While not everybody is able to reduce their profit margins as Christ and Tim said, everyone running a MediaWiki wiki can experiment and document best practices. MediaWiki already has many defense tools, but they're often unknown or hard to use (as this very thread shows). One site I reached from the link in the original post sells at 40 $/6 months a list of a couple thousands wikis which have no captcha at all on registration and a few hundreds which don't have rel=nofollow... The owners of those wikis need some better reading. A few days ago I refactored/updated https://www.mediawiki.org/wiki/Manual:Combating_spam ; help is needed to coordinate it better with https://www.mediawiki.org/wiki/Manual:Combating_vandalism . My main question is whether IP blacklists help stop all those proxies with dozens thousands ever-changing IPs sold for spammers' use, or are just a CPU sink. On CAPTCHAs, we already know that FancyCaptcha is useless, but it's not clear what to do. A tour I did across 500 wikis some time ago seemed to show that QuestyCaptcha is vastly superior to the other options, for the average wiki. https://www.mediawiki.org/wiki/Thread:Extension_talk:ConfirmEdit/Wikis_account_registration_tour If confirmed, it could be made the default in the installer, which could also make the user set custom questions in the install process itself and encourage frequent update of the questions.
Nemo