[dokuwiki] Re: Anti spam brainstorming
- From: "Manni from chongqed.org" <manni@xxxxxxxxxxxx>
- To: dokuwiki@xxxxxxxxxxxxx
- Date: Fri, 10 Nov 2006 08:09:02 +0100
Andreas Gohr wrote:
> I like to find solutions against automated spam without using CAPTCHAS
> first but we possibly should create a CAPTCHA plugin anyway. I will
> have a look in how to convert the CAPTCHA from MTC to a DokuWiki plugin.
CAPTCHAs work. And traditional CAPTCHAs suck. Fortunately, even the most
primitive CAPTCHAs work. I don't know why everyone thinks that CAPTCHAs
have to include an image and why man people think that that image must
be as illegible as possible. You could simply include some _text_ that
users must copy and you will beat 100% of all bots out there without
annoying any of your users, even those with visual handicaps, too much.
Something like "Please type these three letters: XYZ". You can make
those three letters random, but today, even three hard-coded letters
will work.
Here's a live example that does work:
http://taint.org/2006/11/09/175718a.html#respond
Please note that as primitive as this might seem, it's still a CAPTCHA.
Just imagine yourself programming a bot that has to figure out the first
name of the person whose blog it tries to spam.
CAPTCHAs don't have to include images.
> Another idea is to implement some surge protect against many edits in a
> short time. The recent spammings used many different IP addresses so we
> can not bind this to a post-per-ip limit. Any ideas?
Not really. But when I think about my dokuwiki at work, I see this idea
very critically: our wiki will only ever see one single IP address and
that's the IP of our gateway.
> The ip's used seem to be either trojaned PCs or open proxies. The bad
> behavior plugin already checks some blackhole lists but those blacklists
> are for open mail relays. Maybe a different blackhole list like [5]
> could work better. Problem with those lists are legit users getting a
> blocked dynamic IP address.
On the wiki.chongqed.org, we use the spamhaus sbl-xbl. It works really
well and catches quite a lot of spam. We just query the combined
blacklist, but I guess that most of the work is done by xbl which has
lots of trojaned IP addresses. Besides, open socks proxies can be used
for link spamming too.
You might also want to experiment with you own primitive version of bad
behavior. Have you checked whether your spammers are actually only using
those input fields that really are there? Some are posting quite a few
cgi params that aren't used on the spammed site. It's also worth
checking whether spammers are posting those parameters that a human
users must use: I'm catching quite a lot of spam because spammers aren't
posting the value of the submit button. In fact, many seem to ignore
buttons completely.
My general advice is to not overdo it. You don't have to come up with
mechanisms that no spammer will ever be able to beat. Implement simple
mechanisms that work with the current generation of bots. The good thing
is that spammers aren't specifically targeting dokuwiki sites. They take
any form they find and then post their URLs into that.
Manni
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist
Other related posts:
