[Pmwiki-users] Re: Another Question

Patrick R. Michaud pmichaud
Sat Jan 22 07:12:02 CST 2005


On Sat, Jan 22, 2005 at 08:15:06AM +0000, Ciaran wrote:
> I've cc'd Pm in, incase I mis-explain something to you  :) 
> > I'm assuming that we will be able to block abusers if and when need be,
> > or restrict access later.
> Not at the minute, see my earlier point about an outstanding feature
> request (PITS 0010 I think..)

It depends what sort of abusers you're wanting to block.  If you're
worried about wiki spam, one of the best ways to do this is to
use the urlapprove.php script that comes with the distribution.  
This script allows a site to distinguish between "approved" and 
"unapproved" urls, and a list of approved urls can be
maintained.  Any url that is not approved is not converted to a link;
furthermore, any post that contains too many unapproved URLs is
automatically rejected.  (Spammers seem to want to post lots of
unapproved links, so this is pretty effective.)

This is the method that is being used on pmwiki.org; since I began
this wikispam abuse has not been an issue even though the wiki is
an open one.  More details on this below.

If you're concerned about abuse coming from people simply destroying
each other's posts, then password-protecting only those selected pages in
which this is occurring is probably a sufficient response.

And yes, user-based authorization is slated for inclusion in an
upcoming release.

Okay, back to url approvals.  To enable this for your site, simply
add the following to local/config.php:

    include_once('scripts/urlapprove.php');

This causes links to external sites to be listed on an "approval page"
(normally Main.ApprovedUrls) before the system will automatically
convert them into links.  Any external links not listed on the approval
page are not converted into links and are displayed with an 
"(approve links)" button.  Pressing the "approve links" button will
add all unapproved links on the page to Main.ApprovedUrls, thus
approving them.  The Main.ApprovedUrls page can be password-protected
to limit the url approval capability.

You can experiment with this capability on pmwiki.org -- just create a
page somewhere in the Main group and place a link to an external site
on it.  It will then be marked as needing approval.  The password for
approving URLs on pmwiki.org is "quick".

Finally, to block posts that contain too many unapproved external urls,
simply set the following in config.php:

    $UnapprovedLinkCountMax = 10;

If you want to disable the url approval requirement for selected pages
or groups, you can simply set the following in the corresponding page
or group configuration file:

    $EnableUrlApprovedRequired = 0;

I do this on pmwiki.org for the Test, PITS, and Cookbook groups, as well
as for Main.WikiSandbox.

I know there's a lot of information here, so if there are any questions,
feel free to ask.

Pm





More information about the pmwiki-users mailing list