|
[dokuwiki]
||
[Date Prev]
[11-2006 Date Index]
[Date Next]
||
[Thread Prev]
[11-2006 Thread Index]
[Thread Next]
[dokuwiki] Anti spam brainstorming
- From: Andreas Gohr <andi@xxxxxxxxxxxxxx>
- To: dokuwiki@xxxxxxxxxxxxx
- Date: Thu, 9 Nov 2006 22:35:23 +0100
Hi *!
As you may have noticed, DokuWiki was hit by large automated spam
attacks several times recently and we need to think how we can prevent
this in the future without loosing the openess of the Wiki.
What follows here is a braindump of my ideas and actions. I like to get
as many input and ideas from you on what we can do better in DokuWiki
to fight spam.
I like to find solutions against automated spam without using CAPTCHAS
first but we possibly should create a CAPTCHA plugin anyway. I will
have a look in how to convert the CAPTCHA from MTC to a DokuWiki plugin.
As a first start I just added my revert plugin to darcs. It's in a very
rough state and needs to be improved, but I think we need to include
this functionality in the next release to give people a way to quickly
revert spam.
I asked at the WikiMatrix forum [1] for other Wiki authors solutions.
Peter Thoeny pointed me to a blacklist [2] used by MoinMoin, TWiki and
MediaWiki. This list is much bigger than the one from chonqued which
DokuWiki uses currently. But both lists differ - using both results in
blacklist of about 400kb - quite heavy. And a blacklist is no 100%
safety.
I also experimented with the Akismet service but the results are
disappointing. It would have blocked the most recent attack right away.
But unfortunately it blocks many many valid edits as well, so this is
not usable currently. Maybe it could be combined with a CAPTCHA
mechanism.
Checking the splogspot [6] could be an idea as well.
Another idea is to implement some surge protect against many edits in a
short time. The recent spammings used many different IP addresses so we
can not bind this to a post-per-ip limit. Any ideas?
Some Wikis implement another check which do not allow posting too much
links in one edit. But I doubt this would work too well and would only
encourage spammers to post their links one by one, making reverting
even harder.
The ip's used seem to be either trojaned PCs or open proxies. The bad
behavior plugin already checks some blackhole lists but those blacklists
are for open mail relays. Maybe a different blackhole list like [5]
could work better. Problem with those lists are legit users getting a
blocked dynamic IP address.
Maybe we can learn from the methods used in fighting email spam.
Bayesian filters might work but training them might prove complicated.
We could also try to check against Vipul's razor [7].
okay, brain dumped. Please comment on those ideas and please add your
own.
[1] http://www.wikimatrix.org/forum/viewtopic.php?pid=645
[2] http://arch.thinkmo.de/cgi-bin/spam-merge
[3] http://wiki.splitbrain.org/plugin:akismet
[4] http://wiki.splitbrain.org/plugin:badbehaviour
[5] http://www.gearhack.com/Articles/FightSpam/
[6] http://splogspot.com/pages/dump
[7] http://razor.sourceforge.net/
--
http://www.splitbrain.org
|
|
