[Mediawiki-l] how do I restrict the length of usernames?
Frederick Grose
fgrose at gmail.com
Tue Feb 8 20:56:19 UTC 2011
On Tue, Feb 8, 2011 at 1:54 PM, 2007 at gmaskfx.com <2007 at gmaskfx.com> wrote:
> I've tried every flavor of confirmedit and none of them seem block the
> worse offenders. I tried ReCaptcha but now the bots or the person determined
> to get around that get through and post their spam anyway. If I could I'd
> have several of these at once just for account creation.
>
> I'm trying the question based one now and hopefully that won't be too hard
> for the people I want to actually edit the wiki.
>
> Speaking of questy captcha.. is it possible to have one question and
> several answers?
>
> $wgCaptchaQuestions[1] = array( 'question' => "Question?", 'answer' =>
> "answer1", 'answer' => "answer2", 'answer' => "answer3" );
>
> --- On Tue, 2/8/11, Łukasz Garczewski <tor at wikia-inc.com> wrote:
>
> > From: Łukasz Garczewski <tor at wikia-inc.com>
> > Subject: Re: [Mediawiki-l] how do I restrict the length of usernames?
> > To: "MediaWiki announcements and site admin list" <
> mediawiki-l at lists.wikimedia.org>
> > Date: Tuesday, February 8, 2011, 12:43 PM
> > On Tue, Feb 8, 2011 at 7:36 PM, 2007 at gmaskfx.com
> > <2007 at gmaskfx.com>
> > wrote:
> > > Uh thanks for the help.. just getting frustrated
> > because I'm getting hammered with spam and I have tried
> > everything in the manual and little of it is helping.
> >
> > Try installing the ConfirmEdit extension. That should help.
> > :)
> >
> > http://www.mediawiki.org/wiki/ConfirmEdit
> >
> > --
> > Lucas 'TOR' Garczewski
> > Wikia Tech Team
>
We suffered many attacks and fortunately had the OpenID login extension,
http://www.mediawiki.org/wiki/Extension:OpenID
installed and so decided to disable native wiki account creation with this
in LocalSettings.php:
# Prevent new user registrations except by sysops
$wgGroupPermissions['*']['createaccount'] = false;
Then updated MediaWiki:Loginprompt to
suggest that new users create accounts with an OpenID.
This seems to repel the attacks.
Many users will already have OpenID authentication via their email accounts
or other popular web sites.
--Fred
More information about the MediaWiki-l
mailing list