v50 Steam/Premium information for editors
- v50 information can now be added to pages in the main namespace. v0.47 information can still be found in the DF2014 namespace. See here for more details on the new versioning policy.
- Use this page to report any issues related to the migration.
This notice may be cached—the current version can be found here.
Editing Dwarf Fortress Wiki talk:Spambot attacks
Jump to navigation
Jump to search
Warning: You are not logged in.
Your IP address will be recorded in this page's edit history.
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 6: | Line 6: | ||
: I mentioned several possible solutions here: [[Dwarf_Fortress_Wiki_talk:Spamreport]], but nobody seemed to notice. Even though ''actual'' SPAM has been practically eliminated, all this SPAM and (Deletion log) / (Block log) ''really'' clutters up the Recent changes list. In addition, have you considered restricting new members (those that seem to pass the spambot tests) so that they must make at least a few content edits before they (automatically) get permission to start a new page? --[[User:Thundercraft|Thundercraft]] 07:14, 9 February 2011 (UTC) | : I mentioned several possible solutions here: [[Dwarf_Fortress_Wiki_talk:Spamreport]], but nobody seemed to notice. Even though ''actual'' SPAM has been practically eliminated, all this SPAM and (Deletion log) / (Block log) ''really'' clutters up the Recent changes list. In addition, have you considered restricting new members (those that seem to pass the spambot tests) so that they must make at least a few content edits before they (automatically) get permission to start a new page? --[[User:Thundercraft|Thundercraft]] 07:14, 9 February 2011 (UTC) | ||
::You're right about the clutter. I read your suggestions and while the general ideas are good, one problem is that we want our solutions to be as unique as possible. So it's not just a matter of using a new captcha or something, it's a matter of using a technique *not* used (or solvable) by the same means as those on every other site. The idea is that, if everyone is using the same few anti-spam plugins/captchas/whatever, they'll take the time to make a program (or trick people into) bypassing them. But the more unique we can make our signup pages and such, the less likely they'll be able to do anything on this one site (because we're not big enough for them to bother with). Right now, I've traced the spam to see that they mostly target MediaWikis. I think we'd get a lot of mileage out of changing even trivial things, like the id fields on the forms (input id="wpSave" name="wpSave" type="submit"). Even a rename of a few fields on, say, the sign up page might confuse them enough to make signups fail more often. Parsing HTML is a pain in the rear and if we have nice, *unique* stuff, we'll make it not worth their time to change their code just to spam one small wiki, when they have zillions of others that they can attack. [[User:Uristocrat|Uristocrat]] 08:32, 9 February 2011 (UTC) | ::You're right about the clutter. I read your suggestions and while the general ideas are good, one problem is that we want our solutions to be as unique as possible. So it's not just a matter of using a new captcha or something, it's a matter of using a technique *not* used (or solvable) by the same means as those on every other site. The idea is that, if everyone is using the same few anti-spam plugins/captchas/whatever, they'll take the time to make a program (or trick people into) bypassing them. But the more unique we can make our signup pages and such, the less likely they'll be able to do anything on this one site (because we're not big enough for them to bother with). Right now, I've traced the spam to see that they mostly target MediaWikis. I think we'd get a lot of mileage out of changing even trivial things, like the id fields on the forms (input id="wpSave" name="wpSave" type="submit"). Even a rename of a few fields on, say, the sign up page might confuse them enough to make signups fail more often. Parsing HTML is a pain in the rear and if we have nice, *unique* stuff, we'll make it not worth their time to change their code just to spam one small wiki, when they have zillions of others that they can attack. [[User:Uristocrat|Uristocrat]] 08:32, 9 February 2011 (UTC) | ||
− | |||
− | |||
− | |||
− | |||
===Anything we can do?=== | ===Anything we can do?=== | ||
Line 23: | Line 19: | ||
Can you ban IP addresses, instead of waiting for the accounts to be made? Or are they too random, or shared with actual users? --[[User:DeMatt|DeMatt]] 03:28, 9 February 2011 (UTC) | Can you ban IP addresses, instead of waiting for the accounts to be made? Or are they too random, or shared with actual users? --[[User:DeMatt|DeMatt]] 03:28, 9 February 2011 (UTC) | ||
:When we block the accounts, we've been also disabling account creation on the IPs associated with the account. They've just got a ton of IPs. [[user:Emi|<span style="color:#8a4e4e">Emi</span>]] [[user_talk:Emi|<span style="color:#6a3e4e">[T]</span>]] 03:41, 9 February 2011 (UTC) | :When we block the accounts, we've been also disabling account creation on the IPs associated with the account. They've just got a ton of IPs. [[user:Emi|<span style="color:#8a4e4e">Emi</span>]] [[user_talk:Emi|<span style="color:#6a3e4e">[T]</span>]] 03:41, 9 February 2011 (UTC) | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− |