Regarding spam, here are the settings for the wiki I administer: http://zelea.com/w/Wiki:Main_page http://zelea.com/system/host/obsidian/var/www/localhost/htdocs/mediawiki-c/LocalSettings.php
See "spam protections", particularly the escalating countermeasures A.1, A.2, ... But I've found that A.1 (captcha) is sufficient to stop all bot registrations and bot spam, provided the captcha is good: ## (A.1) captcha: uncomment ConfirmEdit extension at bottom The one I use is perhaps the simplest of all: http://www.mediawiki.org/wiki/Extension:QuestyCaptcha I choose a question that requires the user to navigate to a another page in the wiki where the answer is. This makes it difficult for the bot to replay the question to visitors on a porn site or whatnot, and then pass back the answer. General captcha settings: $wgGroupPermissions['*' ]['skipcaptcha'] = false; # the no-group $wgGroupPermissions['user' ]['skipcaptcha'] = true; $wgGroupPermissions['autoconfirmed']['skipcaptcha'] = false; # that would be everyone, new users are currently autoconfirmed immediately $wgGroupPermissions['bot' ]['skipcaptcha'] = true; # registered bots $wgGroupPermissions['sysop' ]['skipcaptcha'] = true; $wgGroupPermissions['bureaucrat' ]['skipcaptcha'] = true; $wgCaptchaTriggers['edit'] = false; # on edit $wgCaptchaTriggers['create'] = false; # on page creation $wgCaptchaTriggers['addurl'] = true; # on edits that add an external URL $wgCaptchaTriggers['createaccount'] = true; # on Special:Userlogin&type=signup $wgCaptchaTriggers['badlogin'] = true; # on Special:Userlogin after failure The captcha on 'addurl' stops anonymous bot spam; they all add URLs. The captcha on 'createaccount' stops them from registering. A bot that registered could start spamming without restriction, even adding URLs, but none ever gets through. If necessary, I can escalate: ## (A.2) SimpleAntiSpam: uncomment extension at bottom # guards only web editor (I think) not API, unsure it actually helps ## (A.3) captcha: set ConfirmEdit $wgCaptchaTriggers['create'] = true ## (A.4) captcha: set ConfirmEdit $wgCaptchaTriggers['edit'] = true ## (A.5) close API to anonymous, unregistered users # $wgGroupPermissions['*']['writeapi'] = false; ## (A.6) no page creation by anonymous, unregistered users # $wgGroupPermissions['*']['createpage'] = false; # $wgGroupPermissions['*']['createtalk'] = false; ## (A.7) close API to ordinary users, leave open for registered bots # $wgGroupPermissions['user']['writeapi'] = false; ## (A.8) no editing by anonymous, unregistered users # $wgGroupPermissions['*']['edit'] = false; ## (A.9) no editing by unconfirmed email addresses # $wgEmailConfirmToEdit = true; ## (B.1) SpamBlacklist: uncomment extension at bottom ## (B.2) no registration of new users # $wgGroupPermissions['*']['createaccount'] = false; ## (B.3) no editing by ordinary users # $wgGroupPermissions['*']['createaccount'] = false; # $wgGroupPermissions['*']['edit'] = false; # $wgGroupPermissions['user']['edit'] = false; # $wgGroupPermissions['bot']['edit'] = true; # $wgGroupPermissions['sysop']['edit'] = true; ## (C) no access by public, per /etc/apache2/modules.d/90_mediawiki.conf Before installing QuestyCaptcha, I often had to escalate. But now A.1 alone seems to be sufficient. Note that I also use this extension, which may confuse some bots: http://zelea.com/project/mailish/MailishUsername.xht -- Michael Allan Toronto, +1 416-699-9528 http://zelea.com/ Kristofer Munsterhjelm said: > On 06/12/2013 07:04 AM, Rob Lanphier wrote: > > > Responding to Abd's points: We're operating under very different > > parameters than, say, a Wikimedia-operated wiki like Wikiversity. In > > particular, we don't have the infrastructure to deal with user creation > > spam. There are big advantages to sharing spam fighting resources with > > Wikipedia. > > I imagine that using some spam-deterring plugins would go a lot of the > way. See http://www.mediawiki.org/wiki/Manual:Combating_spam . I don't > know this, though, as I haven't administered any Mediawiki sites myself. ---- Election-Methods mailing list - see http://electorama.com/em for list info