On Tue, Nov 22, 2011 at 12:58 PM, Joanna Cheng <joanna.che...@gmail.com> wrote: > Hi everyone, > >> Looks like a vandal bot to me. > Yes, it is > >> How can one delete pages from the wiki? > Only Administrators can. Right now that's jwe and I. > I'm always online, and often at my keyboard. Just ping me on irc or > write on my wiki talk page to let me know, and I can get onto > deleting/blocking. > > ----- > > While we're on the topic, let me talk about spam bots. > > There are a couple of barriers you can put up to try and stop the flow > of spam bots. Making them join (disabling anonymous editing) is the > first barrier. Making them solve a CAPTCHA to register is another. > Making them verify their email before editing is a third. But of > course, each of these measures also makes it more difficult for > legitimate members to contribute. > > The first doesn't really do much, you get the same amount of spam, > they're just registered. The second stops a few more but I suspect > either captchas are almost broken, or they have people just sitting > there solving them. The third slims down the amount of spam, but not > the number of spam accounts that get registered (but emails never > verified, so they don't actually spam). > > Having said all that, in my experience spam bots are mostly single-hit > -- they join, spam once, and then you never hear from them again. Even > after going through all the barriers above, most of the bots I see are > still single-hit. It's kind of weird how much effort they go through > for one single spam message... > > One way to get rid of spambots once and for all is to approve > registrations manually (but this is a pain and really inhibits > contribution and I don't think this is really viable unless you only > have a small community who needs to edit, and I don't think octave > fits into this category). > > Onto CAPTCHAs. I use reCAPTCHA on my wikis > (https://www.mediawiki.org/wiki/Extension:ReCAPTCHA) which is run by > Google and helps in digitising books. It's reasonably customisable. > For the example above, it reduces to the following policy: > - unregistered users cannot edit, only view source > - registered users who have not verified their email cannot edit either > - registered users can edit freely > - to register you need to solve a captcha > - your first login attempt is CAPTCHA free, all subsequent attempts > require solving a CAPTCHA (I think this is tracked by IP) > > This seems to work okay, no one has complained yet (at least not to > me), and I've had this going on my wiki for a couple of years. I seem > to recall there also being a feature where you could lock an IP out > for <period of time> if they failed a captcha X times in a row, which > can lower the risk of your webserver getting hammered. > > There are other CAPTCHAs around (see > https://www.mediawiki.org/wiki/ConfirmEdit); another one we might > consider is QuestyCaptcha, which makes users answer a question from a > pool defined by the site owner. If we add context-sensitive, > octave-related questions, that might work better than reCAPTCHA (which > just requires a decent OCR program to crack). > > At the end of the day it's about balancing security with annoying your > potential contributors. So, discuss, and feel free to ask me > questions. I've been running wikis for about 3 years now and am happy > to share my experiences. The above is just my experience of what has > and hasn't worked, if someone has a different clever idea I'd be keen > to hear it too. > > One final note, a spam post every couple of days is pretty low-key, I > don't think it's a problem that requires an urgent solution (yet). > Obviously as the wiki gets bigger and gets more attention, we'll get > more spam. But I used to be deleting/blocking 50 spam posts a day -- > so I'm happy to take the responsibility of keeping this wiki spam-free > for a while so we can have a proper discussion. > > --Joanna >
I am ok with a *CAPTCHA system, it never bothered me. which one? I really do not anything about that, so I guess is your call. Do you mean you will be checking the recent changes and deleting by manually? -- JuanPi Carbajal ----- "Complex problems have simple, easy-to-understand wrong answers." Murphy’s Law Book Two ----- http://ailab.ifi.uzh.ch/carbajal/ ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-novd2d _______________________________________________ Octave-dev mailing list Octave-dev@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/octave-dev
