Menu
▾
▴
phpwiki-talk
|
From: Neale P. <ne...@wo...> - 2003-11-09 18:54:06
|
I got some spam on my wiki last night :< It appears this fellow is going through google to find PHPWiki-rendered pages, and inserting his little advertisement. You can see the result here: http://wiki.woozle.org/BuyingaNewComputer?action=diff&version=5 Sure, it was easy to take out, but when someone writes a program to do this automatically, I guess we're all going to have to require authentication for edits, or spend large chunks of time removing ads. Weblog entry point: wiki.woozle.org 202.156.2.138 - - [09/Nov/2003:00:00:05 -0800] "GET /BuyingaNewComputer HTTP/1.1" 200 16099 "http://www.google.com.sg/search?q=computer+Page+Execution+took++Edit&hl=en&lr=&ie=UTF-8&oe=UTF-8&start=10&sa=N" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)" Neale (Please Cc me in replies) |
|
From: Steve W. <sw...@pa...> - 2003-11-10 05:51:46
|
First blogs, and now wikis. There ain't no justice. ~swain On Nov 9, 2003, at 1:54 PM, Neale Pickett wrote: > I got some spam on my wiki last night :< It appears this fellow is > going > through google to find PHPWiki-rendered pages, and inserting his little > advertisement. You can see the result here: > > http://wiki.woozle.org/BuyingaNewComputer?action=diff&version=5 > > Sure, it was easy to take out, but when someone writes a program to do > this automatically, I guess we're all going to have to require > authentication for edits, or spend large chunks of time removing ads. > > > Weblog entry point: > > wiki.woozle.org 202.156.2.138 - - [09/Nov/2003:00:00:05 -0800] "GET > /BuyingaNewComputer HTTP/1.1" 200 16099 > "http://www.google.com.sg/search? > q=computer+Page+Execution+took++Edit&hl=en&lr=&ie=UTF-8&oe=UTF > -8&start=10&sa=N" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; > .NET CLR 1.1.4322)" > > > Neale > (Please Cc me in replies) > > > ------------------------------------------------------- > This SF.Net email sponsored by: ApacheCon 2003, > 16-19 November in Las Vegas. Learn firsthand the latest > developments in Apache, PHP, Perl, XML, Java, MySQL, > WebDAV, and more! http://www.apachecon.com/ > _______________________________________________ > Phpwiki-talk mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phpwiki-talk > |
|
From: Oliver B. <ob...@de...> - 2003-11-10 12:06:09
|
Steve Wainstead wrote: > First blogs, and now wikis. There ain't no justice. Ack. Another reason for some kind of user management/authentication. I'm also afraid about vandalism, spam, illegal contents etc. Having some small and not very active Wikis for small groups, there is no large community to check for changes, and sometimes I don't visit the pages for weeks. Oliver |
|
From: aphid <me...@ap...> - 2003-11-10 18:38:23
|
On Nov 10, 2003, at 4:05 AM, Oliver Betz wrote: > > Ack. Another reason for some kind of user management/authentication. > > I'm also afraid about vandalism, spam, illegal contents etc. > > Having some small and not very active Wikis for small groups, there > is no large community to check for changes, and sometimes I don't > visit the pages for weeks. I hook my RSS reader (netnewswire for mac, feedreader for pc) up to the RecentEdits feed so I know more or less instantaneously when the wiki has been updated. a |
|
From: Carsten K. <car...@us...> - 2003-11-11 21:12:06
|
On Sunday, November 9, 2003, at 01:54 pm, Neale Pickett wrote: > I got some spam on my wiki last night :< It appears this fellow is > going > through google to find PHPWiki-rendered pages, and inserting his little > advertisement. You can see the result here: > > http://wiki.woozle.org/BuyingaNewComputer?action=diff&version=5 > > Sure, it was easy to take out, but when someone writes a program to do > this automatically, I guess we're all going to have to require > authentication for edits, or spend large chunks of time removing ads. > > > Weblog entry point: > > wiki.woozle.org 202.156.2.138 - - [09/Nov/2003:00:00:05 -0800] "GET > /BuyingaNewComputer HTTP/1.1" 200 16099 > "http://www.google.com.sg/ > search?q=computer+Page+Execution+took++Edit&hl=en&lr=&ie=UTF-8&oe=UTF- > 8&start=10&sa=N" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; > .NET CLR 1.1.4322)" > > > Neale > (Please Cc me in replies) Hi Neale, This does indeed sound like a very disturbing trend, thanks for the heads-up. Have you tried this setting in index.php? This might trip-up or at least slow down any automatic WikiSpamScripts, by forcing a (BOGO- or WikiWord- user-name) login first: if (!defined('ALLOW_BOGO_LOGIN')) define('ALLOW_BOGO_LOGIN', true); if (!defined('REQUIRE_SIGNIN_BEFORE_EDIT')) define('REQUIRE_SIGNIN_BEFORE_EDIT', true); Maybe it would be a good idea to set these as the defaults in index.php for the next release? Any thoughts? Carsten |
|
From: Neale P. <ne...@wo...> - 2003-11-11 21:23:19
|
Carsten Klapp <car...@us...> writes:
> Have you tried this setting in index.php? This might trip-up or at
> least slow down any automatic WikiSpamScripts, by forcing a (BOGO- or
> WikiWord- user-name) login first:
>
> if (!defined('ALLOW_BOGO_LOGIN')) define('ALLOW_BOGO_LOGIN', true);
> if (!defined('REQUIRE_SIGNIN_BEFORE_EDIT'))
> define('REQUIRE_SIGNIN_BEFORE_EDIT', true);
I haven't set that up yet, since it's just been this isolated incident.
Perhaps if wiki maintainers are diligent, the spammers will find that
such edits are pointless. On the other hand, it would be pretty easy to
throw together a script that replaces every page in a wiki with an ad,
and that would be very difficult to clean up. So we'll see.
> Maybe it would be a good idea to set these as the defaults in
> index.php for the next release? Any thoughts?
I'm not sure. On the one hand, it gives you some security. On the
other hand, it's in opposition to the whole idea of Wiki. (Well, to my
idea of it, at least.) In the end, it's probably inevitable that folks
will have to put passwords around their wikis, just like it was
inevitable that multi-user computer systems all got passwords
eventually.
So it's a tough call, and I don't envy you folks for having to make it
:}
Neale
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X