Page MenuHomeTelepedia
Create Task
Maniphest T11

Improve available functionality to combat spam/vandalism
Closed, ResolvedPublic
Actions

Description

We have been rather lucky to avoid attacks by spam bots since we began, but it seems we have recently become the target of such, with New Qualitipedia Wiki in particular becoming a specific target. To combat this, some extensions need to be added to ManageWiki to allow bureaucrats to effectively combat spam and vandalism.

  • ConfirmEdit using hCaptcha; whilst this is not the most effective solution, it is a barrier, and should reduce some spam.
  • Evaluate the addition of the Moderation extension to ManageWiki
  • Evaluate the addition of SpamBlacklist and TitleBlacklist extensions to ManageWiki (or globally?)

Currently, hCaptcha is set to trigger on based on this configuration:

$wgCaptchaTriggers['edit'] = false; 
$wgCaptchaTriggers['create'] = false; 
$wgCaptchaTriggers['addurl'] = true; 
$wgCaptchaTriggers['createaccount'] = true;
$wgCaptchaTriggers['badlogin'] = true;

which is the default one supplied by the extension — these can ideally be added to ManageWiki/permission to allow on-wiki configuration.

Event Timeline

OriginalAuthority triaged this task as 80 priority.Feb 23 2023, 3:06 AM
OriginalAuthority created this task.
OriginalAuthority updated the task description. (Show Details)
OriginalAuthority changed the visibility from "All Users" to "Public (No Login Required)".Jun 17 2023, 5:36 PM
OriginalAuthority changed the edit policy from "All Users" to "Task Author".
OriginalAuthority added a project: MediaWiki.
OriginalAuthority closed this task as Resolved.Nov 4 2023, 6:27 PM

We had another round of spam attacks recently, and as a result, there were several measures taken.

Initially, SpamBlacklist was enabled, and a global Spam list was added to Meta; I also took the precaution of several AbuseFilters, but these didn't seem to work as effectively as thought. As a result, account creation was temporarily disabled on wikis (with users still able to create accounts on Meta and Login Wiki), which has seemed to prevent attacks.

Looking forward, it might be worthwile to add the moderation extension to ManageWiki. As thought, hCaptcha is practically useless.