Talk:Main Page/Archive 3

From Discworld MUD Wiki
Jump to: navigation, search
Filing cabinet.gif This is an archive of past discussions. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page, and link to sections in this page if neccessary.

Anonymous users and spam

Should we consider disabling anonymous editing to reduce spam? Do we feel that anyone is likely to particularly want to make anonymous contributions? Personally, I'd like it because it would stop me making edits while logged out, but it would also mean much less despamifying. A CAPTCHA extension may also be useful, but there are valid points against it. See also Mediawiki manual: combating spam. -Taepha 07:29, 24 July 2009 (UTC)

Proactive or Reactive? Unless it becomes a real problem, I think it's better to react to it case by case. If it becomes a major issue then is the time to consider proactive solutions. As far as I know we've only had one instance? Zexium 10:33, 24 July 2009 (UTC)
Rather a few more than one, and I'm a big fan of proactive. ;) See Special:Log/block for a list of IPs we've blocked (most are spammers, and some committed multiple instances of spamming). It also seems to be getting worse. I've blocked eight IPs today, not that doing that helps. I'm currently protecting (making user-editable only) pages after a few attacks, as once the bots start on a page, they won't stop. Special:RecentChanges seems to be filling up with spam and spam fixing. -Taepha 10:56, 24 July 2009 (UTC)
ns and whois lookups suggest that these may be botnets. Whether knowing this helps or not I don't know. Zexium 11:47, 24 July 2009 (UTC)
Yesterday I would have agreed with a reactive stance; today we got a whole bunch of spam dumped on us. I had thought that the spam bots were naively targetting direct links from the main page (makes sense - they have less computational work to do that way), in which case simply protecting all links from the main page would have worked nicely. Unfortunately, today's aren't following that pattern.
For now, I've pre-emptively protected the main page - it's a very obvious spammer target, and I'm slightly surprised it hasn't been hit already.
In the long run, we want a solution which:
  • Will stop most of the spam (I doubt we can stop all of it)
  • Won't discourage people from just coming along and editing.
To that end, I think it's possible to use captcha without being heavy-handed about it - one of the common wiki captcha options is to require it for edits made from non-confirmed accounts which are attempting to insert links to 'unrecognized external sites'. This would have blocked all the spam we've had so far, with a pretty minimal effect on legitimate edits (especially if 'discworld.atuin.net' is a 'recognized external site'), so would be pretty much ideal. That would get my vote.
--Chat 17:33, 24 July 2009 (UTC)
Happy to agree, although do I even have a vote anyway :) Zexium 17:57, 24 July 2009 (UTC)
A low level captcha would be a good approach. We will have to make some sacrifices which may discourage random editing, but that's unavoidable if we want to stop the spam. We could add a limited protection and if that doesn't stop the majority of the vandalism we could step up to a higher level. Using captcha on adding external links would not solve every problem though, as there seems to be a lot of gibberish vandalism. Rehevkor 19:32, 24 July 2009 (UTC)
I'm for the captcha option as well; this is getting ridiculous. But looking at the history I do see a few legitimate edits by anonymous users, so it doesn't seem the right thing to block anons entirely. --Ilde 19:56, 24 July 2009 (UTC)
Blocking anons entirely should never be an option. But we will probably have to limit it in some way. Rehevkor 20:14, 24 July 2009 (UTC)

As an aside, I managed to get the files pointed to on wiki.ubuntu.com by the linkspan (which were malware aimed at windows, what a surprise) removed, and hopefully ubuntu.com web admins will be improving their own security .... maybe it's worth remembering for an incident like this that other websites might be affected and we may be in a position to warn them too ..... Zexium 00:33, 25 July 2009 (UTC)

I know what might be useful. If the wiki could announce recent changes using an irc channel on taffyd.sydmud.com. Probably just a flight of fantasy though. Zexium 13:36, 10 August 2009 (UTC)

There's always the RSS feed:
feed://discworld.imaginary-realities.com/w/index.php?title=Special:RecentChanges&feed=rss
-Taepha 23:57, 10 August 2009 (UTC)

We're getting pounded with spam again; I've had to block 9 IPs in the last 48 hours :(

Any progress on the CAPTCHA issue? --Chat 09:40, 14 September 2009 (UTC)

Maybe instead of a CAPTCHA, etc., we could do what TV Tropes does: disallow edits from non-logged in users, but have a default "anonymous" login (with the username and password shown in the "You need to log in to edit" message). Would that be an easier thing to set up? It seems to work well for them. --Ilde 23:37, 14 September 2009 (UTC)

Well, wasn't that fun. I've just finished dealing with a very large spam influx - I think I've blocked/deleted/protected more IPs/pages today than the sum of all block/delete/protected by everyone previously.
My analysis of the pages hit suggests that the spambots are all following the same algorithm:
  1. Start at main page
  2. Follow any link to another page
  3. Follow any link from that page to another page
  4. Edit and spamify
In other words, all pages hit are within two links of the main page. Unfortunately, this encompasses a vast number of pages. I've pre-emptively protected all the pages that are immediately linked from the main page, but there are simply too many for me to deal with all the second-degree links.
If we get much more spam on this scale, then we're going to be overwhelmed, so I think the case for installing some kind of anti-spam extension is becoming urgent.
--Chat 18:17, 9 October 2009 (UTC)
I hope to god that was a one off. I don't envy you having to deal with that. Further measures to stop spam will be essential is it continues on that level. Rehevkor 01:18, 10 October 2009 (UTC)


Woe, looks like the spam bots got into the Special:WantedPages list and started creating many of those with spam. :(

If there's a large proportion of the spam on pages in talk and research namespaces like it seems to be, perhaps disallow anonymous users to create talk or other namespaces pages?

Otherwise if they target uncreated pages, maybe a bot could make stubs? --Frazyl 23:45, 21 April 2010 (UTC)

Nah, looks like they're still following the 'two links from the front page' algorithm. They got to all those weapons through Main Page->Wanted weapons->* This is also why they hit talk/research a lot. There are simply too many potential pages for a bot to stub, and the spambots don't seem to care whether the page already exists or not, so creating them would be largely pointless in any case.
--Chat 23:53, 21 April 2010 (UTC)
Urgh. Well, I've removed the red links from wanted weapons, so hopefully that will help nip some of it in the bud. --Ilde 00:37, 22 April 2010 (UTC)
ETA: Links are back, and those pages are now all protected. For future reference, I did this by using find and replace to turn all the page names into links starting with http://discworld.imaginary-realities.com/w/index.php?title=, having the title in the middle, and having &action=protect&mwProtect-level-create=autoconfirmed&mwProtect-reason=preemptive at the end. That makes it so that the correct protection level is selected and "preemptive" is given as a reason, and all you have to do is click confirm. Probably the easiest way to do a bunch of these without actually writing a bot for it. --Ilde 03:33, 22 April 2010 (UTC)

To bring up the CAPTCHA issue again, I think this extension would work great and be a big help. It appears to only trigger when an edit includes an external link, and it has an audio version for accessibility. I'm not sure, but it seems we might even be able to create a whitelist of allowed sites, too, since the extension it's based on lets you do this. Whitelisting Kefka's site would probably take care of most legitimate anonymous edits with links. --Ilde 06:14, 22 April 2010 (UTC)

I think it would be fair to add a captcha of some kind, especially if it's only there when adding links to outside the wiki (possibly user registration too?) and if we can exclude Kefka's site, the priest wiki, the Tm wiki and the Discworld Mud web site we shouldn't need to see it very often. We can always add more sites to the white list too.
This should nicely prevent sudden deluge of spam edits when they find more pages for whatever reasons.
Semiprotecting pages being rather limited, time consuming and preventing valid unregistered users to edit pages doesn't make the status quo all that glamorous.
--Frazyl 06:43, 22 April 2010 (UTC)
Sounds good. Spam is starting to get silly, need to do something about it. Rehevkor 12:37, 22 April 2010 (UTC)


Hurray, the captcha is up and seems to be working! :) Thanks Drakkos!

Seems like the white list talk page at MediaWiki talk:Captcha-addurl-whitelist can only be edited by sysop?

When the whitelist does work I think these urls should probably go in because they are linked to a lot:

discworld\.atuin\.net/               # Official discworld mud site
discworld\.imaginary-realities\.com/ # This wiki and subsites
daftjunk\.com/                       # Kefka's site, maps, itemdb
dwpriests\.com/                      # Priests Guild Wiki, all rituals link there
disc-wizards\.com/                   # New spellcheck site, all wizard spells link there
tmwiki\.firstserved\.net/index\.php/ # TM Project wiki, for skills tm info and misc pages

Also, should some of the pages protected because of spam be unprotected now so unregistered users can contribute or is that a bad idea?

--Frazyl 20:00, 8 August 2010 (UTC)

Probably a good idea... it is nice for actual people to be able to make legitimate edits without creating accounts. --Ilde 21:25, 8 August 2010 (UTC)
I have added it although it's not working according to the talk page? Rehevkor 00:01, 9 August 2010 (UTC)
I have removed the protection on the talk page. Can you guys conform you can/can't edit the whitelist itself? It seems to have some automatic protection but I'm unsure of the level. Rehevkor 00:15, 9 August 2010 (UTC)
Confirmed I can't edit the whitelist, it just gives show source. Also confirm that the whitelist does appear not to be working, added a page with a link to discworld.atuin.net and it put a captcha. Not sure why it wouldn't work. --Frazyl 04:35, 9 August 2010 (UTC)

Ack, something seems to have changed how the captcha without javascript works. If you have discworld.imaginary-realities.com allowed now you also need to allow javascript from recaptcha.net and google.com and the field to enter the challenge presents black text on black background. :( --Frazyl 19:36, 9 August 2010 (UTC)

Sidebar

I've just spotted that the contents of the sidebar (that's the bit on the left with navigation/search/toolbox) can be changed.

Does anyone have any suggestions for things they'd like to see added/removed from it?

FWIW:

  • I think we should probably do away with current events and random page - the former isn't really used; the latter I doubt gets much use either, and causes some problems on its own (quest spoilers, spam portal).
  • Adding status to the sidebar sounds like a good idea.

--Chat 21:39, 14 May 2010 (UTC)

Yes those changes sound good. --Frazyl 20:58, 16 July 2010 (UTC)

Sounds good to me. --Ilde 00:42, 21 August 2010 (UTC)
Need to edit MediaWiki:Sidebar, it's read only for me. --Frazyl 03:04, 21 August 2010 (UTC)
...Huh. I thought it was read-only for me, too, but it turns out it just had "create" instead of "edit" for some reason. --Ilde 03:18, 21 August 2010 (UTC)
  • Actually, a lot of us like the random function - I used it to find new stuff. Quests are blanked out anyhow, so people should only be getting spoiled if they want to.

Please, can we have it back? ;_; Helaena 09:20, 27 August 2010 (UTC)

Oh... well, I guess if people use it, maybe it's worth having linked there. Especially since our spam problems seem to be mostly gone (knock on wood). There's been talk of separating out quests so they're each on their own page without being spoilered out, though, so in that case the random page would be more problematic. I think I can get it on there again. --Ilde 09:41, 27 August 2010 (UTC)
The quests would be in another namespace if we make non-blanked individual quest pages. As far as I know random only picks real pages (not redirects) in the main namespace. So no problem. --Frazyl 19:32, 27 August 2010 (UTC)

Database Error

I don't know if this is the place to put this, or if this is just me, but I've been getting this a fair bit when I search:

Database error From Discworld MUD Wiki

You searched for pig (all pages starting with "pig" | all pages that link to "pig") Jump to: navigation, search A database query syntax error has occurred. This may indicate a bug in the software. The last attempted database query was:

   (SQL query hidden)

from within function "". MySQL returned error "145: Table './imagi55_mudwiki/searchindex' is marked as crashed and should be repaired (localhost)".

Karesore 15:26, 29 July 2010 (UTC)

I always get that these days, and I figured Drakkos is probably the only person who can fix it. I mailed him yesterday, but haven't heard anything yet.
--Gunde 16:36, 29 July 2010 (UTC)

As requested a while ago, I installed a captcha for the wiki so as to cut down on all the spam policing y'all have to do. The search feature has been fixed a couple of times, but it doesn't seem to take. I'll keep my eye on it though. Drakkos 20:01, 5 August 2010 (UTC)

Woo! Thanks. And the search thing seems to be working again, too.... --Ilde 21:46, 5 August 2010 (UTC)

DNS problems

I wonder how many people came here when they found they couldn't connect. I did, and found out what the problem was and was able to get connected. Probably wouldn't hurt to make this the defacto place to go to during down times.. Rehevkor 01:31, 30 August 2010 (UTC)

That does rely on someone being able to diagnose the issue, figure out if there are workarounds, and then edit the main page announcement here. I managed to do that this time, but there may not always be someone in a position to do so. --Zexium 15:22, 30 August 2010 (UTC)


Cybersquatter on "*.imaginaryrealities.com"

Just so everyone knows, there is a cybersquater on *.imaginaryrealities.com.

Remember the "-" in the domain name.

If someone wants to contact the abuse email of the ISP of the cybersquater, you can. However it is often an uphill battle getting ISPs to enforce ICANN rules, and might not be worth the frustration. --Ruedii 17:05, 21 September 2010 (UTC)

You can hardly call him a squatter when he got there 9 years before Drakkos (check the whois records)! --Zexium 20:11, 21 September 2010 (UTC)