Re: [Phpwiki-talk] Wiki spam, an emerging trend?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Carsten Klapp <car...@us...> writes:

> Have you tried this setting in index.php? This might trip-up or at
> least slow down any automatic WikiSpamScripts, by forcing a (BOGO- or
> WikiWord- user-name) login first:
>
> if (!defined('ALLOW_BOGO_LOGIN')) define('ALLOW_BOGO_LOGIN', true);
> if (!defined('REQUIRE_SIGNIN_BEFORE_EDIT'))
> define('REQUIRE_SIGNIN_BEFORE_EDIT', true);

I haven't set that up yet, since it's just been this isolated incident.
Perhaps if wiki maintainers are diligent, the spammers will find that
such edits are pointless.  On the other hand, it would be pretty easy to
throw together a script that replaces every page in a wiki with an ad,
and that would be very difficult to clean up.  So we'll see.

> Maybe it would be a good idea to set these as the defaults in
> index.php for the next release? Any thoughts?

I'm not sure.  On the one hand, it gives you some security.  On the
other hand, it's in opposition to the whole idea of Wiki.  (Well, to my
idea of it, at least.)  In the end, it's probably inevitable that folks
will have to put passwords around their wikis, just like it was
inevitable that multi-user computer systems all got passwords
eventually.

So it's a tough call, and I don't envy you folks for having to make it
:}

Neale