[Freeipa-devel] FreeIPA wiki - fighting the spammers
Petr Spacek
pspacek at redhat.com
Fri Aug 19 06:43:25 UTC 2016
On 18.8.2016 16:25, Martin Kosek wrote:
> Hello everyone,
>
> As some of you noticed, we had lately an increasing number of spam attacks
> against FreeIPA.org wiki. Even though we did not accept user registration
> through the standard Mediawiki User Creation form (which is often misused by
> attacked) and only allow Fedora users logged in by OpenID, the spam producers
> started to favor this authentication mode too.
>
> This week and especially yesterday, the spam activity was high enough to
> warrant a "drastic change" in how we allow wiki modifications. Me and Petr
> Vobornik had to react quickly yesterday to hundreds of new spam-based pages
> (thanks to Petr for deleting the spam pages, Stephen for altering us and
> Patrick Uiterwijk for advising us!).
>
> As a prevention for future attacks, I also needed to chose the most simple and
> convenient method to stop spammers from editing wiki. This is the result:
>
> - Anonymous and regular users are no longer allowed to create or edit wiki pages
> - Anyone who wants to be able to edit wiki needs to be in a new "editor" group
>
> The full description of new group rights is here:
> http://www.freeipa.org/page/Special:ListGroupRights
>
> I added the contributors active in the last 30 days to the editor group. If
> more people are needed, wiki "Bureaucrats" can it through this form:
> http://www.freeipa.org/page/Special:UserRights
>
> If you do not know who is in the Bureaucrat group, this is the list:
> http://www.freeipa.org/index.php?title=Special%3AListUsers&username=&group=bureaucrat&limit=50
>
> The model I had in mind was that new wiki contributors would ask for access on
> #freeipa IRC channel, when they have some content to be added to the pages. We
> should probably add that suggestion to the wiki somewhere.
>
> I hope this works for you. If you have comments on above or even better ideas
> what is the easiest way to fight spam on our precious wiki, please let me know.
In general I agree.
My attempt to edit "permission denied" error using
http://www.freeipa.org/page/Special:AllMessages
failed so I do not know.
For the beginning, I added note about this new process to
http://www.freeipa.org/page/Contribute#Contribute_documentation
and link to the process page to
http://www.freeipa.org/page/HowTo/Writing_how_to_documentation_on_the_wiki
Now the question is how to make information about getting edit access *really
visible*. Is this enough? I'm not sure.
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list