On Wed Dec 03 2014 at 8:57:38 PM MZMcBride <z(a)mzmcbride.com> wrote:
Steven Walling wrote:
MZ: you mean removing just for account creation
right? There is also a
CAPTCHA delivered on external link addition for some editors–I think IPs
and users not autoconfirmed. This is probably a lot more important for
For testwiki, we actually set $wmgEnableCaptcha to false, which disabled
both ConfirmEdit and FancyCaptcha entirely. My suspicion is that we need
"enhanced spam protection" only on larger wikis and on a few smaller wikis
that happen to be the target of spammers for whatever reason. Even on
sites that are frequent spam targets, smarter heuristics, as Robert
suggests, and existing tools such as AbuseFilter may be sufficient.
Yeah I agree it doesn't matter on testwiki to turn it off 100%. I'd suggest
we not do that for larger wikis though.
There are about a million IP edits a month on English Wikipedia alone, last
time we checked. If we increased anonymous bot spam by even only 1/10th
of the total number of edits before we managed to put IP blocks in place,
that's still 100k edits worth of spam. And we might not want to use
something like Special:Nuke on an IP, since it may be shared with legit
edits. However, for account creation, there were only ~21,000 registrations
last month and it's automatically rate limited by IP even without CAPTCHA,
so experimenting in that area is much safer.
Wikitech-l mailing list