On Tuesday, October 01, 2013 02:52:14 PM Marc Weber wrote: > > All these cookies and javascripts tend to break secure and efficient > > setups :( > Please make me understand why ?
Because both are off by default and require whitelisting, after you discover that something is broken. This should at least print a useful error message. A slightly tweaked registration form sounds like a much better idea though. > My change is about adding a simple require_once 'create-user-guard.php' > file. That can be automated. And even if not, it *does solve the problem* > unless I get proven wrong. And if we do, we can be pretty sure that humans > are spamming the wiki. And that would be a step towards solving the issue, > too. > > > Long-term automated solutions to *prevent* spam don't exist for a > > growing community like nixos. > > Don't overengineer. Don't think today about problems which may happen > in 2 years. I agree that a simple solution should be tried first. We'll still have a problem with useless web interface though :/ > Maybe its even enough to hide the string "Media Wiki" on each page? > You can do so by adding a simple regex post processing to apache AFAIK. > > We have to > > 1) document what has been tried > > 2) try new cheap things to find out whether bots are spamming - then > there should be simple soultions - or whether humans are spamming. > > But I'll shut up. I've offered help. I don't have access, so I cannot > change anything. If you want me to setup a demo how the addiotional non > standard password protection would look like let me know. > > But let's consider trying the trivial things first before asking people > to spend money or concluding that changes are not maintainable. > > Count the packages in nixpkgs to see how powerful the nixos community > actually is. We should be able to cope with such a simple problem, > unless the attackers spend much more effort than we do. > > Another way to solve this issue would be not allowing to create new > users automatically. Setup a simple form: > > You want to become a wiki member? > username [ .. ] > password [ .. ] > > and process this once every 2 weeks. > > This should be less effort than deleting spam, too. > > Marc Weber > _______________________________________________ > nix-dev mailing list > nix-dev@lists.science.uu.nl > http://lists.science.uu.nl/mailman/listinfo/nix-dev _______________________________________________ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev