User talk:Meyer

From OESF

Current revision

Welcome to my talk page. Feel free to leave OESF Wiki-related notes for me here. Just edit the page and add your comments in a new paragraph at the bottom. Please start your comment with a level-2 header ("== your subject here ==") (or use the "+" tab), and sign and date your post by appending "-- ~~~~" to the end.

If I there's anything in your comments I need to respond to, I will append my answer to this page following your post. Watch this page if you care what I have to say to you. ;)

From Tux

Hi Meyer, I liked the comment about cutting down trees with a herring!

Lets hope that someone among the admins recruits some help.

My idea would be that we recognise the bots and indefinite ban them and carry on doing that until they are all dead!

Of course that would only be a real solution if they also going to leave anonymous editing turned off and made the registering much harder for non-humans.!

See you later! Tux 06:41, 26 September 2007 (EDT)

Glad you liked the herring line, but I stole it from Monty Python. ;)

Something definitely needs to be done about the spambots. It's embarrassing how vulnerable the wiki is. The only problem with banning is I'm sure the bots are already smart enough to come back with a new user name and IP address.

There are a number of things that can be done, including my personal favorite of installing the Wikipedia AntiSpamBot (fight fire with fire), but they all involve the wiki administrators, and I can't say how high the wiki is on their list of priorities. At least DK seems to be looking into the problem.

Back to the despamming. Keep fighting the good fight.

--Meyer 21:51, 25 Sep 2007 (EDT)

Congratulations

Congratulations Meyer on the sysop/bureaucrat bit! Hope I'll be able to cope with the sysop/bureaucrat stuff. Wish me luck. Tux 06:41, 26 September 2007 (EDT)

Good luck to both of us, Partner. You'll have to teach me what the hell I should be doing. -- Meyer 07:05, 26 September 2007 (EDT)

Spam counter-measures

Well don't rely too much on me! I just blocked myself!!! Fortunately I noticed quite quickly!

What I do to kill spambots!

At the moment I'm going through the Recent changes list as I used to. This time I'm looking for RED user names and looking at the page history and the version attached to the name.

Obviously when I find a spammed page I can take a look at the RED user revisions and block as required.

If it is the spambot stuff I select: Block, other, 1 year ban, other and put spambot in the other box. Then select block.

I'm hoping this new wiki software can really block the same IP.

Tux 07:43, 26 September 2007 (EDT)

What is this Spambot of which you speak? Is that captcha that is mentioned in the forum likely to be of use here? Have you discovered how dz can turn off anonymous editing? I'm going to have to spend some serious homework time on those manuals. I also need to learn how to edit with style! Lots to do!.Tux 12:27, 27 September 2007 (EDT)

Did you read my post at OESF:AN#The_Robot_Wars and the web pages linked there? I think there are a couple of captcha mechanisms being talked about. One is already in place in the forum user registration process, and it is preventing spambots from getting wiki ID's created through the linkage between forum user registration and the wiki. Another captcha we've been talking about is a MediaWiki extension Dz will try to install this weekend. It will have a more direct impact on the wiki as it can be configured to check user registrations or edits by all or a subset of users. -- Meyer (talk) 13:03, 27 September 2007 (EDT)

I expect you've already found the enhanced (javascript) Recent Pages option. I've just started using it. I've also put a Delete pages and a Banned Users thread in the OESF WIKI forum. Hope they'll be useful.Tux 15:52, 28 September 2007 (EDT)

Do you mean something other than the "Recent changes" link in the navigation box in the upper left-hand corner of each page? -- Meyer (talk) 22:27, 30 September 2007 (EDT)

No,I think it is an option in preferences?--Tux 04:23, 1 October 2007 (EDT)

Found it. Thanks. Looks interesting. -- Meyer (talk) 04:32, 1 October 2007 (EDT)

Gibberbots

They are finding their way back. At the moment these little creatures are just putting gibberish in. We really do need anonymous editing turned off!--Tux 18:03, 30 September 2007 (EDT)

Yes, indeed. I'll comment in the forum. -- Meyer (talk) 22:27, 30 September 2007 (EDT)

These bots/people are now producing new pages. We really do need anonymous editing turned off, at least for now!--Tux 18:11, 1 October 2007 (EDT)

There is no form of captcha on the registration as yet! I know because I registered user Bogus!!! You and I can't remove users can we? I suppose it would have to be done with database queries and commands, sounds like a job for dz! --Tux 18:16, 1 October 2007 (EDT)

I haven't heard for dz, but I think he hasn't completed all the wiki work he planned for the weekend. If ConfirmEdit and the other measures have been set up correctly and there's no reduction in spam, I agree that disallowing anonymous posts is the next step. But you have to admit that whatever it was about the MediaWiki upgrade, we are getting less spam now than with the old version.

I haven't seen any way for mere administrators to delete user records, but I wouldn't worry about it too much. As long as there's no user page created I don't think user records take up too much database space. Eventually some user may want to register as "Bogus" or "Spambot", but we can cross that bridge when we come to it.

-- Meyer (talk) 19:27, 1 October 2007 (EDT)

Hi guys, just wondered if we can find the sources to one of these bots and work out what their algorithm is, then make it more difficult for it to work ? For example, if they always sign up with a user name of letter-letter-number, say, then we can automatically ban all users with that login etc etc. Koan 08:24, 10 October 2007 (EDT)

Hi, Koan. Actually, dz was supposed to be installing some extensions to the wiki to automatically block most of the spam. They might be effective against gibberish posts, too. dz was supposed to do the work last weekend but I haven't heard anything from him. -- Meyer (talk) 13:42, 10 October 2007 (EDT)

Thanks for helping out with the War Against Spam, Koan. Please feel free to delete any gibberish or spam you see in the wiki. Tux and I will follow-up with user blocks and page deletes as appropriate. … I am still holding out hope that the planned wiki extensions will cut way down on spam posts, but if it doesn't we should probably introduce formal processes for ordinary editors like Koan to request blocks on spamming users or deletion of nothing-but-spam pages. I think we can probably get policy ideas and import some templates from Wikipedia. -- Meyer (talk) 01:18, 11 October 2007 (EDT)

Hi Meyer, your shift seems to be getting more spam hits at the moment I see. I found one page I was looking at seemed to be a favourite target and I protected it. I don't know whether that would be a useful tactic for you? I will try and do as you and Koan are doing and see if some pruning and tidying up would make the place more usable.

Hi, yeah, it's probably sensible to pursue the extensions rather than reverse engineering code, at this time anyway! Koan 22:58, 11 October 2007 (EDT)

• I have sent a message to dz asking how things are going. No reply as yet.-Tux 03:36, 11 October 2007 (EDT)

dz's tilde:-

Thanks Meyer, didn't realise the tilde was genuine! What does it do?--Tux 18:06, 6 October 2007 (EDT)

I don't know. Perhaps dz intended it as a place-holder instead of a real user page just to keep his signature link from being red. -- Meyer (talk) 02:00, 7 October 2007 (EDT)

Request to Delete or Rename pages

Hi Meyer, I was considering deleting a page that I thought was redundant. I also thought about taking the content of a page and putting it in a new one with a correctly spelled title. In other words a title change. Is there a clever way of changing the title?

Regardless, I did wonder if making a page for people to ask for title changes and page deletions and for discussion of the same might be a good idea?-Tux 06:16, 10 October 2007 (EDT)

Feel free to delete redundant pages. There is a move tab at the top of each page that automates a lot of the process. Feel free to use it to move pages to correctly spelled or otherwise more appropriate titles. I don't think a separate discussion page is necessary since these are changes registered users can make on their own and we should encourage them to edit boldly, as the Wikipedia saying goes, instead of thinking they have to ask us to do routine article maintenance. Page deletions and moves are reversible if anyone makes a mistake. -- Meyer (talk) 13:47, 10 October 2007 (EDT)

Message from Roy

Hi Dave, just got a pm from Roy over on the forums. Did he copy to you? Suggestion that he gives us ftp and shell access so that 'we' could do the captcha etc. I put 'we' in quotes because we both know I don't have a clue!. Let me know what you think and what is happening!-Tux 06:31, 12 October 2007 (EDT)

Hi again, I pm'd you on this. Suggest 'we' accept-Tux 15:41, 12 October 2007 (EDT)

Recent Spamming

Hi Meyer, take a look back at my activities with Talk:6000 Rom. You'll notice I cleared some spam and protected the page against unregistered users. Yet apparently it was spammed again, You then deleted it. But as you can see it is back! Koan just removed spam from it.

When I have more time I'll look more closely at the page history. It looks like protection is not working properly or there is some registered editor putting this in. I don't mean a real person, I mean a registered spambot!

Have you managed to get near the php.ini file (whatever it is called) yet?

Cheers-Tux 05:14, 19 October 2007 (EDT)

Protection versus page deletion

Hi Meyer, you'll have noticed that some pages seem to get 'targeted' for creation/re-creation and then spamming. Some of them are legitimate pages, e.g. talk pages for genuine pages, so I thought I'd try the rollback protect route and see if that helps. I should have talked to you about it earlier but seeing the latest page deletion of a page that turns up in the logs quite frequently I overcame my inertia!

I've put your 'work-list' page on my watch list and I'll try and follow along. I must say that it must be frustrating when you do the changes and it doesn't want to take notice! The really annoying thing is that these seem to be exactly the changes we need/want and that work elsewhere! I'll do my best to get up to speed and be a help instead of just a cheerleader.(If the thought of me in cheerleader costume doesn't cheer you up..nothing will!)

-Tux 05:34, 23 October 2007 (EDT)

I have noticed the same thing, the same page title being created periodically by a spambot. Although I don't like leaving blank pages in the database, I think your approach of protecting them after de-spamming is the only tactic we have available right now. Sorry I haven't made any breakthroughs on the new configuration problems, but I will keep looking. Thanks for leading the cheers. -- Meyer (talk) 13:52, 23 October 2007 (EDT)

Main Page Protection

I have altered the protection on the main page. Users have to be logged in to edit though! -Tux 13:03, 2 November 2007 (EDT)

Proxy Problem?

Hi Meyer, saw the message from gaarder. I suggest thinking about what Bad Behaviour picks upon, rather than the spam blacklist thing. See the url and report I have pasted in.

203.198.178.241 (contribs) blocked 14 times, last was 2007-11-05 05:38:18

The url is the one that shows on his post to you at the forum. Might it be a user agent problem with his corporate proxy?

Yes, I think that's it. I didn't realize it before, but the error message he posted on the forum is being pulled from the Bad Behavior home site.

This raises the questions:

1. What is the security risk to the wiki of this problem Bad Behavior is blocking?
2. Is it technically possible to relax this one restriction without uninstalling Bad Behavior?
3. Should we reconfigure our anti-spam security for the sake of one user, even though there are measures that could be taken on his side to correct the problem?

-- Meyer (talk) 13:19, 6 November 2007 (EST)

If you can identify the 'wrongness' of his proxy you could let him know in the thread or by pm and see if he can get his IT staff to sort it out. Perhaps he knows what the insecurity problem is for the wiki.? He does say that he runs mediawikis in the post where he recommended some antispam ideas. I do note that traceroute gives what looks like a legitimate commercial group, quite a large operation, when I feed the IP in. That top of the BadBehaviour league,89.149.253.21, leads to internetservice team. Some dubious comments appear when you Google for them. -Tux 18:58, 6 November 2007 (EST)

I don't know anything more about the problem than is contained in the page gaarder quoted in his original post. His company's proxy server is doing something to corrupt the request, at least in Bad Behavior's eyes.

Today I finally had a chance to look through the Bad Behavior code. Unfortunately, I could find no trace of where this error is being generated, so I still have no clue how to tune or remove the check short of removing Bad Behavior completely. Going farther is going to take more time going through the PHP and trying to consult with the author.

I am of two minds on whether or not it is worthwhile to pursue this further. Reasons to pursue:

1. I think it's strange for Bad Behavior to be screening clients trying to read the wiki. The purpose of putting in Bad Behavior and the others was to prevent undesirable content getting into the wiki. I'm happy for anyone to get information out of the wiki who wants it.
2. It may be useful in the future to understand better the internals of Bad Behavior in case we need to do further tuning.
3. I sympathize with someone trapped behind paranoid and inflexible corporate security policy.

Reasons to not pursue:

1. gaarder's company's proxy may be innocent, but if the request problem Bad Behavior is detecting is exploitable by spammers or other undesirables, I don't want to lower our defenses.
2. I don't like the idea of changing our configuration to compensate for something that should be fixed on the client or proxy.
3. gaarder is the only one who's complained.
4. gaarder has not cared enough to follow up on the questions I put to him in the thread he initiated on this problem.
5. gaarder may be able to access the wiki from his home computer.

What do you think?

-- Meyer (talk) 08:04, 10 November 2007 (EST)

Hi Meyer,

I suspect there is something about the way his company's proxy is configured that is triggering the block. I've not seen anything about BadBehaviour that says anything about blocking reading the wiki. Surely it only attempts to stop writing from dubious sources.

The detailed log for his ip just says something about using a proxy server. Does he actually say what he was attempting to do? maybe proxy editing is blocked?

All that you and I are saying is pointless without further input from gaarder. You need more details of the activity that was blocked. i suppose we could ask someone who is using a proxy to see what happens to them?

I think I'll post asking him for more details? I'll do it now and see what happens. Let's wait for a response...-Tux 18:14, 10 November 2007 (EST)