Hi Denny,
Have you seen https://www.mediawiki.org/wiki/Manual:Combating_spam or https://www.mediawiki.org/wiki/Manual:User_rights? You might be able to do something like `$wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['*']['createaccount'] = false;`
On Wed, 21 Apr 2021 at 18:59, Denny Vrandečić dvrandecic@wikimedia.org wrote:
Hi all,
I have a MediaWiki instance running on WMCloud:
https://annotation.wmcloud.org/
Is there some recipe or instruction available somewhere on how to manage it?
More specifically, about a week ago, spammers discovered it. I would like to use WSOAuth and PluggableAuth or something similar in order to allow only logins by users with a Wikimedia account, and only allow edits by logged in users.
On a shorter notice, as a stop gap, I would like to disallow account creation by non-logged-in users and edits by non-logged in user, so I can at least stop new spam creation and clean up the existing one.
I am very confused by Puppet, have a rough idea what Vagrant is, and think I have a stable understanding of MediaWiki maintenance. Any help or pointers would be much appreciated.
Thank you! Denny
Wikimedia Cloud Services mailing list Cloud@lists.wikimedia.org (formerly labs-l@lists.wikimedia.org) https://lists.wikimedia.org/mailman/listinfo/cloud