Welcome your new wiki overlord (?)
Moderator: Moderators
Welcome your new wiki overlord (?)
The user creation spam seems to be trendy these days. Since we are a small community and we need to authorize one user at a time, I want to propose a new rule that will stop the spamming completely: normal user creation is removed and becomes on invite only.
Some people may thing that it may be drastic but if you really think about it, we are a small community and if you don't have a nesdev account, you cannot write on the wiki. Which mean usually the relationship with the BBS and the wiki is 1 to 1.
If people are fine with it, this is just one simple setup to change. After that, users that want an account request the wiki admins and we will create the account with a temporary password.
Are you ready to welcome your new wiki overlord?
Some people may thing that it may be drastic but if you really think about it, we are a small community and if you don't have a nesdev account, you cannot write on the wiki. Which mean usually the relationship with the BBS and the wiki is 1 to 1.
If people are fine with it, this is just one simple setup to change. After that, users that want an account request the wiki admins and we will create the account with a temporary password.
Are you ready to welcome your new wiki overlord?
As long as there's more than one admin responsible for creating accounts. I've seen too many cases where a wiki or forum that I want to join has closed sign-up and no obvious way to contact an administrator.
There are MediaWiki extensions to use phpBB login, but with two problems: 1. most of them require phpBB 3, and 2. I don't know if any of them support a minimum post count.
I'm going to do an experiment on my own wiki over the next week, involving the AbuseFilter extension, to see if I can figure out how to thin out the new user spam in Recent Changes.
There are MediaWiki extensions to use phpBB login, but with two problems: 1. most of them require phpBB 3, and 2. I don't know if any of them support a minimum post count.
I'm going to do an experiment on my own wiki over the next week, involving the AbuseFilter extension, to see if I can figure out how to thin out the new user spam in Recent Changes.
@Zepper
I saw this thread, I was just too busy to comment on the subject. Sorry about that. Now I want to do something about it.
I saw this thread, I was just too busy to comment on the subject. Sorry about that. Now I want to do something about it.
I see your point but in our current state, we need to put new users in the trusted group,which mean if all admin disappear, the problem you mention would still occur. If all 4 of us are gone, that would be a major blow to nesdev You shouldn't worry too much about that scenario. Worst case, people can extract the xml and start a new wiki.tepples wrote:As long as there's more than one admin responsible for creating accounts. I've seen too many cases where a wiki or forum that I want to join has closed sign-up and no obvious way to contact an administrator.
Thank you. It's incredible how futile my warning was...Banshaku wrote:@Zepper
I saw this thread, I was just too busy to comment on the subject. Sorry about that. Now I want to do something about it.
Zepper
RockNES author
RockNES author
-
- Posts: 76
- Joined: Sun Sep 30, 2007 9:54 pm
- Location: Corneria
- Contact:
Until we can replace the phpBB 2 board with a phpBB 3 board so that we can unify login, I have a short list of extensions I'd like installed: SpecialInterwiki, AntiSpoof, and AbuseFilter. I've been using these extensions to help control spam on my own wiki, and I've been working on an ABUSE filter rule that cuts user creation log pollution in half.
Another question: Do we want to block all users in Asia? I've been told that a user living in Japan can no longer edit.
Another question: Do we want to block all users in Asia? I've been told that a user living in Japan can no longer edit.
@Tepple
You misunderstood my pm: I cannot access the SSH server for updating the wiki application from a non static asian IP because of the current security rule to protect the server. When I need to do so, I ask Koitsu to allow my current IP.
Filter won't be of any help since we have a rule of nobody can create contents until they are approved. So "approving a user on the bbs then creating an account by the wiki admin" or the "user ask us to be in the trusted group then the admin add him to that group" is the same thing, just written differently. The first way, there is no possible way to make spam at all. I just don't want to go back to the recapcha thing again.
Until we have phpBB 3 installed AND some rule to avoid spammer in the first place, my solution in the simplest and can be effective right away. Adding a single sign-on is nice but without proper spamming rule we are just going to open the Wiki to spamming again and I don't want to go back to that since these days I don't have much time to admin it, thus the current issue at hand.
You misunderstood my pm: I cannot access the SSH server for updating the wiki application from a non static asian IP because of the current security rule to protect the server. When I need to do so, I ask Koitsu to allow my current IP.
Filter won't be of any help since we have a rule of nobody can create contents until they are approved. So "approving a user on the bbs then creating an account by the wiki admin" or the "user ask us to be in the trusted group then the admin add him to that group" is the same thing, just written differently. The first way, there is no possible way to make spam at all. I just don't want to go back to the recapcha thing again.
Until we have phpBB 3 installed AND some rule to avoid spammer in the first place, my solution in the simplest and can be effective right away. Adding a single sign-on is nice but without proper spamming rule we are just going to open the Wiki to spamming again and I don't want to go back to that since these days I don't have much time to admin it, thus the current issue at hand.
You're welcome. I should have acted earlier, I was just too busy with life. Sorry about that. You need to thanks Tepples for updating the setting on the server since I cannot access the wiki SSH for now.
In the future we need to think about a better solution, like the proposed single sign-on for phpBB 3. Right now, since not many real users are created on the wiki, I guess we can still cope with the extra work.
In the future we need to think about a better solution, like the proposed single sign-on for phpBB 3. Right now, since not many real users are created on the wiki, I guess we can still cope with the extra work.