While not everybody is able to reduce their profit margins as Christ and
Tim said, everyone running a MediaWiki wiki can experiment and document
best practices. MediaWiki already has many defense tools, but they're
often unknown or hard to use (as this very thread shows).
One site I reached from the link in the original post sells at 40 $/6
months a list of a couple thousands wikis which have no captcha at all
on registration and a few hundreds which don't have rel=nofollow... The
owners of those wikis need some better reading.
A few days ago I refactored/updated
https://www.mediawiki.org/wiki/Manual:Combating_spam ; help is needed to
coordinate it better with
https://www.mediawiki.org/wiki/Manual:Combating_vandalism . My main
question is whether IP blacklists help stop all those proxies with
dozens thousands ever-changing IPs sold for spammers' use, or are just a
CPU sink.
On CAPTCHAs, we already know that FancyCaptcha is useless, but it's not
clear what to do. A tour I did across 500 wikis some time ago seemed to
show that QuestyCaptcha is vastly superior to the other options, for the
average wiki.
<https://www.mediawiki.org/wiki/Thread:Extension_talk:ConfirmEdit/Wikis_account_registration_tour>
If confirmed, it could be made the default in the installer, which could
also make the user set custom questions in the install process itself
and encourage frequent update of the questions.
Nemo