81
edits
Changes
Jump to navigation
Jump to search
Summarize current practices and set-up for preventing and handling spam
Preventing and removing spam is an ongoing issue. This page documents our spam prevention measures, as well as the standard actions we like to take when removing spam content.
== Spam removal ==
=== Spam accounts ===
The [[Special:Block|Block user form]] should be used to inactivate spam accounts. Spam accounts are assumed to be malicious and are blocked to remove all privileges.
A pre-filled username for this form is available in some contexts (e.g. account creation logs). Once the form is open, blocking is done with the following settings. (Non-default options are in bold.)
* Block: Editing (sitewide)
* Block: Account creation
* '''Block: Sending email'''
* '''Block: Editing their own talk page'''
* '''Expiration: indefinite'''
* Reason: Other (default)
* Additional options: Automatically block the last IP address
* '''Additional options: Hide username from edits and lists'''
After prompt:
* '''Confirm block'''
A confirmation prompt is necessary to hide history when blocking. We prefer to hide history to reduce the visibility of spam and spam accounts (e.g. on the "recent changes" page).
On the block succeeded page: you can click the username to check for any spam contributions that may require additional clean-up.
=== Spam content ===
''Add notes regarding page deletion and edit clean-up.''
== Spam prevention ==
Based on advice from [https://www.mediawiki.org/wiki/Manual:Combating_spam Mediawiki documentation], the wiki is using captchas, DNS and IP-based deny-lists, and regex-based edit blocking to reduce spam.
=== Captchas ===
The wiki is set up to use [https://www.mediawiki.org/wiki/Extension:ConfirmEdit ConfirmEdit and hCaptcha] to require completing a CAPTCHA challenge to take some actions on the wiki.
The configuration is currently using the defaults: a CAPTCHA is required for the following actions:
* 'addurl' - any edit that a URL
* 'createaccount' - account creation
* 'badlogin' - after a failed login attempt
With the exception of the following user groups:
* 'bot' - any registered bots
* 'sysop' - admin user accounts
=== DNS and IP deny-lists ===
The wiki is configured to [https://www.mediawiki.org/wiki/Manual:$wgEnableDnsBlacklist check DNS-based blacklists] for some wiki actions. The default setting (applied to 'createaccount') has been expanded to apply to 'create', 'createtalk', 'addurl', and 'edit'.
The [https://www.mediawiki.org/wiki/Extension:StopForumSpam StopForumSpam] extension has been installed and configured to apply IP-based blocks.
=== Regex-based blocking ===
The [https://www.mediawiki.org/wiki/Extension:SpamBlacklist SpamBlacklist] extension blocks edits that contain content that matches admin-defined regular expressions. These can be updated at [[MediaWiki:Spam-blacklist]].
== Spam removal ==
=== Spam accounts ===
The [[Special:Block|Block user form]] should be used to inactivate spam accounts. Spam accounts are assumed to be malicious and are blocked to remove all privileges.
A pre-filled username for this form is available in some contexts (e.g. account creation logs). Once the form is open, blocking is done with the following settings. (Non-default options are in bold.)
* Block: Editing (sitewide)
* Block: Account creation
* '''Block: Sending email'''
* '''Block: Editing their own talk page'''
* '''Expiration: indefinite'''
* Reason: Other (default)
* Additional options: Automatically block the last IP address
* '''Additional options: Hide username from edits and lists'''
After prompt:
* '''Confirm block'''
A confirmation prompt is necessary to hide history when blocking. We prefer to hide history to reduce the visibility of spam and spam accounts (e.g. on the "recent changes" page).
On the block succeeded page: you can click the username to check for any spam contributions that may require additional clean-up.
=== Spam content ===
''Add notes regarding page deletion and edit clean-up.''
== Spam prevention ==
Based on advice from [https://www.mediawiki.org/wiki/Manual:Combating_spam Mediawiki documentation], the wiki is using captchas, DNS and IP-based deny-lists, and regex-based edit blocking to reduce spam.
=== Captchas ===
The wiki is set up to use [https://www.mediawiki.org/wiki/Extension:ConfirmEdit ConfirmEdit and hCaptcha] to require completing a CAPTCHA challenge to take some actions on the wiki.
The configuration is currently using the defaults: a CAPTCHA is required for the following actions:
* 'addurl' - any edit that a URL
* 'createaccount' - account creation
* 'badlogin' - after a failed login attempt
With the exception of the following user groups:
* 'bot' - any registered bots
* 'sysop' - admin user accounts
=== DNS and IP deny-lists ===
The wiki is configured to [https://www.mediawiki.org/wiki/Manual:$wgEnableDnsBlacklist check DNS-based blacklists] for some wiki actions. The default setting (applied to 'createaccount') has been expanded to apply to 'create', 'createtalk', 'addurl', and 'edit'.
The [https://www.mediawiki.org/wiki/Extension:StopForumSpam StopForumSpam] extension has been installed and configured to apply IP-based blocks.
=== Regex-based blocking ===
The [https://www.mediawiki.org/wiki/Extension:SpamBlacklist SpamBlacklist] extension blocks edits that contain content that matches admin-defined regular expressions. These can be updated at [[MediaWiki:Spam-blacklist]].