Aahz wrote: > On Thu, Jan 24, 2013, M.-A. Lemburg wrote: > > We're currently working on setting up the new VM with the Python and > > Jython wikis. > > > > In order to increase security and also to help a bit with avoiding > > spam/vandalism, we'd like to disable editing of wiki pages without > > login. > > > > Any objections ? > > That was in fact the setup previously, and I strongly support reverting > to it. As Barry notes, there are some pages that will need a higher > level of protection, but as long as we've got off-VM backups, we can > handle any mishaps.
Indeed. I don't buy into the myth that people perpetuate about Wikis having to allow anonymous access or otherwise be instruments of The Man, or whatever. The Internet is full of people who will happily pollute any editable site with their idiotic spams and scams, and some fairly basic measures will deter the bulk of these people. I recommend... Requiring some kind of login. This actually makes it easier for the editors to see at a glance who has edited a page (Aahz rather than, say, 123-client.456-server.verizon.com) and make a quick judgement about whether the edit needs investigating. We can support OpenID - you can even use your Python Package Index identity! - and so don't even need to make people set and remember distinct passwords. Maintaining the textcha protection for random newcomers. I appreciate that textcha questions can be a pain - on one Wiki I use, the questions required a fair amount of research on my part because I am a mere developer and not part of the target audience - but we can migrate people quickly to a group/list that doesn't get bothered with questions. Textcha can be very effective: on some sites I've seen where they turned the feature on, spam was more or less eliminated. Having some kind of mechanism for managing new user registration. I wouldn't want to impose the approval of new users because it stops the quick-but-good edits of people who are new to the Wiki but want to fix something, but it is the case that there may be a lot of "registration spam", meaning that the Wiki fills up with users who will never succeed in making an edit because they can't answer the textcha questions. Maybe there are already tools that deal with this. If not, I may be encouraged to write something. Beyond this, we could introduce edit approval for random newcomers - I wrote something that puts edits in approval queues - but this is really something for a site where you want the barrier to editing to be very low but the barrier to publishing to be much higher. For the Python Wikis, the barrier to editing should be low but not *very* low, and the barrier to publishing should not be significantly higher. Finally, I would like to thank Marc-André for his forensic and recovery work as well as Thomas and Reimar for their work in attempting to restore the content. Once again, the PSF should be thanked for making resources available for the improvement of MoinMoin in various respects. Ensuring the vitality of widely-used Python projects like MoinMoin is an essential part of ensuring the vitality of Python itself. Paul _______________________________________________ pydotorg-www mailing list pydotorg-www@python.org http://mail.python.org/mailman/listinfo/pydotorg-www
