Recent wiki spam barrage

[Kerbolnaut]

The wiki has been getting barraged by spambots over the last two and a half days. They've made 17 user accounts and 300+ new pages of pure spam. I've been consistently blanking their spam but I can't actually delete the spam pages or ban the spammers. UmbralRaptor has banned nine of them, KasperVld got one, but there's still seven left unbanned at this point. I'm not even sure it matters because they just pop up new accounts like dandelions and continue at it. There's also still around 300 pages of blanked spam that have yet to be deleted, and I'm guessing there's going to be another 70-150 new pages that I'll need to blank tomorrow. If anyone with delete and ban privileges on the wiki is reading this, please take a look at KasperVld's talk page to see the list of account that still haven't been banned. I've also listed all of the spam accounts, so the pages that still need to be deleted can be found in their contributions sections.

Keeping up with the spam is getting tiring, and I'm hoping that we can increase spam restrictions on the wiki, possibly by asking users easy questions about the game whenever they want to create a new page. Does anyone have any other ideas?

[Rithsom]

If I remember correctly, when creating a new account there is a spambot barrier, so I wonder how those few got through...

As for additional spam restrictions, how about a limit on the number of pages that a single account can create per day?

[Guest]

15 hours ago, Rthsom said:

If I remember correctly, when creating a new account there is a spambot barrier, so I wonder how those few got through...

As for additional spam restrictions, how about a limit on the number of pages that a single account can create per day?

Good idea.  Maybe we could give some of the more prominent and known to be real users the ability to flag spam bots?

[KasperVld]

Thanks for the heads up. I briefly talked with UmbralRaptor on IRC and we're looking into a solution that allows us to quickly remove these pages. Going through them one by one is quite laborious.

[Tw1]

It's not possible to revert the wiki to a previous state?

[KasperVld]

No, but we've found a solution to quickly get rid of all the pages. If you come across any more spambots then please do poke the Wiki staff.

[bewing]

How do you poke the wiki staff? There are a bunch of new spam pages.

 

[KasperVld]

Will look into it

[Gordon Fecyk]

Is it time to vet Wiki editors through some other means? For instance, through this forum? I had to do something similar when I started a Wiki for the Zeroshell community. The MediaWiki folks might not like it because it infringes on their philosophy of openness, but like anything else that gets abused frequently, it might be time to take that away.

Three Rings Design authenticates access to the YPP Wiki using their main game's account domain. There are extensions to authenticate against LDAP (and thus Active Directory by extension). Is there a means to authenticate against this forum's user database?

--

[insert_name]

Jontyrhodes appears to be the last spammer left

I blanked the text but it needs to be deleted

4 hours ago, Gordon Fecyk said:

Is it time to vet Wiki editors through some other means? For instance, through this forum? I had to do something similar when I started a Wiki for the Zeroshell community. The MediaWiki folks might not like it because it infringes on their philosophy of openness, but like anything else that gets abused frequently, it might be time to take that away.

Three Rings Design authenticates access to the YPP Wiki using their main game's account domain. There are extensions to authenticate against LDAP (and thus Active Directory by extension). Is there a means to authenticate against this forum's user database?

--

it seems like it would be better to do it via mainsite accounts that purchased the game, forcing the hackers to buy ksp

[Gordon Fecyk]

14 hours ago, insert_name said:

it seems like it would be better to do it via mainsite accounts that purchased the game, forcing the hackers to buy ksp

That's the tack Three Rings took with their Wiki, and it's a very good idea.

Only then, how do you accommodate those who bought KSP on Steam or GOG? Authenticate against them? Sure, if they permit that sort of thing.

--

[insert_name]

its gotten worse, Anju is the latest spammer, they put the # in the title now so I cant blank it

[insert_name]

apparently they are leaving spam links to call a boudin bakery in the Midwest for tech support

[KasperVld]

I've removed the recent spam pages and added more measures to try and stop this. Please send me an email at [email protected] directly when new spam appears

 

[adsii1970]

This may not be the place to ask or not offer, but what can I do to help the wikki project?

[Mad Rocket Scientist]

On 2/23/2016 at 7:17 AM, adsii1970 said:

This may not be the place to ask or not offer, but what can I do to help the wikki project?

As I understand it, just start editing stuff! 

[VITAS]

There are some addons i know of that can filter users by regex and delet them or prevent users from doing too much actions in a given time span or same actions in sequence e.g. make more than x new pages. i had some spambot attacks in the past on mediawiki sites. capchas help but ocr has gotten to a point where theyre not as helpfull anymore. but there are capacha systems with "click all pics that show e.g. food.

i also would suggest adding more sec questions to the mix (and change that one where oyu have to fill in the blanks i never know what to type).

i dont know if the spambots have a common ip.

also you can always run low level cleanup jobs e.g. on the db level.

in general connecting user acounts of the forum , wiki with some custom reg form would be a good idea because spambots wont adapt to custom soft that fast (not enough victems out there). but doing so requires some nasty coding...

maybe some of these tips are usefull

[insert_name]

looks like someone new went on a vandalisim spree in the 1.2 page http://wiki.kerbalspaceprogram.com/wiki/User:Igor29050

[Red Iron Crown]

33 minutes ago, insert_name said:

looks like someone new went on a vandalisim spree in the 1.2 page http://wiki.kerbalspaceprogram.com/wiki/User:Igor29050

That appears to have been back in August and has already been handled by the wiki admins.

Edit: Oh I see, it's the profile page more recently.

Edited November 1, 2016 by Red Iron Crown