Extension:CommentSpammer
From MediaWiki.org
 Release status: experimental |
|
|---|---|
| Implementation | Page action |
| Description | Rejects edits from suspected comment spammers on a DNS blacklist. |
| Author(s) | Nickj |
| MediaWiki | 1.12, or 1.11 alpha after rev:27093 |
| Download | svn (browse) log |
| Parameters | $wgHoneyPotKey, $wgCommentSpammerLog |
| Hooks used | |
The CommentSpammer extension rejects edits from anonymous users listed as comment spammers on the Project HoneyPot DNS blacklist.
Contents |
[edit] Before you go any further
At the moment we have confirmEdit, which is great for stopping links being automatically inserted, and stopping spammers from automatically creating accounts, but turning it on for every anonymous edit may be too intrusive. And we have $wgEnableSorbs, which is great for stopping open proxies. Consider enabling confirmEdit and $wgEnableSorbs first before installing this extension - you may not need it.
[edit] Background
There is a new category of wiki comment spam emerging, one that adds random gibberish to your wiki, without any web links, and that is often not from a known open proxy. It adds nonsense words like "laletoalca" and "rolerr" and "notac4tc" and "virochiorboa" and "oloreldell" and "c4teltlir" to pages. This extension currently seems to stop around roughly 80% to 90% of this type of spam.
So this extension takes it one level further, whilst still allowing anon edits, as it asks the Project HoneyPot DNSBL whether an IP address corresponds to a known "comment spammer" (which is a new category they seem to have added recently). The reason I selected honeypot rather than another black list is that for the last batch of spam comments that got through on my wiki, they were all listed as "comment spammers" on honeypot, and usually within the first 10 Google hits for those IP addresses. (i.e. it was based purely on past performance).
[edit] Getting a HoneyPot Key
This extension requires a honeypot key to use. Steps to get this:
- Create an account.
- Verify your account by visiting the emailed URL.
- Create a key.
- You'll need this key for the installation below.
[edit] Installing
Copy the CommentSpammer directory into the extensions folder of your MediaWiki installation. Then add the following line to your LocalSettings.php file (near the end):
$wgHoneyPotKey = 'inuvziahgprwh'; // (or whatever your key is that you got in the step above) require_once( "{$IP}/extensions/CommentSpammer/CommentSpammer.php" );
[edit] Optional Configuration
If you want to see logs of the edits that are allowed or denied in Special:Log, then include these lines:
$wgCommentSpammerLog['allowed'] = true; // only if you want logs of allowed edits in [[Special:Log]], otherwise omit. $wgCommentSpammerLog['denied'] = true; // only if you want logs of denied edits in [[Special:Log]], otherwise omit.
[edit] Submitting patches / updates / future directions
Any patches or updates welcome - and if you have commit access, you don't need to ask me (in fact, I'd really prefer it if you didn't) - just modify away, and please add your name as an author. Also if you're looking for something to work on, some possible ideas for improvement include:
- Reporting back to projecthoneypot.org when a known spammer re-offends (to keep their block alive).
- Reporting back to projecthoneypot.org when someone is blocked for spamming (to make it harder for them to attack other wikis).
- Automatically reviewing anon edits 24 or 48 hours after they are added, and auto-reverting those from now-known comment spammers (this stops the problem where someone has just started spamming, and they attack your wiki first - this way you get retroactive spam protection too, from the people they spam after you).
- <Insert your cool idea here>!
In short, you want to allow people to fight spam collectively, rather than individually, or to find other ways to reduce the cost of being spammed, but increase the cost to the spammer.
