INTENSE WIKI SPAM

edited November 2010 in JoCo Projects
First of all, I'm sorry if this is the wrong category.

Second of all, the spam on the wiki is COMPLETELY RIDICULOUS. I mean it. I tried to clean up a bunch of it a while back, and now the spambots just steamroll over my two hours of work with their ability to not get tired. And the result is COMPLETELY RIDICULOUS. I'm just wondering: Where are the wiki mods? Are there any? Who manages the wiki? Can they get some spam control in there? Because the spam is COMPLETELY RIDICULOUS. Not only do several hundred pages have to be deleted, but lord knows how many of those spambots there are, and how long it'll take to block all of them, and this whole situation is just COMPLETELY #[email protected]*ING RIDICULOUS.
«1

Comments

  • I guess I'm a mod, but I don't have authority to install the MediaWiki plugins and stuff to handle spam. Sorry for the lack of diligence. Thanks for bringing it (back) to my attention. I will investigate this in the ensuing weeks, pinky-swear.
  • Just a little gentle bump! :>
    I was just bored and deleted the contents of several spam pages...
  • i've been to the wiki but i don't see any spam.
  • Well, thank god the spam bots don't interfere with the actual JoCo articles and luckily they are not that obvious at first glance...
    But if you just search for 'drugstore' you will find about 120 hits for spam articles about some pills and chemicals, with links to some shady online shops. :-\
  • Just pointing out: it hasn't gotten much better, and all I can do is blank out the spam pages. It would be much better if a mod or something could go through and delete the 500+ spam pages, blank or otherwise, and get the wiki to the point where it is possible to use the random button.
  • Apologies, I am getting hammered by Real Life Obligations (nothing serious, but busy-ness-inducing) at the moment. Is there anyone else on these forums with the knowhow or the free time to develop the knowhow to deal with this programmatically?
  • edited January 2011
    This page is largely Greek to me, and perhaps everyone is already aware of it, but I thought I would provide the link for anyone interested in working on the spam situation:

    http://www.mediawiki.org/wiki/Manual:Combating_spam
  • BryBry
    edited March 2011
    Bumped to say, off I go on my great spam-combatting adventure -- check out the Deletion log and let me know if there's anything I've accidentally deleted I shouldn't have.

    (ETA: Doing a rough pass right now, which will undoubtedly leave a lot of spam, but for now my goal is avoid accidentally deleting good pages, not to delete all the bad pages. Expect results to be somewhat slow.)
  • http://www.jonathancoulton.com/wiki/index.php/Category:Votes_for_Deletion

    There's also this entire category of spam pages only, with plenty still there.


    And thank you so much! I can hit "random page" and NOT get spam now!
  • Yep, my script has been consulting that :) I hadn't realized how much work people had done on the spam-flagging side of things! You guys are really amazing. I keep seeing edits by WashboardSal, SakariNylund, Spektugalo, BLT, and some others -- I'd just like to acknowledge you all and thank you for the help, and sorry if I overlooked someone else who's been helping with the spam.

    (Details: I'd been going through the orphaned pages, using some really broad heuristics to avoid deleting good stuff, but it turns out that most of the pages I needed to delete were already emptied out and just needed to be deleted, so I've been looking at all the short pages for the last few minutes. Deletion is throttled so that JoCo's servers don't get too hammered, and I'm doing some manual eyework before I delete anything, so don't expect miracles here, speed-wise.)

    (Also, some pages are VFD that don't look like they should be -- e.g. my talk page and Lex's talk archive. I wonder why that is?)
  • Just FYI- I am BLT. Glad to know I was able to help out with some of that!

    (Now the wiki feels so zestfully clean!)
  • It is still pretty bad. Is there no way to put in some automated anti-spam measures? It looks like there are 3 to 5 new spam pages being created daily...
  • From the reading I did, it looks like there's no way to automatically prevent spammers from posting without making real users jump through a lot of hoops to edit anything. Since that's sort of antithetical to the wiki spirit, it's generally frowned upon.

    My perception of the current problem is that Bry appears to be the only mod who's still active, and he's too busy with real life to keep on top of the delete button. There's probably a way to have a script clear out the obvious spam on a regular basis, but none of us are wiki experts enough to implement it.
  • Oh, sorry, I can do that, I just haven't been paying attention. I'll take a look tomorrow. I do have a script ready, I'm just not confident enough that it won't delete the wrong things to just let it run. Once I've had some more experience with it I can set it to run daily.
  • Bry - I've been watching the edits over the past week or so, and most of the spam is so egregious that a script could pick it out easily. Even if you set it to only catch the most obvious offenders, the stuff left to be manually deleted would be totally manageable.

    I have faith in you! (:

    (PS - Check your PMs)
  • Bumping this because Bry seems to be around today...

    Can you run that script, pretty please? The spam is getting kind of offensive.
  • Script is not at hand, but I'll take a look once I get home. Thanks for the bump.
  • Try now. Let me know if I missed anything. Especially let me know if you see something I deleted / someone I blocked that/whom I shouldn't have.
  • It's like the wiki took a shower and lost 80 pounds of grime!
  • Grr, yeah, while I was running the script last night I noticed a couple of new pages go up, too.
  • I agree. It's rather insane the way bots vandalize it.
  • Before it was spammers creating new pages, now it is vandals damage existing pages.  This is much worse now...
  • In fact, you might want to make it read only until stricter measures are in place.  The vandalism is quite extensive.
  • @Bry is the only active wiki mod that I know of, and he hasn't been online today. I messaged him earlier about the possibility of giving a few other active wiki editors mod powers, which would help stem the tide.

    I'm ambivalent about removing anonymous editing entirely. While it would help in this particular wave, spammers who create accounts are also common, and many fans who do one-time edits (like adding setlists or links to videos) may be dissuaded if the process is much more involved. Wiki editing is already awfully intimidating for a lot of us.

  • A non-trivial CAPTCHA might be useful here.  Yeah, they suck, but they would likely prevent the current automated vandalism.  In the last 40 minutes, 6 more pages have been vandalized. 
  • Good to hear someone messaged Bry. There's a ton of non-content pages that ought to be deleted (example) and the existing pages are being bombarded as well.

    Regarding anonymous editing, there is a type of addition-related CAPTCHA on the wiki but only for those who try to add links, and this recent string of vandalism is simply inserting random phrases into pages. If we could add a CAPTCHA for all types of anonymous edits the problem would (hopefully) be solved.
  • I was posting some of the Nemeses videos in the wiki. Two of them were made from copyrighted films: the Spider-Man Trilogy and Star Trek: Nemesis. Are these allowed under the fan videos section? My own videos are created from public domain footage on Archive.org.
  • As long as you don't replace whole articles with a random one sentence comment with only a single word misspelled, I think you're fine.
  • Spiked Math has a captcha solution which seems to work pretty well; they ask what the derivative of 2x is with respect to x, and automatically fill in the response using JavaScript, which most bots don't enable. I see the occasional spam post there, but not often, and I think Mike[d Spath] commented somewhere that this works better than the captchas he'd tried previously.

    I wonder if we could have something like, 'What is the name of the assistant of the mad scientist on Skullcrusher Mountain' or something else which would be obvious even to casual JoCo fans ('the ____ is a lie'?), but not to bots, possibly with the answer already filled in the way Spiked Math does it. For bonus points, make it a song lyric involving robots.

  • Struck again. This time the vandal(s) struck the French zombies.
  • Fixed that, but someone has put some weird spam in the base Album details section that must be linked from somewhere else on the Wiki...
  • edited September 2011

    Fixed that... it was the ! template.

    It's almost as if the random-almost-believable-blog-comment bots that I've seen around the place don't realise that it's not a blog.

     

    ETA: @Bry, is it possible to lock all templates somehow, so that they can only be edited by logged-in, preferably experienced editors? An edit in a template can have a huge impact.

  • @Angelastic: It's certainly possible to lock templates (that's what 'protect' is for) but it requires a mod with some free time, which we seem to be short on right now. /:

    I'm not sure @Bry has the permissions to install new captchas—does that need to be done by someone with access to the server? Should we be harassing the JoCo team?
  • edited September 2011
    Maybe somebody could contact somebody over at tmbw.net and see what they do, as it doesn't seem like they have this problem.
  • They are using a CAPTCHA from recaptcha.net, at least for anonymous edits.  I haven't tried non-anonymous.
  • BryBry
    edited September 2011

    This looks like the kind of attack described here: http://www.mediawiki.org/wiki/Manual:Combating_spam#IP_address_blacklists

    We used to have captchas. Captchas were ineffective. Taking them out actually reduced spam for some time.

    Protecting hasn't seemed to work -- I protected "You Ruined Everything" (see http://www.jonathancoulton.com/mediawiki/index.php?title=You_Ruined_Everything&action=history ) but newly registered users were still able to vandalize. But I can give it a try -- what do you want me to protect?

    ETA: Forum registration has also been slammed by spammers -- I'm getting about 50 new applicants a day, most of whom are fake. I'm sorry I'm not more energetic, but I'm not feeling very enthusiastic right now.

  • JoCoPedia used to use Recaptcha as well; while that didn't entirely stop spammers, there's no CAPTCHA on anonymous edits right now, which is just asking for trouble. This needs to be fixed post-haste. @Bry, please tell us if you can fix this; if you can't I'll get JoCo on it ASAP.
  • Sorry for being behind the times, Bry. (I would edit my prior post but this computer only has IE.) This particular type of destructive vandalism could be prevented by CAPTCHAs, so I think there's value in having them added back. There's always going to be vandals, but if a few more people were given power to delete spam pages and accounts there would be less on your shoulders. Is that something you have the ability to grant?
  • Lemme see if I can add mods -- please reply in-thread with your JoCopedia username if you're willing to help out :)

  • I nominate Boring Manager Rob (forum name unknown) and BLT (@BeatlesLover), for their proven dedication to wiki protection. I don't think they would argue with greater ability to do what they already do.
  • I'm Boring Manager Rob on the wiki and I second BLT for a mod. (Craig, Angelastic and Grimoire have also been reverting vandalism recently)
  • Seconded. (I'm willing to help out too, but I've only been editing the wiki sporadically, and don't measure up to the people @chicazul mentioned.)
  • Thanks! (And nice to know who Boring Manager Rob is in this world.) I've promoted volunteers to mod.

    I'll be back soon, I promise.

  • No, thank you. Anyways, I'm in the middle of a nonsense-page purge now.
  • Oh hey, now I can mod!

    Now I won't feel like I'm incapable of doing anything genuinely productive!

    Yay!
  • Bumping this thread for wiki-spam discussion.
  • for informative purposes: i just shot mr. coulton an email about access to localsettings.php, which is basically the control center for the wiki's settings. once someone can edit it, a captcha can be put in place, and anonymous users can be prevented from making new pages. and other things! so, that's pleasant.
Sign In or Register to comment.