OESF:Antispam configuration work list

From OESF

Current revision

This page is a list of operations to be performed to enhance spam protection of the OESF Wiki. The plan is to implement the suggestions documented in Blocking Spam in MediaWiki.

Installed software versions

Above obtained from Special:Version on 2007-10-21.

Work Environment

Although telnet connection is possible, urge use of SSH client for security. Free clients include OpenSSH for Unix-like systems and PuTTY for MS Windows.

Backup files

Backup each file to be changed in following operations.

(Paths relative to user oesf home directory: /export/sunsite/users/oesf)

Wiki file system root: /public/vhost/o/oesf/html

CSS hidden spam

1. Add following line to LocalSettings.php — DONE Added line in new section of file for OESF Wiki enhancements. -- Meyer (talk) 13:33, 24 October 2007 (EDT)

$wgSpamRegex = "/\<.*style.*?(display|position|overflow|visibility|height)\s*:.*?>/i";

Blank user agents

1. Create file .htaccess with following contents: — DONE -- Meyer (talk) 13:33, 24 October 2007 (EDT)

SetEnvIf User-Agent ^$ spammer=yes     # block blank user agents

Order allow,deny
allow from all
deny from env=spammer

ConfirmEdit extension

1. Create directory:
   • Command: mkdir extensions/ConfirmEdit
   • DONE: Meyer (talk) 13:33, 24 October 2007 (EDT)
2. Download extension files to directory:
   • Command: $svn co http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions/ConfirmEdit/
   • DONE: Meyer (talk) 13:33, 24 October 2007 (EDT)
3. Add line near bottom of LocalSettings.php:
   • Command: require_once( "$IP/extensions/ConfirmEdit/ConfirmEdit.php" );
   • DONE: Meyer (talk) 13:33, 24 October 2007 (EDT)
4. Customize extensions/ConfirmEdit/ConfirmEdit.php: (Below suggestions are already set as defaults.)
   • DONE: Meyer (talk) 13:33, 24 October 2007 (EDT)

$wgGroupPermissions['*'            ]['skipcaptcha'] = false;
$wgGroupPermissions['user'         ]['skipcaptcha'] = false;
$wgGroupPermissions['autoconfirmed']['skipcaptcha'] = false;
$wgGroupPermissions['bot'          ]['skipcaptcha'] = true; // registered bots
$wgGroupPermissions['sysop'        ]['skipcaptcha'] = true;

$wgCaptchaTriggers['edit']          = false; // Would check on every edit
$wgCaptchaTriggers['addurl']        = true;  // Check on edits that add URLs
$wgCaptchaTriggers['createaccount'] = true;  // Special:Userlogin&type=signup

Following changes made to default settings:

Red herrings

On the first attempt, operations to install extension completed, but captcha not activated for edits by anonymous user. Have performed the following additional operations, but without success (normal operation of wiki seems unimpared):

• Downloaded the file http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions/ExtensionFunctions.php to directory html/extensions [1]
• Change value of variable IP from "/home/miamlh1/oesf.org" an unknown directory to "/export/sunsite/users/oesf/html" in file html/LocalSettings.php

I don't think it wise to move ahead with extension installation until EditConfirm is working properly. I am out of time tonight. Will investigate further at my next opportunity. -- Meyer (talk) 14:35, 20 October 2007 (EDT)

MediaWiki Extensions FAQ says scripts need to have execution permission set, which the PHP files downloaded in extensions/ConfirmEdit didn't. Set the permission, but still no visible improvement in function. -- Meyer (talk) 00:47, 24 October 2007 (EDT)

Running the wiki PHP scripts from the command line revealed an error in one of the scripts we're trying to install:

$ php ConfirmEdit.php

Parse error: parse error, unexpected T_BOOLEAN_AND, expecting '(' in /export/sunsite/users/oesf/html/extensions/ConfirmEdit/ConfirmEdit.php on line 330

Googling for "mediawiki confirmedit t_boolean_and parse error" found mention of the same problem and a possible fix. Applying the fix makes the script run without error from the command line, but still no captcha. -- Meyer (talk) 03:24, 24 October 2007 (EDT)

Someone else with the same problem but unclear about how they solved it. Pursuing via e-mail. -- 219.67.171.131 04:04, 24 October 2007 (EDT)

Ironically, source had made same directory mistake I had. -- Meyer (talk) 13:33, 24 October 2007 (EDT)

SUCCESS!!! Mail from Tux made me realize I had mistaken a basic assumption and all the above changes to files had been done in the wrong area. Wiki files are not rooted at /export/sunsite/users/oesf but at /public/vhost/o/oesf. Repeated the above steps Backup files, CSS hidden spam, Blank user agents, and ConfirmEdit extension on the correct files. Only additional configuration change was setting captcha triggers for page edit and creation to true. Wiki now generates captchas for user registration, page create, and page edit (wiki administrators exempt). -- Meyer (talk) 08:48, 24 October 2007 (EDT)

Bad Behavior extension

Installing and Using Bad Behavior on MediaWiki

1. Download archive
   • URI: http://www.bad-behavior.ioerror.us/download/bad-behavior-2.0.10.zip
   • DONE: Meyer (talk) 09:26, 25 October 2007 (EDT)
2. Unpack archive
   • Destination directory: extensions (automatically creates extensions/Bad-Behavior)
   • DONE: Meyer (talk) 09:26, 25 October 2007 (EDT)
3. Integrate into LocalSettings.php
   • Code: require_once( "$IP/extensions/Bad-Behavior/bad-behavior-mediawiki.php" );
   • DONE: Meyer (talk) 09:41, 25 October 2007 (EDT)
4. Patch for MediaWiki 1.10+
   • After line: if (!defined('MEDIAWIKI')) die();
   • Add code: require_once( "$IP/includes/DatabaseFunctions.php" );
   • DONE: Meyer (talk) 10:03, 25 October 2007 (EDT)
5. Custom patch: MediaWiki 1.11 introduces a functional change that breaks some extensions designed for previous versions, including Bad Behavior. Although at least one person recommends discontinuing use and contacting developers of such extensions, I made the following patch to Bad Behavior that seems to serve:
   • Add code at end of function bb2_mediawiki_timer (after bad-behavior-mediawiki.php line 122): return 1;
   • DONE: Meyer (talk) 15:02, 27 October 2007 (EDT)

Note: There is a bug in the Bad Behavior extension that messes up formatting at the bottom of the edit article page. Since it is cosmetic I am leaving it in place for now.

Bad Behavior 2 Extended

Bad Behavior 2 Extended

1. Download files
   • Source files: http://www.smartcatmedia.com/bb2ext_svn/bb2ext.php, http://www.smartcatmedia.com/bb2ext_svn/bb2ext.i18n.php
   • Destination directory: extensions/Bad-Behavior
   • DONE: Meyer (talk) 15:16, 27 October 2007 (EDT)
2. Add include in LocalSettings.php
   • Code (local customization): require_once( "$IP/extensions/Bad-Behavior/bb2ext.php" );
   • DONE: Meyer (talk) 15:22, 27 October 2007 (EDT)

SpamBlacklist extension

SpamBlacklist

1. Download files.
   • Files: SpamBlacklist.php, SpamBlacklist_body.php, SpamBlacklist.i18n.php, cleanup.php
   • Source: http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions/SpamBlacklist/
   • Destination (create): extensions/SpamBlacklist
   • DONE: Meyer (talk) 14:01, 29 October 2007 (EDT)
2. Add to LocalSettings.php
   • DONE: Meyer (talk) 14:05, 29 October 2007 (EDT)
   • Code: (see below)
3. Create local spam blacklist page (no entries).
   • DONE: Meyer (talk) 14:13, 29 October 2007 (EDT)

require_once( "$IP/extensions/SpamBlacklist/SpamBlacklist.php");
$wgSpamBlacklistFiles = array(
       "http://meta.wikimedia.org/w/index.php?title=Spam_blacklist&action=raw&sb_ver=1", // Wikimedia's list
       "DB: oesf Spam_Blacklist",
);

Ubiquity Servers

We have been getting spam from this lot recently. Also they are managing to register users...

So I have changed .htaccess. Hope I got the syntax right!!

SetEnvIf User-Agent ^$ spammer=yes # block blank user agents Order allow,deny

allow from all

deny from env=spammer

1. Nobis/Ubiquity

deny from 64.120.0.0/17

deny from 173.234.0.0/16

Tux 02:38, 20 April 2011 (EDT)