[pmwiki-users] Spam bots on PmWiki.org

Pico Ben-Amotz pmwiki at ben-amotz.com
Wed Oct 17 19:13:05 CDT 2007


On 10/16/07, Patrick R. Michaud <pmichaud at pobox.com> wrote:
> On Tue, Oct 16, 2007 at 08:41:29PM -0400, drew wrote:
> > Patrick R. Michaud wrote:
> > > On Thu, Oct 11, 2007 at 04:12:07AM -0700, Pico Ben-Amotz wrote:
> > >> Is it time to consider adding a captcha recipe?
> > >
> > > Another stopgap measure (suggested by Crisses) may be to try using
> > > a honeypot on pmwiki.org to trap spam.  But I'm not sure that a honeypot
> > > would have much effect on the current bout of spam that we're
> > > seeing.
[snip]
> >    http://www.digg.com/programming/Preventing_SPAM_without_using_a_CAPTCHA
[snip]
> "honeypot" -- it's a false input
> field that is invisible to humans (and therefore not triggered) but
> is often triggered by unintelligent spam robots.
>

How about cutting out a couple of steps in the process of identifying
spam and adding ip addresses to the blocklist, for example:

1. Add a "diff" link to each entry on the AllRecentChanges page that
jumps straight to the history view (action=diff).  That saves one step
of the two step process of clicking on the page name link to view the
page and then clicking on the history action link.

2. Add a "block ip" link (next to the restore link) that takes the ip
address of the author (the host value) and posts it to the blocklist
(add line).  That saves mousing over the author to get the ip address,
noting the number, navigating to the block list page, clicking in the
edit link, adding a line with the text and ip address, saving the
page, navigating back to the original page, clicking on the history
link, and mousing down to the next diff item containing spam.

3. Optionally you could save a few more steps if the block ip link in
step 2 could also take care of doing the restore AND save.  Now, that
might not be a good idea for spam that is buried down in the history,
but perhaps you could make the restore and save happen when the "block
ip" link is clicked on the most recent diff.  That way you could work
your way back down restoring and adding ip addresses to the blocklist
with a single click for each separate spam diff.

On a site such as PmWiki this would make a huge difference in tipping
the scales towards those who volunteer to do a little cleaning in
their spare time.

Pico

P.S. When I was first viewing the most recent rounds of spam I thought
that there was no consistency in the ip addresses of the spammers, but
I now see a pattern over time.  For example, when I look at the
history pages for the following three spamings listed in
AllRecentPages:
# Cookbook.Homepage . . . October 17, 2007, at 05:10 PM by Margaret R Lim?:
# Cookbook.BlackList . . . October 17, 2007, at 04:52 PM by Margaret R Lim?:
# Cookbook.Notebook-nt-skin . . . October 17, 2007, at 01:36 PM by
Margaret R Lim?:

There will be two saves one right after the other showing different ip
addresses.  But if you note one of the ip addresses and search down
the list of diff entries you will be able to find a match in a prior
post (using a different author name).  So, in the end, I think that
adding these ip addresses to the block list will be productive.



More information about the pmwiki-users mailing list