Comments on: Vindictive Wiki Spammers http://www.darcynorman.net/2006/03/02/vindictive-wiki-spammers/ just a lowly edtech geek, mumble mumble university of calgary Sun, 21 Mar 2010 13:06:05 -0600 http://wordpress.org/?v=2.9.2 hourly 1 By: D'Arcy http://www.darcynorman.net/2006/03/02/vindictive-wiki-spammers/#comment-81509 D'Arcy Wed, 31 Dec 1969 17:00:00 +0000 1917947093#comment-81509 Brian - thanks for the suggestion. I want to keep registration fairly open so valid users can create accounts without intervention, so that's a pretty good compromise. Brian – thanks for the suggestion. I want to keep registration fairly open so valid users can create accounts without intervention, so that’s a pretty good compromise.

]]> By: Alan http://www.darcynorman.net/2006/03/02/vindictive-wiki-spammers/#comment-81510 Alan Wed, 31 Dec 1969 17:00:00 +0000 1917947093#comment-81510 Sounds like an extra gatekeepers test might help, or an ugh captcha. These are the acts of people who use the Anti-Google ethic- "Do Lots of Little Evils" Sounds like an extra gatekeepers test might help, or an ugh captcha.

These are the acts of people who use the Anti-Google ethic- “Do Lots of Little Evils”

]]> By: D'Arcy http://www.darcynorman.net/2006/03/02/vindictive-wiki-spammers/#comment-81511 D'Arcy Wed, 31 Dec 1969 17:00:00 +0000 1917947093#comment-81511 won't be putting in a captcha - they are wrong for so many reasons. there are better ways. What's needed is Spam Karma 2 for MediaWiki :-) Bad Behavior comes close, but it only checks user agents and referrers... won’t be putting in a captcha – they are wrong for so many reasons. there are better ways. What’s needed is Spam Karma 2 for MediaWiki :-) Bad Behavior comes close, but it only checks user agents and referrers…

]]> By: Brian Donovan http://www.darcynorman.net/2006/03/02/vindictive-wiki-spammers/#comment-81512 Brian Donovan Wed, 31 Dec 1969 17:00:00 +0000 1917947093#comment-81512 I'm not up to speed on the wiki software you're running but, assuming that an account must be created in order to make edits under your setup, have you considered adding another required field to the account signup form so that blackhat tools built to automatically create accounts and exercise them in nasty ways wouldn't be able to get past that first step? It would require manually editing the form template ad the form processing logic, but I think that the time spent could save you a lot of frustration and wasted hours over the long haul. I added a simple "what is 12 divided by 4?" field and a check to see that the correct value was given to the comment fields and processing logic in my hacked-up Wordpress install and, between that step and turning trackbacks off, my automated spamming problems went away. I’m not up to speed on the wiki software you’re running but, assuming that an account must be created in order to make edits under your setup, have you considered adding another required field to the account signup form so that blackhat tools built to automatically create accounts and exercise them in nasty ways wouldn’t be able to get past that first step?

It would require manually editing the form template ad the form processing logic, but I think that the time spent could save you a lot of frustration and wasted hours over the long haul.

I added a simple “what is 12 divided by 4?” field and a check to see that the correct value was given to the comment fields and processing logic in my hacked-up Wordpress install and, between that step and turning trackbacks off, my automated spamming problems went away.

]]> By: D'Arcy http://www.darcynorman.net/2006/03/02/vindictive-wiki-spammers/#comment-81513 D'Arcy Wed, 31 Dec 1969 17:00:00 +0000 1917947093#comment-81513 many labs will be sharing a single IP address - I hit this when trying to throttle traffic on a project awhile back... many labs will be sharing a single IP address – I hit this when trying to throttle traffic on a project awhile back…

]]> By: Tony Hursh http://www.darcynorman.net/2006/03/02/vindictive-wiki-spammers/#comment-81514 Tony Hursh Wed, 31 Dec 1969 17:00:00 +0000 1917947093#comment-81514 Sounds like the same crew that hit ours (http://wik.ed.uiuc.edu). It's not a pleasant thing to see first thing in the morning. I don't know what features of Bad Behavior has, but it seems like the best way to stop this particular attack would be to disallow rapid-fire creation of new accounts from the same IP address (all of ours were from one IP in Russia). Of course, one could imagine a situation where several real people try to sign up for new accounts from a single computer..... Sounds like the same crew that hit ours (http://wik.ed.uiuc.edu). It’s not a pleasant thing to see first thing in the morning.

I don’t know what features of Bad Behavior has, but it seems like the best way to stop this particular attack would be to disallow rapid-fire creation of new accounts from the same IP address (all of ours were from one IP in Russia).

Of course, one could imagine a situation where several real people try to sign up for new accounts from a single computer…..

]]> By: D'Arcy http://www.darcynorman.net/2006/03/02/vindictive-wiki-spammers/#comment-81515 D'Arcy Wed, 31 Dec 1969 17:00:00 +0000 1917947093#comment-81515 Ah. Cool. Thanks, Michael. I didn't realize BB was more involved than that. Pretty happy with it so far :-) Ah. Cool. Thanks, Michael. I didn’t realize BB was more involved than that. Pretty happy with it so far :-)

]]> By: Michael Hampton http://www.darcynorman.net/2006/03/02/vindictive-wiki-spammers/#comment-81516 Michael Hampton Wed, 31 Dec 1969 17:00:00 +0000 1917947093#comment-81516 Bad Behavior checks a lot more than User-Agent and Referer, which is why it works so well. It isn't perfect, of course, but nothing is. Bad Behavior checks a lot more than User-Agent and Referer, which is why it works so well. It isn’t perfect, of course, but nothing is.

]]>