As a spam defence for Wikimania, we disallowed local account generation,
and just leverage WMF's SULs, similarly did the same for wikidata-test
to great effect. The one thing that we did was to change the login link
to point to somewhere they could create an account.  Great success,
though not 100% effective against manual spammers, or those that trawl.
If allowable, I would also suggest that you leverage the other global
settings like title and spam blacklist, and global abusefilter.
------ Original Message ------
From: "Denny Vrandečić" <dvrandecic(a)wikimedia.org>
To: "Cloud" <cloud(a)lists.wikimedia.org>
Sent: 22/04/2021 3:59:12 AM
Subject: [Cloud] Help with a MediaWiki instance on WMCloud - spammers
I have a MediaWiki instance running on WMCloud:
Is there some recipe or instruction available somewhere on how to
More specifically, about a week ago, spammers discovered it. I would
like to use WSOAuth and PluggableAuth or something similar in order to
allow only logins by users with a Wikimedia account, and only allow
edits by logged in users.
On a shorter notice, as a stop gap, I would like to disallow account
creation by non-logged-in users and edits by non-logged in user, so I
can at least stop new spam creation and clean up the existing one.
I am very confused by Puppet, have a rough idea what Vagrant is, and
think I have a stable understanding of MediaWiki maintenance. Any help
or pointers would be much appreciated.
This email has been checked for viruses by Avast antivirus software.