Wiki-Spammers (was: [Pmwiki-users] pmwiki.org - version 1 - vandalised)

Patrick R. Michaud pmichaud
Mon Jan 10 09:03:21 CST 2005


On Mon, Jan 10, 2005 at 03:41:57PM +0100, Thomas -Balu- Walter wrote:
> At around 04:00 this morning I noticed that "bob" once again vandalized
> my Wikis (old and new one), so I undid his changes... I also locked the
> old wiki pages by giving an edit password.
> 
> About 20 Minutes later the following happened:
>  ...
> The pages were not changed though as I guess PmWiki ignored them because
> of a missing password.

In v1 the "mailposts.php" script goes ahead and records the edit even
if it's later blocked.

> I do not want to block all visitors from modifying pages or having to
> approve their links.
> ...
> So I wonder if another mechanism would be to disallow adding of content
> with more than X external links in it.
> Probably not - because the spammers than will just split their adding of
> new links into more tha n one edcit request probably.

This is why v2 now does it by disallowing any post with more than X
"unapproved external links".  There's a maximum number of unapproved
links on the page, regardless of the number of posts.  Of course, this
also means that someone has to be doing link approvals.

> Another idea: having the visitors to enter a code that is randomly
> generated inside a graphic if they add content with more than x external
> links?

This is commonly known as "captcha" handling.  Several people have asked
about adding this feature to PmWiki for all edits; I don't like that much
but I could see using it only on postings containing external links.

> I am a little low on time at the moment, but I'd probably go for
> something like the last if someone tells me an easy way to count the
> external links (not enough time to figure out the needed regexes :).

It's not hard to count the external links -- the (v2) pattern is
"/https?:[^\\s$UrlExcludeChars]*[^\\s.,?!$UrlExcludeChars]/" .

I'll look a bit further into captcha.

Pm



More information about the pmwiki-users mailing list