Spam bots are creating accounts on my music wiki (http://www.blazemonger.com/GG/Special:RecentChanges). What is the best extension to prevent this? I installed ConfirmEdit and tried the default CAPTCHA (SimpleCAPTCHA) but it didn't stop the bots. Before I experiment with the many other options, I thought I'd ask what people recommend.
Fortunately the bots can't edit articles, just create useless accounts.
Thanks, DanB
I ended up linking accounts on my wiki to the associated SMF forum. Since the account creation there human moderated, I've had zero bot accounts on the wiki since. Now I just need to go through and clean out the bots from the wiki.
Erik
-----Original Message----- From: Daniel Barrett Sent: Monday, February 27, 2012 11:57 To: MediaWiki announcements and site admin list Subject: [Mediawiki-l] CAPTCHA recommendation for account-creation bots?
Spam bots are creating accounts on my music wiki (http://www.blazemonger.com/GG/Special:RecentChanges). What is the best extension to prevent this? I installed ConfirmEdit and tried the default CAPTCHA (SimpleCAPTCHA) but it didn't stop the bots. Before I experiment with the many other options, I thought I'd ask what people recommend.
Fortunately the bots can't edit articles, just create useless accounts.
Thanks, DanB
_______________________________________________ MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
You can try ReCaptcha but I found that questy captcha works really well. I just ask the user a really dumb question like where is Tokyo?
________________________________ From: Daniel Barrett danb@VistaPrint.com To: MediaWiki announcements and site admin list mediawiki-l@lists.wikimedia.org Sent: Monday, February 27, 2012 9:57 AM Subject: [Mediawiki-l] CAPTCHA recommendation for account-creation bots?
Spam bots are creating accounts on my music wiki (http://www.blazemonger.com/GG/Special:RecentChanges). What is the best extension to prevent this? I installed ConfirmEdit and tried the default CAPTCHA (SimpleCAPTCHA) but it didn't stop the bots. Before I experiment with the many other options, I thought I'd ask what people recommend.
Fortunately the bots can't edit articles, just create useless accounts.
Thanks, DanB
_______________________________________________ MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
My experience is that ReCaptcha is broken and the spammers pass it. My best experience is with questy captcha as well. You can ask for something in the interface or some simple question like "How many ears have got tree elephants?"
El dl 27 de 02 de 2012 a les 10:35 -0800, en/na 2007@gmaskfx.com va escriure:
You can try ReCaptcha but I found that questy captcha works really well. I just ask the user a really dumb question like where is Tokyo?
From: Daniel Barrett danb@VistaPrint.com To: MediaWiki announcements and site admin list mediawiki-l@lists.wikimedia.org Sent: Monday, February 27, 2012 9:57 AM Subject: [Mediawiki-l] CAPTCHA recommendation for account-creation bots?
Spam bots are creating accounts on my music wiki (http://www.blazemonger.com/GG/Special:RecentChanges). What is the best extension to prevent this? I installed ConfirmEdit and tried the default CAPTCHA (SimpleCAPTCHA) but it didn't stop the bots. Before I experiment with the many other options, I thought I'd ask what people recommend.
Fortunately the bots can't edit articles, just create useless accounts.
Thanks, DanB
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l _______________________________________________ MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 27/02/12 18:35, 2007@gmaskfx.com wrote:
You can try ReCaptcha but I found that questy captcha works really well. I just ask the user a really dumb question like where is Tokyo?
Questy has dropped our spam to almost nil. The nice thing is that you can define a few such simple questions, and have them randomly offered, making "learning" more difficult for spammers.
Anne
- -- Need KDE help? Try http://userbase.kde.org or http://forum.kde.org
Thanks to everyone for your recommendations. I switched to QuestyCaptcha and the spam account-creations have stopped for the past 24 hours. A good sign.
DanB
Before I experiment with the many other options, I thought I'd ask what people recommend.
Hi Dan,
I don't have any experience with MediaWiki antispam solutions but with Drupal I use http://drupal.org/project/spamicide: "Spamicide adds an input field to each form then hides it with css, when spam bots fill in the field the form is discarded."
That's not only much more userfriendly as it doesn't require any extra effort from the user but quite effectiv for preventing spam. I shouldn't be to difficult to use the same mechanism in an extension.
hth Frank
I shouldn't be to difficult to use the same mechanism in an extension.
And here it is: http://www.mediawiki.org/wiki/Extension:SimpleAntiSpam ;-)
On Mon, 27 Feb 2012 11:19:48 -0800, Frank Ralf Frank.Ralf@gmx.net wrote:
Before I experiment with the many other options, I thought I'd ask what people recommend.
Hi Dan,
I don't have any experience with MediaWiki antispam solutions but with Drupal I use http://drupal.org/project/spamicide: "Spamicide adds an input field to each form then hides it with css, when spam bots fill in the field the form is discarded."
That's not only much more userfriendly as it doesn't require any extra effort from the user but quite effectiv for preventing spam. I shouldn't be to difficult to use the same mechanism in an extension.
hth Frank
We have that too: https://www.mediawiki.org/wiki/Extension:SimpleAntiSpam
But if the bot is smart enough to register for accounts and handle captchas, it might not be easily tripped up by such a simple measure.
"Sent via BlackBerry from Smart"
-----Original Message----- From: "Daniel Friesen" lists@nadir-seen-fire.com Sender: mediawiki-l-bounces@lists.wikimedia.org Date: Mon, 27 Feb 2012 11:23:25 To: mediawiki-l@lists.wikimedia.orgmediawiki-l@lists.wikimedia.org Reply-To: daniel@nadir-seen-fire.com, MediaWiki announcements and site admin list mediawiki-l@lists.wikimedia.org Subject: Re: [Mediawiki-l] CAPTCHA recommendation for account-creation bots?
On Mon, 27 Feb 2012 11:19:48 -0800, Frank Ralf Frank.Ralf@gmx.net wrote:
Before I experiment with the many other options, I thought I'd ask what people recommend.
Hi Dan,
I don't have any experience with MediaWiki antispam solutions but with Drupal I use http://drupal.org/project/spamicide: "Spamicide adds an input field to each form then hides it with css, when spam bots fill in the field the form is discarded."
That's not only much more userfriendly as it doesn't require any extra effort from the user but quite effectiv for preventing spam. I shouldn't be to difficult to use the same mechanism in an extension.
hth Frank
We have that too: https://www.mediawiki.org/wiki/Extension:SimpleAntiSpam
But if the bot is smart enough to register for accounts and handle captchas, it might not be easily tripped up by such a simple measure.
ReCAPTCHA is so conceptually flawed that it would be a poor solution even if it weren't cracked. FancyCaptcha is good (but still at least sometimes bypassed in practice), but the requirements for setting it up put it out of reach for many wikis. I'm a fan of QuestyCaptcha, but I'm biased. :-)
On Mon, Feb 27, 2012 at 2:23 PM, Daniel Friesen lists@nadir-seen-fire.com wrote:
But if the bot is smart enough to register for accounts and handle captchas, it might not be easily tripped up by such a simple measure.
Has anybody taken a comprehensive look at the effectiveness of various solutions in practice? Of particular importance would be determining whether CAPTCHAs are usually broken in the wild via OCR or by farming them out to humans.
On 28/02/12 00:32, Benjamin Lees wrote:
ReCAPTCHA is so conceptually flawed that it would be a poor solution even if it weren't cracked. FancyCaptcha is good (but still at least sometimes bypassed in practice), but the requirements for setting it up put it out of reach for many wikis.
I think you could generate the captcha images locally and upload them to the server. It's much easier to fullfil the python requisites at the user box than in the server. I don't think it has been proposed before, though. But with a good documentation, that could be a much nice path for FancyCaptcha users.
On Mon, Mar 5, 2012 at 4:32 PM, Platonides Platonides@gmail.com wrote:
I think you could generate the captcha images locally and upload them to the server. It's much easier to fullfil the python requisites at the user box than in the server. I don't think it has been proposed before, though. But with a good documentation, that could be a much nice path for FancyCaptcha users.
That approach certainly works, but given how difficult the average user (especially the average user on shared hosting) finds the process, I'm not sure how practical it would end up being. But document it and prove me wrong. :-)
It could also be possible to replace the Python script with something written entirely in PHP, using GD or whatever. Maybe. But if it turns out that bots are getting through it just as easily as reCAPTCHA, then there's not much point.
On Mon, Feb 27, 2012 at 9:57 AM, Daniel Barrett danb@vistaprint.com wrote:
Spam bots are creating accounts on my music wiki ( http://www.blazemonger.com/GG/Special:RecentChanges). What is the best extension to prevent this? I installed ConfirmEdit and tried the default CAPTCHA (SimpleCAPTCHA) but it didn't stop the bots. Before I experiment with the many other options, I thought I'd ask what people recommend.
Fortunately the bots can't edit articles, just create useless accounts.
Thanks, DanB
Requiring OpenID for new accounts is also effective. http://www.mediawiki.org/wiki/Extension:OpenID
mediawiki-l@lists.wikimedia.org