Topic on Project:Support desk

Overwhelmed with spammers

11 comments • 11:05, 26 December 2012 11 years ago
11
MaryLOhio (talkcontribs)

I am one of the admins on this wiki. In the last 2-3 months the spam has greatly increased. From being a few minutes job to removing/blocking to now, over 500-1000 hits a day. I stopped blocking as it doesn't do any good, they just keep coming back in 3fold. I just go and delete and block those that are the nastier, page vandal ones, etc. I am beyond frustruted with this.

Is there a way to shut off creation of new users? any way to do a MASS deletion of current spammers (I would say close to 15K as no way we have that many users that use our wiki site.

I see we have a very old version. I have looked over the upgrade but it is confusing and overwhelming to me, I consider myself a moderate knowledge of computer/internet but this is a bit geek to me.

Here is the wiki page: http://alexbrownracing.com/wiki/index.php/Main_Page

The version information: MediaWiki: 1.6.10 PHP: 4.4.4 (apache) MySQL: 4.1.22-standard Extensions: Extension functions: wfWikiScript

Parser extension tags: <wikiscript>


Just really need some assistance with this issue, I have not gotton to new pages yet and I know there is about 300 there, just been trying to clear the mess from the user spammers.

Thank you for any help you can give

Reply 16:14, 12 December 2012 11 years ago
88.130.105.252 (talkcontribs)

Add this to LocalSettings.php to disable user creation:

 $wgGroupPermissions['*']['createaccount'] = false;

For more information on spam see combating spam.

Reply 23:26, 12 December 2012 11 years ago
MaryLOhio (talkcontribs)

And where and how do I do that?

How difficult is it to upgrade, I really like this format and how you need to enter in characters to post or join

Reply 23:42, 12 December 2012 11 years ago
MaryLOhio (talkcontribs)

Been discussing this with the person who created the wiki and has access to the server, since I don't and assumed things could be done within the wiki pages itself.

Is there a way to globally protect all pages, so only the admins can still edit as needed? You gave me answer to his other question on stopping new user creation. He also wondered about removing all editing, but that would prevent us also from editing right?

Thank you

Reply 14:20, 13 December 2012 11 years ago
Bawolff (talkcontribs)

You can do something like:

$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['user']['edit'] = false;
$wgGroupPermissions['sysop']['edit'] = true;

At bottom of LocalSettings.php file on the server.

See manual:User rights. $wgNamespaceProtection may also be of interest

Reply 14:37, 13 December 2012 11 years ago
MaryLOhio (talkcontribs)

Thanks, will let him know as our wiki page along with the main page that is also hosted on the server is down as we again got attacked and overwhelmed with spammers. He wants to put things into place before brining things back up.

Reply Edited 15:36, 13 December 2012 11 years ago
MaryLOhio (talkcontribs)

Since it has been awhile since He created the wiki page, where is this information put at? is there a section on the wiki page to do so?

Thank you

Reply 16:09, 13 December 2012 11 years ago
88.130.66.101 (talkcontribs)

The lines Bawolff and I posted (the ones starting with "$wgGroupPermissions") do not belong in a wiki page. They cannot be added with your MediaWiki account. You cannot add them with your webbrowser.

MediaWiki is installed somewhere on your server. There it has a lot of files; PHP files and so. You need special access to your server to be able to see them; you need access via FTP or Shell. One of these files is called "LocalSettings.php". This is the file, in which you have to add these lines.

Reply 16:17, 13 December 2012 11 years ago
MaryLOhio (talkcontribs)

Thank you for that reply, that really helped him out and he is taking care of it now. We are going to go with blocking new accounts first and then the other if problematic with those spammers that are already there. At least this way will be easier for me to deal with what is already there and block them as they try to return (old ones I only had time to just delete) Many were done using spambots so this should take care of those (we hope!)

Appreciate all the help!!

Reply 16:52, 13 December 2012 11 years ago
Dave88008 (talkcontribs)

I'm happy to finally live life in peace with no spam by:

  1. $wgEmailAuthentication = true; // require email authentication for using any email function (except password reminder which works independently from this setting)
  2. $wgEmailConfirmToEdit = true; // Require a confirmed address to edit pages
  3. $wgGroupPermissions['*']['edit'] = false; //Disable anonymous editing
  4. Using the Extension:SpamBlacklist
  5. Using the Extension:ConfirmEdit - I've found the QuesetyCaptcha to be the simplest and most effective so far.

Hope that brings you peace. :-)

As a side note, I'd like to know how this site (mediawiki.org) manages to allow open posting for non-logged in users without getting spammed to death? Just curious because I don't mind requiring logged-in and email confirmed users to post on my site, but would like to know how mediawiki.org handles this.

Cheers

Reply Edited 02:46, 26 December 2012 11 years ago
Bawolff (talkcontribs)

It helps to have a very active group looking through Special:Recentchanges reverting the spam as it comes. We do use SpamBlacklist and ConfirmEdit to help prevent spam. People who add spam do get blocked which helps to deal with it (Some of whom get blocked globally across all Wikimedia wikis. There's a group at meta - meta:Small_Wiki_Monitoring_Team that helps out smaller Wikimedia wikis dealing with spam). I have no idea how much it effects anything, but certain user-agents are blocked at the server level (My understanding is that that is more to deal with people who overload servers with badly programmed bots then to deal with the spammers). Certain types of spam can be blocked by the AbuseFilter, but I don't think that has a major effect, at least on this wiki. There's also extension:AntiBot which does secret things to prevent spam bots. What it does I have no idea, and to be honest I'm somewhat doubtful it has a major effect, but who knows. (That's all I can think of. Quite possibly there's more stuff I'm not even aware of)

Reply 11:05, 26 December 2012 11 years ago
Reply to "Overwhelmed with spammers"
Retrieved from "https://www.mediawiki.org/wiki/Topic:Qyny7lkkxycdp8c9"