On Wed, Aug 1, 2012 at 12:44 PM, Helmut Hullen <[email protected]> wrote:
> Hallo, Bernhard, > > Du meintest am 01.08.12: > > > I am running a couple of relatively small academic Wikis mainly for > > educational uses at university. Thus there is relatively little > > traffic apart from course time. Nevertheless, some two years ago I > > noticed more and more spam and thus reduced editing rights first to > > registered users, then to users of a special group that need my > > personal acknowledgement. Now, in recent months there is an > > increasing number of new users (robots?) obviously attempting to > > write spam which they do not do but they are kind of spamming the > > lists of registered users. > > Yes - I know these nasty robots ... > > > I could reduce the registration rights but > > on the other hand I want students to register freely in order to > > obtain their editing permissions. Is there a decent way to detect and > > prevent harmful would-be spammers from setting up an account without > > preventing that option for serious users? > > Captcha: didn't work reliable (may be due to my external provider). > > Then I added the following lines > > # reduzieren; 29.5.12 > > $wgGroupPermissions['*']['edit'] = false; > $wgGroupPermissions['user']['edit'] = true; > $wgGroupPermissions['sysop']['edit'] = true; > > # > $wgGroupPermissions['*']['createpage'] = false; > # $wgGroupPermissions['user']['createpage'] = false; > $wgGroupPermissions['user']['createpage'] = true; > $wgGroupPermissions['autoconfirmed']['createpage'] = true; > $wgAutoConfirmAge = 86400 * 4; # 4 Tage oder aelter > # > $wgGroupPermissions['*']['createaccount'] = false; > $wgGroupPermissions['user']['createaccount'] = true; > # > > to "LocalSettings.php"; I have (as sysop/bureaucrat) to create an > account for every allowed user, but that's (in my case) much less work > than cleaning the Wiki every day. > > Maybe these lines can be elaborated ... > > And with a lot of hope and ccordination it may be possible to change the > "createaccount" line for an hour or so and all allowed users have to > create their account within that time. > > Viele Gruesse! > Helmut New account spam can be largely avoided by disabling account creation for new users and transferring authentication to a service such as https://www.mediawiki.org/wiki/Extension:OpenID New account creation is disabled with this line in LocalSettings.php: $wgGroupPermissions['*']['createaccount'] = false; The [[MediaWiki:Loginprompt]] can be updated from its default value to suggest that new users create accounts with an OpenID. Current accounts are unaffected, and new users often already have an account with one of the OpenID providers, http://openid.net/get-an-openid/ Also reported here: https://www.mediawiki.org/wiki/Manual:Combating_spam#Restrict_editing --Fred _______________________________________________ MediaWiki-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
