Folks,
As many people will know, the RubyGarden wiki
(http://www.rubygarden.org/ruby) has been under constant spam attacks for
a while now. Does anyone have any idea how to prevent these attacks?
Cheers,
Gavin
"Gavin Sinclair" <gsinclair@soyabean.com.au> schrieb im Newsbeitrag
news:42377.129.78.228.114.1089019858.squirrel@webmail.imagineis.com...
Folks,
As many people will know, the RubyGarden wiki
(http://www.rubygarden.org/ruby\) has been under constant spam attacks
for
a while now. Does anyone have any idea how to prevent these attacks?
Better login / authentication? OTOH, the problem is, that Wiki's are
meant to be extended and filled by anybody - so there's a certain conflict
between openness and security...
Kind regards
robert
add a uman detection system on the edit page. Mothing fancy, just
soemthing like "what color Napoleon's white horse was?" and a text
box. Real users answer the question, spambot don't.
···
il Mon, 5 Jul 2004 18:31:12 +0900, "Gavin Sinclair" <gsinclair@soyabean.com.au> ha scritto::
Folks,
As many people will know, the RubyGarden wiki
(http://www.rubygarden.org/ruby\) has been under constant spam attacks for
a while now. Does anyone have any idea how to prevent these attacks?
Hello,
As many people will know, the RubyGarden wiki
(http://www.rubygarden.org/ruby\) has been under constant spam attacks for
a while now. Does anyone have any idea how to prevent these attacks?
Do the spam attacks seem come from the same set of individuals, or are spammers in general looking for wikis with high Page Ranks?
I have sneaky ideas on how to deal with the former. Once you've identified a vandal, instead of denying access you automate a process of quietly discarding their edits in a way that is hard to notice and that wastes their time.
The latter is bothersome -- you might need to setup the same sort of "enter the number in the image" process as network solutions, ebay, etc.
Cheers,
Patrick
···
On Monday, July 5, 2004, at 05:31 AM, Gavin Sinclair wrote:
Yes. Alter the engine so that external URLs go to a non-indexed-by-
search-engines "leaving the site" page. It effectively kills any
pagerank that adding a link would add to the linkee. That's both good
and bad, but it's a short-term solution.
It may be that a simple HTTP redirect script would work, too, but I'm
not sure.
Ari
···
On Mon, 2004-07-05 at 18:31 +0900, Gavin Sinclair wrote:
Folks,
As many people will know, the RubyGarden wiki
(http://www.rubygarden.org/ruby\) has been under constant spam attacks for
a while now. Does anyone have any idea how to prevent these attacks?
Patrick May wrote:
[snip]
The latter is bothersome -- you might need to setup the same sort of "enter the number in the image" process as network solutions, ebay, etc.
FWIW, I've got a CAPTCHA library on rubyforge that does just this. As long as you've got the freetype and gd libraries installed, it should just drop right in.
http://rubyforge.org/projects/captcha
···
--
Jamis Buck
jgb3@email.byu.edu
http://www.jamisbuck.org/jamis
ruby -ropenssl -e'k="01234567";p((c,c.padding,c.iv,c.key=OpenSSL::Cipher::BF.new,0,k,k*2)[0].decrypt.update("1A81803C452C324619D319F980D5B84DBB45FC0FE2BAA045".scan(/../).map{|n|n.to_i(16).chr}.join))'
On Tue, Jul 06, 2004 at 01:43:34AM +0900, Aredridel scribed:
> Folks,
>
> As many people will know, the RubyGarden wiki
> (http://www.rubygarden.org/ruby\) has been under constant spam attacks for
> a while now. Does anyone have any idea how to prevent these attacks?Yes. Alter the engine so that external URLs go to a non-indexed-by-
search-engines "leaving the site" page. It effectively kills any
pagerank that adding a link would add to the linkee. That's both good
and bad, but it's a short-term solution.It may be that a simple HTTP redirect script would work, too, but I'm
not sure.
This removes the long term incentive, but the spammers can't
be counted on to realize that their spam isn't effective... just
as they don't care about filling my mailbox, even though I'll never
click.
The capcha solution seems like the most preferable way to go
about it. Just make sure it has an alternative non-visual captcha
for the visually impaired.
-Dave
···
On Mon, 2004-07-05 at 18:31 +0900, Gavin Sinclair wrote:
--
work: dga@lcs.mit.edu me: dga@pobox.com
MIT Laboratory for Computer Science http://www.angio.net/
On Tue, Jul 06, 2004 at 01:43:34AM +0900, Aredridel scribed:
> > Folks,
> >
> > As many people will know, the RubyGarden wiki
> > (Captcha) has been under constant spam attacks for
> > a while now. Does anyone have any idea how to prevent these attacks?
>
> Yes. Alter the engine so that external URLs go to a non-indexed-by-
> search-engines "leaving the site" page. It effectively kills any
> pagerank that adding a link would add to the linkee. That's both good
> and bad, but it's a short-term solution.
>
> It may be that a simple HTTP redirect script would work, too, but I'm
> not sure.This removes the long term incentive, but the spammers can't
be counted on to realize that their spam isn't effective... just
as they don't care about filling my mailbox, even though I'll never
click.
I'm not sure. It seems to have effectively cut down on link-spam in a
blog I visted this morning. It's hard to tell, though, with the editing.
They do post that they've done so, though.
The capcha solution seems like the most preferable way to go
about it. Just make sure it has an alternative non-visual captcha
for the visually impaired.
I'd only go Capcha if the other failed, though.
Ari
···
On Tue, 2004-07-06 at 06:32 +0900, David G. Andersen wrote:
> On Mon, 2004-07-05 at 18:31 +0900, Gavin Sinclair wrote: