Re: [Phpwiki-talk] 1.3.10 and Apache 2, small projects, wiki spam

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Joel Uckelman schrieb:
> 1. Is there something special I need to to do get 1.3.10 working with Apache 2
> and PHP 4.3? I haven't been able to get the wiki to create a new page
> db, even.

The internal redirect-after-edit is broken.
Make sure that your theme has a valid signature ImageAlias,
and not false.
$WikiTheme->addImageAlias('signature', "Signature.png");

This seems to be a special problem with apache2, but I got nearer in the 
last week.

> 2. I've been thinking a bit about wiki spam lately, mostly because a wiki
> that I host has been getting blasted almost daily for a while now. While
> we very much want to stop the spam, we don't want to require users to login
> because that would discourage casual editing. What I've noticed is that
> virtually all of the spam we see involves a great number of links being added
> to a page, say 100+. On the other hand, I can't think of a time when I've
> added more than 10 links to a page in a single edit. This suggests that
> rejecting (or holding for approval) edits which increase a page's link count
> by more than 10 links would nearly eliminate the spam that lands on this
> particular wiki.

Good idea! I had the same :) It's already in CVS.

DONE:
      *   More then 20 new external links (hardcoded)
          (have to update http://phpwiki.org/WikiSpam)
      *   content patterns by babycart (only php >= 4.3 for now)
          ENABLE_SPAMASSASSIN
          (have to update http://phpwiki.org/SpamAssassinIntegration)
TODO:
      *   IP BlackList
      *   domain blacklist
      *   url patterns

These need a working accesslog (best via sql) and 
WikiAccessRestrictions, which I deferred to 1.3.12
The hairy accesslog code is already done, but the interface and policies 
are missing.

More see http://wikiblacklist.blogspot.com/

> Most of the spam I see on my wiki is in Chinese, while the rest of the wiki
> is mostly English. If I just rejected any edits which introduced numerous
> Chinese characters, that also would do the trick in my case.
> 
> However, I suspect that not all wiki spam is like this, and if my particular
> batch of spammers changed their tactics then such a check would be ineffective.
> Another thing which occurred to me is doing an RBL check on the IP of the
> editing host. This stops tons of email spam at the door; I have a hunch that
> similar results could be achieved using this for a wiki.
> 
> Conclusion: While I doubt that there is a single solution that would work
> well for everyone, I think that everyone could probably find a solution which
> works for them. Hence, it would be useful to have the edit function call a
> configurable edit validator, one where the wiki admin could easily supply
> whatever tests he wants applied to edits.
> 
> Is there already something like this? If not, does anyone else like this
> idea?

See above.

> 3. Small projects: Are there any small projects that the developers more
> regular than myself want done? I expect to have a bit of time this week
> and I have wiki on the brain again.

See http://phpwiki.org/DevelopmentBranch

-- 
Reini Urban
http://xarch.tu-graz.ac.at/home/rurban/