Author Topic: Spambots  (Read 8711 times)

0 Members and 1 Guest are viewing this topic.

Offline Goober5000

  • HLP Loremaster
  • 214
    • Goober5000 Productions
They are getting out of hand now.  About five or six register per day, and they all have to be bandeleted.  Poor TopAce is doing almost all of the containment work himself.

Somewhat bizarrely, it doesn't even appear to be possible to disable new user registrations!  That adds even more urgency to finding a fix.

So does anyone know of any better spam-prevention modules we could add to MediaWiki?

 

Offline niffiwan

  • 211
  • Eluder Class
This page suggests that you can disable user registration?

Quote
To take the lock down idea to extremes, MediaWiki allows you to create a "gated community" where new users can't even register without asking you to set up an account for them. To do this, add the following to your LocalSettings.php:

Code: [Select]
#Disallow creating accounts
$wgGroupPermissions['*']['createaccount'] = false;

See Manual:User rights and Manual:Preventing access for more information.

edit: the bottom of the page also has some suggested add-ons, some of which are already in use (e.g. edit captcha)

edit2: actually, what are all those bots doing anyway, do that actually modify any wiki pages, or just register? I can't see any edit (in the last 100) that they've made, apart from just signing up... maybe I'm missing the point here  :nervous:
« Last Edit: February 03, 2012, 03:31:14 am by niffiwan »
Creating a fs2_open.log | Red Alert Bug = Hex Edit | MediaVPs 2014: Bigger HUD gauges | 32bit libs for 64bit Ubuntu
----
Debian Packages (testing/unstable): Freespace2 | wxLauncher
----
m|m: I think I'm suffering from Stockholm syndrome. Bmpman is starting to make sense and it's actually written reasonably well...

 

Offline TopAce

  • Stalwart contributor
  • 212
  • FREDder, FSWiki editor, and tester
nififwan: They almost always write their own user pages or create a new article, so there's nothing to revert/rollback, which is probably what you were looking for. There are a lot of deleted user pages, though, which contain the spam.

As for spambots in general: Normally I don't believe in preliminary strikes, i. e. banning a user just because his username is suspicious. It's like imprisoning anyone who sits in a car for more than 10 seconds in a 30-meter-radius of a bank. Banning very obvious spambots with names like those consisting of consonants only are fine in my book.

[EDIT]Post edited three times (I can't write sensibly today).
« Last Edit: February 03, 2012, 03:43:50 am by TopAce »
My community contributions - Get my campaigns from here.

I already announced my retirement twice, yet here I am. If I bring up that topic again, don't believe a word.

 

Offline niffiwan

  • 211
  • Eluder Class
Thanks for the explanation! 

What about this extension?  Looks like it could be setup easily to combat user registration, the example on the page looks like it could almost be dropped straight in, just update the regex in step 4 to meet a given requirement, like ensuring the username has at least one vowel.  Maybe something like:

Code: [Select]
User:[a-zA-Z0-9]+[aeiou][a-zA-Z0-9]+

(NOTE: not 100% sure the regex is valid...)
Creating a fs2_open.log | Red Alert Bug = Hex Edit | MediaVPs 2014: Bigger HUD gauges | 32bit libs for 64bit Ubuntu
----
Debian Packages (testing/unstable): Freespace2 | wxLauncher
----
m|m: I think I'm suffering from Stockholm syndrome. Bmpman is starting to make sense and it's actually written reasonably well...

 

Offline The E

  • He's Ebeneezer Goode
  • 213
  • Nothing personal, just tech support.
    • Steam
    • Twitter
Wouldn't help. Many of the wiki spambots are using real names.
If I'm just aching this can't go on
I came from chasing dreams to feel alone
There must be changes, miss to feel strong
I really need lifе to touch me
--Evergrey, Where August Mourns

 

Offline niffiwan

  • 211
  • Eluder Class
Well, I can't see many real names in the deletion log - but you're right regardless about the effectiveness of my suggested filter above as most usernames seem to have vowels in them anyway.  Almost none of them have spaces in their names though - so perhaps that could be a useful username filter?  Although, nearly every valid user has a single word as their username anyway, this is almost like a no-user-registrations-allowed approach.

Code: [Select]
User:[a-zA-Z0-9]+ [a-zA-Z0-9]+

If the spambots are mostly adding URLs then maybe this extension could be useful as well.  Or just have a read through this page, there's a fair number of suggestions in there.  Maybe Zacam has some ideas considering the anti-spam work he's done for the forums?

Creating a fs2_open.log | Red Alert Bug = Hex Edit | MediaVPs 2014: Bigger HUD gauges | 32bit libs for 64bit Ubuntu
----
Debian Packages (testing/unstable): Freespace2 | wxLauncher
----
m|m: I think I'm suffering from Stockholm syndrome. Bmpman is starting to make sense and it's actually written reasonably well...

 
Would it be possible to add the ship-name-CAPTCHA we once had to the registration page? I don't think any spambot ever got through that one...

 

Offline rev_posix

  • Administrator
  • 213
  • I have the password to your shell account...
    • Trials and Tribulations
Funny, Zacam and I were discussing this the other day.  Five to six a day is hardly 'getting out of hand' IMO, but it is something that needs to be dealt with before it gets any worse.

I had time to look at this briefly this last week, and there isn't a heck of a lot out there from my quick search.  It's kind of against the idea behind an open wiki, but at the same time, it is needed on todays 'net.

I seem to recall seeing a captcha plugin for mediawiki, but something that uses the stopforumspam database would be optimal I think.

I think I recall seeing a script designed for just that.  It's not pretty, as in doesn't integrate with the special pages in mediawiki, but it may be just what we need.

Another idea was to tie the usernames on the wiki to the HLP forum and only registered users here could do any editing there, or some form of that. be it usernames or just passwords, but with the possibility of contributors not necessarily being registered on HLP (not to mention naming conflicts or mappings), it was put aside.
--
POSIX is fine, as is Rev or RP

"Although generally it is considered a no no to disagree with a mod since it's pretty much equivalent to kicking an unpaid janitor in the nuts while he's busy cleaning up somebody elses vomit and then telling them how bad they are at cleaning it up cause you can smell it down the hall." - Dennis, Home Improvement Moderator @ DSL Reports

"wow, some people are thick and clearly can't think for themselves - the solution is to remove warning labels from poisons."

 

Offline Zacam

  • Magnificent Bastard
  • Administrator
  • 211
  • I go Sledge-O-Matic on Spammers
    • Steam
    • Twitter
    • ModDB Feature
Quote from: #SCP IRC
Jan 24 22:56:20 <Goober5000> in other words, we may need additional spam prevention measures for the FS Wiki
Jan 24 22:56:26 <Goober5000> *news
Jan 24 22:59:50 <Zacam-Away> Looking at MediaWiki extensions now.
Jan 24 23:06:14 <Zacam-Away> Sadly the Bad Behavior extension is rated as unstable.
Jan 24 23:07:34 <Zacam-Away> And CommentSpammer is rated as experimental
Jan 24 23:07:57 <Zacam-Away> There is a ConfirmAccount extension at least.
Jan 24 23:10:07 <Zacam-Away> Looks like it would take a mix of the three to accomplish sort of the same setup framework that we have for the forums.
Jan 24 23:10:17 <Zacam-Away> At a guess.
Jan 24 23:10:38 <Zacam-Away> Not familiar with Wiki work and I don't have the access through the wiki to do anything at the moment.
Jan 24 23:11:49 <Goober5000> hrm
Jan 24 23:20:10 <Zacam-Away> Fuuu. So many damn extensions.
Jan 24 23:22:01 <Zacam-Away> AntiBot and AntiSpoof seem to be doing well for MediaWiki's site directly.
Jan 24 23:25:27 <Zacam-Away> could also go with the ConfirmEdit and $wgEnableDnsBlacklist as well
Report MediaVP issues, now on the MediaVP Mantis! Read all about it Here!
Talk with the community on Discord
"If you can keep a level head in all this confusion, you just don't understand the situation"

¤[D+¬>

[08/01 16:53:11] <sigtau> EveningTea: I have decided that I am a 32-bit registerkin.  Pronouns are eax, ebx, ecx, edx.
[08/01 16:53:31] <EveningTea> dhauidahh
[08/01 16:53:32] <EveningTea> sak
[08/01 16:53:40] * EveningTea froths at the mouth
[08/01 16:53:40] <sigtau> i broke him, boys

 

Offline TopAce

  • Stalwart contributor
  • 212
  • FREDder, FSWiki editor, and tester
Funny, Zacam and I were discussing this the other day.  Five to six a day is hardly 'getting out of hand' IMO...

I agree with this. However, what we call it is pure semantics.

My biggest problem is the surreal spammer/meaningful contributor user registration ratio. I'm lazy to find out when the last human contributor registered to the Wiki, all I know it wasn't yesterday. I recall some recently registered user posting a personal observation on the GTVA Colossus somewhere, but beyond that, all the other new registrations are either members with zero edits or spammers. That's what annoys me a lot more than banning spambots one by one.
My community contributions - Get my campaigns from here.

I already announced my retirement twice, yet here I am. If I bring up that topic again, don't believe a word.

 

Offline rev_posix

  • Administrator
  • 213
  • I have the password to your shell account...
    • Trials and Tribulations
Funny, Zacam and I were discussing this the other day.  Five to six a day is hardly 'getting out of hand' IMO...

I agree with this. However, what we call it is pure semantics.

My biggest problem is the surreal spammer/meaningful contributor user registration ratio. I'm lazy to find out when the last human contributor registered to the Wiki, all I know it wasn't yesterday. I recall some recently registered user posting a personal observation on the GTVA Colossus somewhere, but beyond that, all the other new registrations are either members with zero edits or spammers. That's what annoys me a lot more than banning spambots one by one.
Agreed.  Please don't misunderstand me, I am not saying that it's a non-issue.  :)

I just did a quick look again, the the following links came up:
https://www.mediawiki.org/wiki/Manual:Combating_spam#An_example:_importing_stopforumspam.27s_IP_list
http://www.pschmidt.it/vim_source/updateBanned_php.txt
https://www.mediawiki.org/wiki/Extension:Check_Spambots

The extension seems to check stopforumspam among others, and with the apparent success of the stopforumspam plugin here, I tend to think that it would be a good choice, with the only problem is that it's listed as for 1.6 when the current is 1.5.5, so either a manual update or a backported package would be needed.
--
POSIX is fine, as is Rev or RP

"Although generally it is considered a no no to disagree with a mod since it's pretty much equivalent to kicking an unpaid janitor in the nuts while he's busy cleaning up somebody elses vomit and then telling them how bad they are at cleaning it up cause you can smell it down the hall." - Dennis, Home Improvement Moderator @ DSL Reports

"wow, some people are thick and clearly can't think for themselves - the solution is to remove warning labels from poisons."

 

Offline niffiwan

  • 211
  • Eluder Class
The extension seems to check stopforumspam among others, and with the apparent success of the stopforumspam plugin here, I tend to think that it would be a good choice, with the only problem is that it's listed as for 1.6 when the current is 1.5.5, so either a manual update or a backported package would be needed.

Isn't the wiki on 1.15.5?
Creating a fs2_open.log | Red Alert Bug = Hex Edit | MediaVPs 2014: Bigger HUD gauges | 32bit libs for 64bit Ubuntu
----
Debian Packages (testing/unstable): Freespace2 | wxLauncher
----
m|m: I think I'm suffering from Stockholm syndrome. Bmpman is starting to make sense and it's actually written reasonably well...

 

Offline rev_posix

  • Administrator
  • 213
  • I have the password to your shell account...
    • Trials and Tribulations
The extension seems to check stopforumspam among others, and with the apparent success of the stopforumspam plugin here, I tend to think that it would be a good choice, with the only problem is that it's listed as for 1.6 when the current is 1.5.5, so either a manual update or a backported package would be needed.

Isn't the wiki on 1.15.5?
Yep.  Believe I covered that as well, which is why I mentioned the manual update or backport (if it exists) option.   :p
--
POSIX is fine, as is Rev or RP

"Although generally it is considered a no no to disagree with a mod since it's pretty much equivalent to kicking an unpaid janitor in the nuts while he's busy cleaning up somebody elses vomit and then telling them how bad they are at cleaning it up cause you can smell it down the hall." - Dennis, Home Improvement Moderator @ DSL Reports

"wow, some people are thick and clearly can't think for themselves - the solution is to remove warning labels from poisons."

 

Offline niffiwan

  • 211
  • Eluder Class
Ah - sorry about that - shouldn't post when sick and feeling woozy  ;)
Creating a fs2_open.log | Red Alert Bug = Hex Edit | MediaVPs 2014: Bigger HUD gauges | 32bit libs for 64bit Ubuntu
----
Debian Packages (testing/unstable): Freespace2 | wxLauncher
----
m|m: I think I'm suffering from Stockholm syndrome. Bmpman is starting to make sense and it's actually written reasonably well...

 

Offline jr2

  • The Mail Man
  • 212
  • It's prounounced jayartoo 0x6A7232
    • Steam
I found one site to be using animated CAPTCHAs (GIFs, I presume?)  Could these be used?

 

Offline TopAce

  • Stalwart contributor
  • 212
  • FREDder, FSWiki editor, and tester
Also why do bots register and not post until the following day? Makes no sense to me.

And say hello to our newest user Spaz static, who might as well have been banned on grounds of "suspicious username", but eventually made a valid, useful edit to Bearbaiting. That's why I don't believe in preemptive strikes.
My community contributions - Get my campaigns from here.

I already announced my retirement twice, yet here I am. If I bring up that topic again, don't believe a word.

 

Offline Goober5000

  • HLP Loremaster
  • 214
    • Goober5000 Productions
After dealing with spambots a while, you begin to get an intuitive feel for the kinds of usernames they choose.  Most are clear-cut spam vs. not spam.  Some are borderline, such as ZulemaAmacker and Spaz static.  To be on the safe side, I didn't ban the former and wouldn't have banned the latter.

The kinds of clear-cut names I'm talking about are ones like Gcodylynnc and Sanders Dowdy, both of which I would have banned on sight and both of which turned out to be spammers.

 

Offline jr2

  • The Mail Man
  • 212
  • It's prounounced jayartoo 0x6A7232
    • Steam
I found a solution to the spam-bot problem:

We put Goober's brain in a jar and hook it up to the registration function of the forums.  :lol:

 

Offline Mongoose

  • Rikki-Tikki-Tavi
  • Global Moderator
  • 212
  • This brain for rent.
    • Steam
    • Something
"One day they woke me up/So I could live forever"

 

Offline Androgeos Exeunt

  • Captain Oblivious
  • 212
  • Prevents attraction.
    • Wordpress.com Blog
My blog

Quote: Tuesday, 3 October 2023 0133 UTC +8, #general
MP-Ryan
Oh you still believe in fairy tales like Santa, the Easter Bunny, and free market competition principles?