From CSS Discuss
Since the Wiki seems to be getting spammed constantly, maybe we can use this page to consolidate our efforts against the spammers. I started checking the RSS feed again due to Simon's call on his blog.
- Simon, can you block IPs? 220.127.116.11 hit the Front Page three times this morning.
- Seems like not all spams are showing up in the RSS feed. Is this because of my checking frequency? If we should update more frequently, what's the recommended update frequency.
- I erroneously called out NPrice as spamming because of the RSS discrepency. I thought maybe the spammers were getting crafty and labeling their spam additions as spam removals so we wouldn't check. Does anyone know if this has actually happened?
-- James Craig
I've noticed that the feed will only show the most recent edit to a page. So, for example, if a spammer hits the frontpage three times and one good neighbor comes along and cleans it up, I only see the cleanup entry when I update the feed. I do find myself checking valid posts since the feed doesn't give enough info, though.
I was wondering if the feed items could contain more information than just the "Summary of change." I've seen a couple spammers mark their edits as spam removal (sneaky buggers). What if the feed contained the same info that is show when you view the document history, at least for the last post? I guess there's nothing to keep the spammers from posting their spam and then posting a "clean" edit to hide their change from the feed...Maybe the poster's ID/IP should be shown as well? If it isn't a recognized person, feed readers could double check.
Also, any way to parse the posts for known spam URLs and not save the changes when they're added? May be too much overhead/possible DoS, but it can't hurt to ask.
Umm, question... why don't we switch the wiki ACLs to only allow registered users to post/edit? I'm using Wakka (http://www.wakkawiki.com) for my own wiki needs, and it's coming with access lists, which would be helpful here as well. Don't get me wrong, I'm not saying we should switch to Wakka, I'm just saying that ACLs might be a good idea. :) After all, most people posting here are regulars anyways, so I doubt it'd make a difference to them or any new/honest editor.
Or even password-protect the wiki with a real obvious password, counting on the fact that the spammers seem to be 90% Chinese and may not be able to read something like "The password is a three-letter acronym used to name the technology that this wiki was set up to discuss," or "The password is the last name of the list moderator." (Eric is still doing it, right? Not subscribed ATM but still following the wiki.)
And I think Jack's idea of including the Page History diff info in the feed item body is a good one, and would be very helpful in differentiating spam from real edits.
-- Micah Sittig
Is it possible to get a 'diff' of the previous page? What about having it sent via email rather than RSS feed? I don't want to check too often (1/hour) but would be willing to accept email saying "here's the latest checkin" (which is how I respond to MT comment spam)?
Putting a diff into the RSS feed would let us see what had really changed, but I don't know if it's technologically possible
You can get a 'diff' in the View document history link at the bottom of the page. I agree that would be a great addition to the RSS feed along with author and IP address.
-- James Craig
In regards to the Recent Change entry: "(2004.05.05 09:56:56) (history) Answer Needed . . . . (David Dorward)? [Revert to pre-spam state (spam cleaner a little over zealous]" -- That was me who got over zealous. My apologies! -- Isofarro.
Bogus Wiki Word Spam
I noticed another spam technique today. Look out for apparent Wiki words with square brackets. The spammer left the link text, but linked it to an external site. At first glance, the page appeared unchanged. For example, [[[ Wiki Word ]]] versus Wiki Word Wiki Word
I was tinkering with the bogus Wiki Word link earlier (you may have seen mine, though I put it back the way it was when I was done). I was pretty sure it would work, and was testing it out. I figured it was only a matter of time before wiki spammers get really nasty. The fact that we're still successful stopping it manually really is surprising-- and won't last. -- Jeremy Dunck
"Chongqing" is a technique to hit the spammer where it hurts. See http://chongqed.org/ for more about how it works. We could set up a page here for Chongqing too, that links the spammer's keywords to the page about them on Chongqed.org. -- Tarquin