PersonalScienceWiki:Spam

From Personal Science Wiki
Jump to navigation Jump to search

Preventing and removing spam is an ongoing issue. This page documents our spam prevention measures, as well as the standard actions we like to take when removing spam content.

Spam removal[edit | edit source]

Spam accounts[edit | edit source]

Depending on the frequency of the spam account creation it can be useful to either block individual users or use a mass-hiding of spam users instead.

Blocking individual users[edit | edit source]

The Block user form should be used to inactivate spam accounts. Spam accounts are assumed to be malicious and are blocked to remove all privileges.

A pre-filled username for this form is available in some contexts (e.g. account creation logs). Once the form is open, blocking is done with the following settings. (Non-default options are in bold.)

  • Block: Editing (sitewide)
  • Block: Account creation
  • Block: Sending email
  • Block: Editing their own talk page
  • Expiration: indefinite
  • Reason: Other (default)
  • Additional options: Automatically block the last IP address
  • Additional options: Hide username from edits and lists

After prompt:

  • Confirm block

A confirmation prompt is necessary to hide history when blocking. We prefer to hide history to reduce the visibility of spam and spam accounts (e.g. on the "recent changes" page).

On the block succeeded page: you can click the username to check for any spam contributions that may require additional clean-up.

Hiding large number of spam accounts[edit | edit source]

The User creation log can be used to manually select a larger number of users and hide the account creations to not clutter the log files. This is particular useful for spam accounts which were created but that never managed to post spam due to successfully blocks by the spam prevention measurements outlined below.

Spam content[edit | edit source]

There are two extensions installed that help identifying and deleting spam:

  1. The SmiteSpam extension identifies potential spam contributions and allows mass-selecting users and their contributions. Contributions can then be deleted and the corresponding users be blocked.
  2. The Nuke extension allows for mass-deleting contributions of given users that have spammed. This is mostly useful for cases where SmiteSpam failed to identify the spam-contributions.

Spam prevention[edit | edit source]

Based on advice from Mediawiki documentation, the wiki is using captchas, DNS and IP-based deny-lists, and regex-based edit blocking to reduce spam.

Captchas[edit | edit source]

The wiki is set up to use ConfirmEdit and hCaptcha to require completing a CAPTCHA challenge to take some actions on the wiki.

The configuration is currently using the defaults: a CAPTCHA is required for the following actions:

  • 'addurl' - any edit that a URL
  • 'createaccount' - account creation
  • 'badlogin' - after a failed login attempt

With the exception of the following user groups:

  • 'bot' - any registered bots
  • 'sysop' - admin user accounts

DNS and IP deny-lists[edit | edit source]

The wiki is configured to check DNS-based blacklists for some wiki actions. The default setting (applied to 'createaccount') has been expanded to apply to 'create', 'createtalk', 'addurl', and 'edit'.

The StopForumSpam extension has been installed and configured to apply IP-based blocks.

Regex-based blocking[edit | edit source]

The SpamBlacklist extension blocks edits that contain content that matches admin-defined regular expressions. These can be updated at MediaWiki:Spam-blacklist.

Retrieved from "https://wiki.openhumans.org/index.php?title=PersonalScienceWiki:Spam&oldid=4464"