Spam

From ropewiki.com
Jump to navigation Jump to search

Introduction[edit]

RopeWiki uses MediaWiki, the same software that runs Wikipedia and thousands of other wiki sites. This is an advantage because we can leverage the huge amount of development effort that goes into MediaWiki and associated extensions, but it also makes us vulnerable to spam bots that search out any MediaWiki site and attempt to post spam to it. Most spam bots are simply trying to increase the number of links to a favored site because doing so usually increases the search ranking of that favored site, showing it closer to the top of search results.

Reduction efforts[edit]

RopeWiki has two main mechanisms to reduce spam. First, people must answer a question before they can create a new account. While it would be simple to automate around this roadblock, it would have to be done on a per-site basis so spam bots not targeting RopeWiki specifically (as opposed to other MediaWiki sites) generally fail to get past this mechanism. Second, people must confirm that they have a valid email address by clicking on a link sent to their email before they are allowed to post anything. Many spam bots do not go to the trouble of providing valid email addresses so this step weeds out many bots. But, many bots do create valid temporary email addresses specifically to address this problem so this mechanism alone is insufficient.

Cleanup[edit]

When an administrator (having admin+bureaucrat privileges) discovers spam, he should follow these steps:

  1. Note the user account posting spam
  2. Merge that user account into the Spammer account using Special:UserMerge, checking the box to delete the old user after the merge
    1. This associates all the information of the new spamming account (email, IP addresses, etc) with the single Spammer account
  3. Delete all contributions from Spammer (which now includes contributions from the new spamming account) using Special:Nuke

Mitigation[edit]

Eventually spam bots discover the answer to the simple captcha question for account creation. When this happens, the question should be changed. To change the question, edit LocalSettings.php on the server and look for $wgCaptchaQuestions.

Retrieved from "https://ropewiki.com/index.php?title=Spam&oldid=111744"