dKosopedia admin wrote:
Of the 17000 registered users on my site, over 10000 are spambot registrations. We monitor edits pretty closely (though obviously not registrations, which will change), so of those 10000 spambot users, no more than 20 have actually edited a page, all starting on Oct 10th. (We caught it prett quickly.)
So it seems as if I should be able to feed my wiki a list of user and have it delete those users, if, as in this case, I am *absolutely* sure none of these users have edited pages.
I know it's not a solution, but since I've seen a few edits on my wiki in such cases, I zapped all users with the FooooBaarr name format. I did a MySQL query to grab all the 10 character user IDs where the user ID and the real name were the same (and where it wasn't the one real user who just happened to get caught with this same general format name). With these IDs, I created a script to run changePassword.php (in the /wiki/maintenance/ directory) for every such user. This replaced all the passwords with one I know so these bots can't sign in. I then used SQL to rename the users to zzFooooBaarr so they sort to the bottom in the User List page.
Still there, but unusable by the spammers and not interfering with regular users.
I put the reCaptcha extension in place to try to defeat the bots from making new user IDs.
Mike