[SAC] Fwd: Legit users vs. spam users
Brian M Hamlin
maplabs at light42.com
Mon Nov 23 17:10:22 PST 2015
Hi Markus, Christian, Martin --
I have contacts at the Wikimedia Foundation, since last year.. here is the chat log just now:
dbb hi all - our heavily used (and beloved) MediaWiki just got upgraded, and its time to take a look at the outrageous number of spam users being created daily, and spam pages
dbb I believe I will get access at every level, but I want to be careful..
dbb .. just looking into it now
dbb !!! the sys-admin mailing list says 16300 spam user accounts created in the last four days ?!?!?
wm-bot There is no such key, you probably want to try: !bribe, !tss,
dbb "UserMerge and BlockAndNuke have failed" .. it says here
dbb f***
MaxSem !spam
wm-bot For information about combating and handling spam in MediaWiki, see <http://www.mediawiki.org/wiki/Manual:Combating_spam> and <http://www.mediawiki.org/wiki/Anti-spam_features>.
dbb oh - MaxSem .. hi .. Brian at OSGeo here
dbb I have a mess on my hands apparently
wmat dbb: are they actually creating content?
wmat dbb: if not, just run removeUnusedAccounts.php to delete all of them
MaxSem 1) disable account creation until more measures are taken
dbb I have just opened this minutes ago
dbb yes agree - this is crazy
wmat dbb: I use a dynamic captcha + confirm account + I blow away unused accounts once a month
dbb we had a tech add LDAP login very recently, and upgrade the version
dbb we use our LDAP heavily for other sites
MaxSem I don't see LDAP auth at http://wiki.osgeo.org/wiki/Special:Version
anchit
MaxSem anchit, mentor? are you a developer?
MaxSem dbb, meanwhile +2 accounts
dbb ugh
dbb ..
MaxSem disable creation, then figure out what to do
dbb whats the best way to disable ?
MaxSem !access
wm-bot For information on customizing user access, see <http://www.mediawiki.org/wiki/Manual:User_rights>. For common examples of restricting access using both rights and extensions, see <http://www.mediawiki.org/wiki/Manual:Preventing_access>.
in other words, $wgGroupPermissions['*']['createaccount'] = false;
--
Brian M Hamlin
OSGeo California Chapter
blog.light42.com
More information about the Sac
mailing list