On Tue, Sep 03, 2013 at 11:04:28AM +0200, Thomas Waldmann wrote:
>> perhaps we need safer defaults
>
>I don't think we should change defaults within a stable release series.
>
>But we can change how example configs look like and document stuff better.
>
>> Really control registration: for extra control over registration, perhaps
>> use
>> the http://www.moinmo.in/MoinMoinPatch/VerifyAccountCreationByEmail patch to
>> require e-mail verification of account registration.
>
>I wouldn't recommend this patch until someone cleans it up (see my
>comments there), does more testing and reviews the code again.
Ah, bugger. Sorry, I hadn't seen the comments there. I'm subscribed to
the page, but it looks like maybe my spam filter ate it or
something.
I'm in the middle of cleaning up and re-targetting my patches against
1.9.7 right now anyway. I'll update the page shortly.
>> Does anyone have any opinions about the above?
>
>Good writeup, should be supplemented with a modified default wiki/farm
>config.
>
>One can add to regularly review logs, esp. after spam gets in. So one
>can sometimes identify static IP addrs only used for spamming (put them
>in moin's hosts_deny or handle via web server) and also textchas that
>have been broken and should be replaced.
I've also added support for calling out to an external program at
account creation time to see if a new account should be created, based
on email/IP/account name. I've got quite a few extra scripts written
locally to help with monitoring account signups and managing the
blacklists too.
More helpful things here would include:
* better support for network addressing for blacklisting (something
that understands CIDR rather than just .startswith)
* support for moderation - new account holder should need to have
their first few edits approved by existing users
--
Steve McIntyre, Cambridge, UK. st...@einval.com
< sladen> I actually stayed in a hotel and arrived to find a post-it
note stuck to the mini-bar saying "Paul: This fridge and
fittings are the correct way around and do not need altering"
------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
_______________________________________________
Moin-user mailing list
Moin-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/moin-user
