicer website factory…
The signature used by this roach shows up on a few sites on a quick Google. This is insane.
Update: I just installed Bad Behavior for MediaWiki - took a whopping 60 seconds to install and configure. I’d tried a previous version, but it got a bit, well, overeager about blocking stuff. To the point that even I couldn’t view or edit anything. Had to kill it last time. Hopefully this time will be better…
Comments
8 Responses to “Vindictive Wiki Spammers”
Leave a Reply
I’m not up to speed on the wiki software you’re running but, assuming that an account must be created in order to make edits under your setup, have you considered adding another required field to the account signup form so that blackhat tools built to automatically create accounts and exercise them in nasty ways wouldn’t be able to get past that first step?
It would require manually editing the form template ad the form processing logic, but I think that the time spent could save you a lot of frustration and wasted hours over the long haul.
I added a simple “what is 12 divided by 4?” field and a check to see that the correct value was given to the comment fields and processing logic in my hacked-up Wordpress install and, between that step and turning trackbacks off, my automated spamming problems went away.
Brian - thanks for the suggestion. I want to keep registration fairly open so valid users can create accounts without intervention, so that’s a pretty good compromise.
Sounds like an extra gatekeepers test might help, or an ugh captcha.
These are the acts of people who use the Anti-Google ethic- “Do Lots of Little Evils”
won’t be putting in a captcha - they are wrong for so many reasons. there are better ways. What’s needed is Spam Karma 2 for MediaWiki
Bad Behavior comes close, but it only checks user agents and referrers…
Bad Behavior checks a lot more than User-Agent and Referer, which is why it works so well. It isn’t perfect, of course, but nothing is.
Ah. Cool. Thanks, Michael. I didn’t realize BB was more involved than that. Pretty happy with it so far
Sounds like the same crew that hit ours (http://wik.ed.uiuc.edu). It’s not a pleasant thing to see first thing in the morning.
I don’t know what features of Bad Behavior has, but it seems like the best way to stop this particular attack would be to disallow rapid-fire creation of new accounts from the same IP address (all of ours were from one IP in Russia).
Of course, one could imagine a situation where several real people try to sign up for new accounts from a single computer…..
many labs will be sharing a single IP address - I hit this when trying to throttle traffic on a project awhile back…