• Welcome to NIWA Community Forums.
 

Icaruspedia under Attack!

Started by Anothrgamer1234, August 22, 2012, 04:50:05 AM

Previous topic - Next topic

Anothrgamer1234

Icaruspedia has run into a huge problem with spambots. We've blocked nearly 1,000 of them over the past 2 months and they still keep coming faster than we can block them. We don't have e-mail confirmation or autoconfirmation active; we would do so, but the administrator who normally does much of our technical work has been inactive for a very long time and none of the other administrators (including myself) know how to implement the extensions required for it. What should we do in this situation?

FlyingRagnar

#1
Well, let's not all answer at once NIWA admins.  :(

This thread might be helpful: http://www.niwanetwork.org/forums/index.php?topic=1061.0

I noticed that for Icaruspedia, you have the ConfirmEdit active for account creation.  This is good, but humans and bots seem to have found a way around this.  Either due to humans actively doing the spamming or programming a bot that can figure out the capture.  Dragon Quest Wiki has the same problems. 

From my point of view here are the options. 

1) Let them spam and just delete it and block their accounts.  This requires more input by admins, but allows you to keep registration open and useful for real users.
2) Change your autoconfirm age to be longer and only allow autoconfirmed users to create pages (and possibly edit).  Spammers rarely want to sign up and come back later.
3) Turn off account creation.  Create a page with an email address that users can email to have an account created for them.  This is drastic, but I've seen it done on other wikis before when they just don't have time to deal with the spam.

http://www.mediawiki.org/wiki/Manual:Configuration_settings

This page details how to adjust many of the wiki settings.  Hopefully you have server access, otherwise you won't be able to do anything. 

Greenpickle

Quote from: FlyingRagnar on August 28, 2012, 01:34:01 PM(and possibly edit)

Don't you normally have to have a number of edits to be autoconfirmed?

FlyingRagnar

#3
The default value is 0, so no.  You can change it though if desired.  You can configure it to need time, edits, or both to be autoconfirmed.

http://www.mediawiki.org/wiki/Manual:$wgAutoConfirmCount
http://www.mediawiki.org/wiki/Manual:$wgAutoConfirmAge

One other thing I've noticed is that the spam rarely happens on existing pages.  This suggests a bot doing it, since for different wikis you cannot rely on the same page existing or on being able to create a page immediately after account creation.  This is why most of the spam is on newly created user pages.  This is true for Dragon Quest Wiki where you can anonymously edit any page by filling in a capture confirmation, yet there is never vandalism using this.

Greenpickle


Anothrgamer1234

Quote from: FlyingRagnar on August 28, 2012, 01:34:01 PM
Well, let's not all answer at once NIWA admins.  :(

This thread might be helpful: http://www.niwanetwork.org/forums/index.php?topic=1061.0

I noticed that for Icaruspedia, you have the ConfirmEdit active for account creation.  This is good, but humans and bots seem to have found a way around this.  Either due to humans actively doing the spamming or programming a bot that can figure out the capture.  Dragon Quest Wiki has the same problems. 

From my point of view here are the options. 

1) Let them spam and just delete it and block their accounts.  This requires more input by admins, but allows you to keep registration open and useful for real users.
2) Change your autoconfirm age to be longer and only allow autoconfirmed users to create pages (and possibly edit).  Spammers rarely want to sign up and come back later.
3) Turn off account creation.  Create a page with an email address that users can email to have an account created for them.  This is drastic, but I've seen it done on other wikis before when they just don't have time to deal with the spam.

http://www.mediawiki.org/wiki/Manual:Configuration_settings

This page details how to adjust many of the wiki settings.  Hopefully you have server access, otherwise you won't be able to do anything.

Unfortunately, the only administrator with server access is the one who I said was absent. We're forced to block them maually at the moment, which seems to have stabilized it at the expense of driving off real users (by way of flooding the Recent Changes list with endless deletions and blockings). Unless he comes back, we have no way of implementing any of the solutions listed above. If there's another way to grant an administrator server access, let me know as soon as possible.

The spam is definitely coming from bots- if it's supposed to be advertising something, it's impossible to tell. The spam pages are almost always incoherent, frequently written in foreign languages (most often Chinese- perhaps that's where the spam is coming from, as news about current events in China seem to appear a lot within the spam), and inexplicably features long passages copied from Twilight. Regardless of the source, it's certainly persistent- we've blocked well over 1000 spambots by now with more on the way every minute.

Greenpickle

Is that admin the server owner, then (Maxite, apparently)?  To fix the 'at the expense of driving off real users (by way of flooding the Recent Changes list with endless deletions and blockings)', just do all the blocks and deletions using a bot account, then they won't show up in RC by default.

Until you have server access, I don't think there's much you can do.  Perhaps putting together a bot to fight it off automatically would make things easier, though it's a little ambitious...

While I was poking around, I made an account and noticed a couple of things:

  • The link to the captcha help page from the create account page doesn't work.
  • When you're logged in, the logo is over your user page link, so you can't click it (easiest way is to click on talk, drag off and release to avoid following it, then shift-tab, enter).  This happens for a browser width around 1250px and below for me.

Anothrgamer1234

Quote from: Greenpickle on August 29, 2012, 07:03:36 PM
Is that admin the server owner, then (Maxite, apparently)?  To fix the 'at the expense of driving off real users (by way of flooding the Recent Changes list with endless deletions and blockings)', just do all the blocks and deletions using a bot account, then they won't show up in RC by default.

Until you have server access, I don't think there's much you can do.  Perhaps putting together a bot to fight it off automatically would make things easier, though it's a little ambitious...

While I was poking around, I made an account and noticed a couple of things:

  • The link to the captcha help page from the create account page doesn't work.
  • When you're logged in, the logo is over your user page link, so you can't click it (easiest way is to click on talk, drag off and release to avoid following it, then shift-tab, enter).  This happens for a browser width around 1250px and below for me.

Yes, Maxite is the admin who owns the server. We're trying to get in contact with him, but we've had no success. I'll let the others know about you're suggestion, though. Perhaps fighting fire with fire (or bots with other bots) might be a good way of coping with it for now.

Anothrgamer1234

Sorry to necropost- just have a quick update. There's still no sign of Maxite around and the spambots still keep coming- yesterday 40 of them all became active at once, which was a nightmare to deal with. Luckily it looks like some human users are starting to come to the site, and with some luck we might be able to keep the spambots contained until we can get a real solution for them.

I have noticed something strange about their behavior, though- after creating their accounts, they suddenly go dormant for a few days before rapidy adding spam to their userpages. What could be causing that?

Greenpickle

I guess it just depends how the thing creating them works.  Maybe it does a few days of account-creating on various sites, then starts spamming with them.

Don't question the logic of spammers.

KidIcarus

Hahaha! It's like a battle. You're Palutena's army fighting against the Eggplant Wizards. Just perservere and do what Pit would do