On Wed Dec 03 2014 at 8:57:38 PM MZMcBride z@mzmcbride.com wrote:
Steven Walling wrote:
MZ: you mean removing just for account creation right? There is also a CAPTCHA delivered on external link addition for some editors–I think IPs and users not autoconfirmed. This is probably a lot more important for combating spam.
For testwiki, we actually set $wmgEnableCaptcha to false, which disabled both ConfirmEdit and FancyCaptcha entirely. My suspicion is that we need "enhanced spam protection" only on larger wikis and on a few smaller wikis that happen to be the target of spammers for whatever reason. Even on sites that are frequent spam targets, smarter heuristics, as Robert suggests, and existing tools such as AbuseFilter may be sufficient.
Yeah I agree it doesn't matter on testwiki to turn it off 100%. I'd suggest we not do that for larger wikis though.
There are about a million IP edits a month on English Wikipedia alone, last time we checked.[1] If we increased anonymous bot spam by even only 1/10th of the total number of edits before we managed to put IP blocks in place, that's still 100k edits worth of spam. And we might not want to use something like Special:Nuke on an IP, since it may be shared with legit edits. However, for account creation, there were only ~21,000 registrations last month and it's automatically rate limited by IP even without CAPTCHA, so experimenting in that area is much safer.
1. https://meta.wikimedia.org/wiki/Research:Anonymous_editor_acquisition/Volume...
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l