OESF:Antispam configuration work list

From OESF

Revision as of 08:04, 24 October 2007 (edit) 219.67.171.131 (Talk) (→ConfirmEdit extension) ← Previous diff		Revision as of 12:31, 24 October 2007 (edit) (undo) 203.212.44.40 (Talk) Next diff →
Line 86:		Line 86:
	== SpamBlacklist extension ==		== SpamBlacklist extension ==
		+
		+	==blah==
		+	test test test

---

Revision as of 12:31, 24 October 2007

This page is a list of operations to be performed to enhance spam protection of the OESF Wiki. The plan is to implement the suggestions documented in Blocking Spam in MediaWiki.

Contents 1 Installed software versions 2 Work Environment 3 Backup files 4 CSS hidden spam 5 Blank user agents 6 ConfirmEdit extension 7 Bad Behavior extension 8 Bad Behavior 2 extension 9 SpamBlacklist extension 10 blah

Installed software versions

MediaWiki	1.11.0
PHP	5.1.6 (apache2handler)
MySQL	4.0.27-standard-log

Above obtained from Special:Version on 2007-10-21.

Work Environment

Host:	login.ibiblio.org (shell account)
User:	oesf
Password:	(do not disclose)

Although telnet connection is possible, urge use of SSH client for security. Free clients include OpenSSH for Unix-like systems and PuTTY for MS Windows.

Backup files

Backup each file to be changed in following operations. (Paths relative to user oesf home directory: /export/sunsite/users/oesf)

• html/LocalSettings.php (#CSS hidden spam, #ConfirmEdit extension) — DONE: -> html/LocalSettings.bak.php -- Meyer (talk) 13:44, 20 October 2007 (EDT)
• html/extensions/ConfirmEdit/ConfirmEdit.php (#ConfirmEdit extension) — DONE -> html/extensions/ConfirmEdit/ConfirmEdit.bak.php -- Meyer (talk) 14:03, 20 October 2007 (EDT)

CSS hidden spam

1. Add following line to LocalSettings.php — DONE Added line in new section of file for OESF Wiki enhancements. -- Meyer (talk) 13:49, 20 October 2007 (EDT)

$wgSpamRegex = "/\<.*style.*?(display|position|overflow|visibility|height)\s*:.*?>/i";

Blank user agents

1. Create file html/.htaccess with following contents: — DONE -- Meyer (talk) 13:52, 20 October 2007 (EDT)

SetEnvIf User-Agent ^$ spammer=yes     # block blank user agents

Order allow,deny
allow from all
deny from env=spammer

ConfirmEdit extension

1. Create directory: mkdir html/extensions/ConfirmEdit — DONE -- Meyer (talk) 13:55, 20 October 2007 (EDT)
2. Download extension files to directory: svn co http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions/ConfirmEdit/ — DONE -- Meyer (talk) 13:56, 20 October 2007 (EDT)
3. Add line near bottom of html/LocalSettings.php: require_once( "$IP/extensions/ConfirmEdit/ConfirmEdit.php" ); — DONE -- Meyer (talk) 13:57, 20 October 2007 (EDT)
4. Customize html/extensions/ConfirmEdit/ConfirmEdit.php: — DONE Below suggestions are already set as defaults. Only changed $ceAllowConfirmedEmail from "false" to "true" to allow users who have confirmed their e-mail address to include URIs in their edits without requiring a captcha check. -- Meyer (talk) 14:08, 20 October 2007 (EDT)
   • $wgCaptchaTriggers
   • $ceAllowConfirmedEmail

$wgGroupPermissions['*'            ]['skipcaptcha'] = false;
$wgGroupPermissions['user'         ]['skipcaptcha'] = false;
$wgGroupPermissions['autoconfirmed']['skipcaptcha'] = false;
$wgGroupPermissions['bot'          ]['skipcaptcha'] = true; // registered bots
$wgGroupPermissions['sysop'        ]['skipcaptcha'] = true;

$wgCaptchaTriggers['edit']          = false; // Would check on every edit
$wgCaptchaTriggers['addurl']        = true;  // Check on edits that add URLs
$wgCaptchaTriggers['createaccount'] = true;  // Special:Userlogin&type=signup

Operations to install extension completed, but captcha not activated for edits by anonymous user. Have performed the following additional operations, but without success (normal operation of wiki seems unimpared):

• Downloaded the file http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions/ExtensionFunctions.php to directory html/extensions [1]
• Change value of variable IP from "/home/miamlh1/oesf.org" an unknown directory to "/export/sunsite/users/oesf/html" in file html/LocalSettings.php

I don't think it wise to move ahead with extension installation until EditConfirm is working properly. I am out of time tonight. Will investigate further at my next opportunity. -- Meyer (talk) 14:35, 20 October 2007 (EDT)

MediaWiki Extensions FAQ says scripts need to have execution permission set, which the PHP files downloaded in extensions/ConfirmEdit didn't. Set the permission, but still no visible improvement in function. -- Meyer (talk) 00:47, 24 October 2007 (EDT)

Running the wiki PHP scripts from the command line revealed an error in one of the scripts we're trying to install:

$ php ConfirmEdit.php

Parse error: parse error, unexpected T_BOOLEAN_AND, expecting '(' in /export/sunsite/users/oesf/html/extensions/ConfirmEdit/ConfirmEdit.php on line 330

Googling for "mediawiki confirmedit t_boolean_and parse error" found mention of the same problem and a possible fix. Applying the fix makes the script run without error from the command line, but still no captcha. -- Meyer (talk) 03:24, 24 October 2007 (EDT)

Someone else with the same problem but unclear about how they solved it. Pursuing via e-mail. -- 219.67.171.131 04:04, 24 October 2007 (EDT)

Bad Behavior extension

Bad Behavior 2 extension

SpamBlacklist extension

blah

test test test