Hi everyone, > Looks like a vandal bot to me. Yes, it is
> How can one delete pages from the wiki? Only Administrators can. Right now that's jwe and I. I'm always online, and often at my keyboard. Just ping me on irc or write on my wiki talk page to let me know, and I can get onto deleting/blocking. ----- While we're on the topic, let me talk about spam bots. There are a couple of barriers you can put up to try and stop the flow of spam bots. Making them join (disabling anonymous editing) is the first barrier. Making them solve a CAPTCHA to register is another. Making them verify their email before editing is a third. But of course, each of these measures also makes it more difficult for legitimate members to contribute. The first doesn't really do much, you get the same amount of spam, they're just registered. The second stops a few more but I suspect either captchas are almost broken, or they have people just sitting there solving them. The third slims down the amount of spam, but not the number of spam accounts that get registered (but emails never verified, so they don't actually spam). Having said all that, in my experience spam bots are mostly single-hit -- they join, spam once, and then you never hear from them again. Even after going through all the barriers above, most of the bots I see are still single-hit. It's kind of weird how much effort they go through for one single spam message... One way to get rid of spambots once and for all is to approve registrations manually (but this is a pain and really inhibits contribution and I don't think this is really viable unless you only have a small community who needs to edit, and I don't think octave fits into this category). Onto CAPTCHAs. I use reCAPTCHA on my wikis (https://www.mediawiki.org/wiki/Extension:ReCAPTCHA) which is run by Google and helps in digitising books. It's reasonably customisable. For the example above, it reduces to the following policy: - unregistered users cannot edit, only view source - registered users who have not verified their email cannot edit either - registered users can edit freely - to register you need to solve a captcha - your first login attempt is CAPTCHA free, all subsequent attempts require solving a CAPTCHA (I think this is tracked by IP) This seems to work okay, no one has complained yet (at least not to me), and I've had this going on my wiki for a couple of years. I seem to recall there also being a feature where you could lock an IP out for <period of time> if they failed a captcha X times in a row, which can lower the risk of your webserver getting hammered. There are other CAPTCHAs around (see https://www.mediawiki.org/wiki/ConfirmEdit); another one we might consider is QuestyCaptcha, which makes users answer a question from a pool defined by the site owner. If we add context-sensitive, octave-related questions, that might work better than reCAPTCHA (which just requires a decent OCR program to crack). At the end of the day it's about balancing security with annoying your potential contributors. So, discuss, and feel free to ask me questions. I've been running wikis for about 3 years now and am happy to share my experiences. The above is just my experience of what has and hasn't worked, if someone has a different clever idea I'd be keen to hear it too. One final note, a spam post every couple of days is pretty low-key, I don't think it's a problem that requires an urgent solution (yet). Obviously as the wiki gets bigger and gets more attention, we'll get more spam. But I used to be deleting/blocking 50 spam posts a day -- so I'm happy to take the responsibility of keeping this wiki spam-free for a while so we can have a proper discussion. --Joanna ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-novd2d _______________________________________________ Octave-dev mailing list Octave-dev@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/octave-dev
