On 27 Jan 2015 at 09:37:57, [email protected]
([email protected](mailto:[email protected])) wrote:
> Hi Edy,
>
> Thanks for starting this investigation.
>
> However I think it’s the wrong one :) IMO we should investigate various
> CAPTCHA solutions but take a larger view at what the problem is. And, as you
> mentioned below, the problem is that of fighting SPAM, especially in
> comments. CAPTCHA is only one solution to solve this problem. And not a very
> effective one apparently.
s/should investigate/shouldn’t investigate/ :)
Thanks
-Vincent
> I haven’t thought that much about it but I can imagine at least 4 other
> solutions that would be interesting to investigate:
>
> 1) When a user is not logged in and wants to post a comment, ask him for his
> name and email address in the comment. After he submits his comment, a mail
> is sent to him for validation and he has to click a link to confirm posting
> the message.
>
> 2) When a user is not logged in and after he clicks submit on a new comment,
> don’t make it active right away, but instead put it on a moderation queue.
> Once his message is approved he’ll then be able to post all further messages
> without approval.
>
>
> At some point I think it would be great to gamify xwiki.org and we could
> imagine giving points to users when they perform interesting actions and the
> more points they get the more authorizations they unlock:
> - registering: 1 point
> - posting the first comment: 1 point. Points required to post a comment: 1
> (otherwise the comment is moderated)
> - first edition of a page: 1 point
> - first page created: 1 point
> - page deleted because not correct: -2 points (page moved: 0 point)
> - every 10 pages edited: 1 point
> - 100 points: permission to create a wiki on myxwiki.org
> - etc
>
>
> 3) Create an Admin UI screen to list all the comments in a livetable, sorted
> by the latest comment by default with action buttons to delete a the revision
> where the comment was addded + mass revision deletion action so that we can
> filter on the comment content and then delete all matching comments at once.
> This is more wiki-like than the other options 1) and 2) above but requires a
> higher amount of maintenance than 1 and 2.
>
> 4) Add the ability to integrate a 3rd-party comment system like intensedebate
> and disqus. FTR I have done that on my blog at myxwiki.org and I almost never
> get spam since they filter it for me: see
> http://massol.myxwiki.org/xwiki/bin/view/Blog/AnonymousComments (wow, time
> flies, this was in 2009 :))
>
> Similar strategies can be applied for registration (at least for 1) - which
> is already supported! and 2).
>
> WDYT?
>
> I think it’s worth expanding the discussion/investigation to ways of reducing
> spam rather than focusing just on captcha which are far from enough IMO. BTW
> solution 2) will fix human spam too, something captcha will never be able to
> do by definition! :)
>
> Thanks
> -Vincent
>
>
> On 26 Jan 2015 at 19:10:59, Eduard Moraru
> ([email protected](mailto:[email protected])) wrote:
>
> > Hi devs,
> >
> > We have been getting reports recently of people getting a lot of SPAM in
> > their public XWiki instances, even if they had the CAPTCHA module [1]
> > enabled on their comments/registration pages.
> >
> > These past 2 days I`ve been investigating the current status of the CAPTCHA
> > module and what is the state of the art in fighting SPAM.
> >
> > I have produced the following document [2] that I would like you to have a
> > look at and tell me what you think and/or what is your experience with
> > XWiki's CAPTCHA module and with fighting SPAM in general.
> >
> > TL;DR: I would like to propose that we move to Google's new NO CAPTHA
> > reCAPTCHA as the default CAPTCHA solution and that we implement a
> > configurable back-end that allows admins to easily switch between CAPTCHA
> > engines/services.
> >
> > Thanks,
> > Eduard
> >
> > ----------
> > [1] http://extensions.xwiki.org/xwiki/bin/view/Extension/Captcha+Module
> > [2] http://design.xwiki.org/xwiki/bin/view/Proposal/CAPTCHAinvestigation70
> > _______________________________________________
> > devs mailing list
> > [email protected]
> > http://lists.xwiki.org/mailman/listinfo/devs
> _______________________________________________
> devs mailing list
> [email protected]
> http://lists.xwiki.org/mailman/listinfo/devs
_______________________________________________
devs mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/devs
