The MeFi Wiki appears to be spammed, Captain. January 9, 2006 10:07 AM   Subscribe

The MeFi Wiki appears to be spammed, Captain.
posted by wheelieman to Bugs at 10:07 AM (31 comments total)

Sure does.
posted by Mijo Bijo at 10:12 AM on January 9, 2006


Was it done anonymously? Let's nail them.
posted by driveler at 10:12 AM on January 9, 2006


The ironic thing is I was just looking at the drama (queen) that happened last year around this time and maybe this is to commenerate this.
posted by wheelieman at 10:14 AM on January 9, 2006


Just because you asked nicely, I reverted it.
posted by Captain_Tenille at 10:18 AM on January 9, 2006


The Wiki gets spammed pretty much every damn day. Some of us (read: 99% Richard P) are on the case reverting the spam on a regular basis.
posted by Gator at 10:18 AM on January 9, 2006


*me begins commenerating with a flourish*
posted by cortex at 10:20 AM on January 9, 2006


"*me..."? Emote collision!
posted by cortex at 10:20 AM on January 9, 2006


There isn't a way to lock it down? Additions by committee maybe?
posted by Mijo Bijo at 10:23 AM on January 9, 2006


Mijo Bijo: "There isn't a way to lock it down? Additions by committee maybe?"

Now that's the wiki way!
posted by Plutor at 10:25 AM on January 9, 2006


For whatever reason, the mefi wiki seems particularly vulnerable to spam. If you look at the recent changes, 99% are spam, followed by cleanup by the RichardP bot.
posted by monju_bosatsu at 10:35 AM on January 9, 2006


It's pretty ludicrously easy to write a bot that spams open wikis. (I would be more subtle if I were them. )
posted by smackfu at 10:42 AM on January 9, 2006


Why not change the wiki hostname to wiki.metafilter.com -- easy enough to do since you control the DNS -- and then tweak the wiki code to test for the metafilter.com domain cookie. That way only logged-in metafilter users would be able to edit pages.

Net result: either no spam, or spammers pay $5/incident, since you'll be able to kill their account if they do it. Sounds like win/win to me.
posted by George_Spiggott at 12:29 PM on January 9, 2006


since you control the DNS

I should have phrased that "since you control the metafilter.com zone file".
posted by George_Spiggott at 12:31 PM on January 9, 2006


(And the "you" in this case refers to Matt, of course.)
posted by George_Spiggott at 12:32 PM on January 9, 2006


But what if I happen to like megabustybimbos.com?
posted by JeffK at 12:36 PM on January 9, 2006


since you control the DNS

we control the horizontal.
we control the vertical.
posted by keswick at 12:41 PM on January 9, 2006


Beam me up, Scotty
I control your body.
As deadly as AIDS,
been known to rock a party.
posted by klangklangston at 12:48 PM on January 9, 2006


The wiki isn't actually run by Matt - it's on adrianhon's server. It's a great resource and RichardP is doing a sterling revert job but I can't help feeling that it's unnecessary effort. Some form of user authentication would save the poor chap from going slowly mad...
posted by blag at 1:14 PM on January 9, 2006


you know, it really wouldn't. any authentication would either a) make it no longer a wiki (say, if we went the "only 2 people may edit this. mathowie and richardp" way)
b) be easily circumventible. if people will spend $5 to self link a whopping once or twice before earning bannination, they'll certainly spend it to spam a wiki every day until they get banned, too.
posted by shmegegge at 1:21 PM on January 9, 2006


But wikispamming is done by bots rather than humans, right? Making it registration only is a pretty reasonable solution.
posted by Firas at 1:30 PM on January 9, 2006


Yeah, the current spam problem seems to be just bot-related. I'd bet that even a capchta or similar would get rid of 90% of the problem.
posted by blag at 1:39 PM on January 9, 2006


Even easier than that. The TV Tropes Wiki used to have quite a problem with spamming too. So it instituted a password--which is given right in the instructions on the login form. No spamming problems since, AFAIK.
posted by DevilsAdvocate at 1:51 PM on January 9, 2006


blag: I think the reverting is done automagically, so no-one is going mad doing it.
posted by beniamino at 1:58 PM on January 9, 2006


The TV Tropes Wiki idea is genius!
posted by pithy comment at 1:58 PM on January 9, 2006


blag, thanks for the info. The fact that the wiki's on RichardP's server wouldn't rule out making it part of the metafilter.com domain if he were willing. You can create a virtual host under apache (for example) and make it apparently part of one domain and everything else on that same machine some other domain.

And yes, I know from experience that even an obvious password, spelled out under the users nose, will foil spambots -- provided that the way you spell it out isn't standardized. If a bot knows where to expect the password in the HTML stream it can scrape it and use it. (Which is why MovableType can't distribute this simple trick to prevent comment spam -- Bot authors would catch up with it i no time. ) But if the site owner hand-edits the page to display the password in their own idiosyncratic way then a bot can't use it.
posted by George_Spiggott at 2:45 PM on January 9, 2006


beniamino writes 'blag: I think the reverting is done automagically, so no-one is going mad doing it.'

Good grief. He's fighting spam all over the internets. Jolly good show.
posted by blag at 5:26 PM on January 9, 2006


Are my ears burning? blag was kind enough to send me an e-mail to bring this thread to my attention. As blag mentioned upthread, I don't actually operate the MetaFilter wiki. It's hosted and operated by Adrian Hon, but he has been kind enough to grant me admin privileges to the wiki (but not the server). Most of the despamming is actually done by my anti-wikispam bot, called WikiMinion. It reverts spam on dozens of wikis, including the MetaFilter wiki. It operates largely autonomously, but I do check on it once a day (or so) to update its database and to make sure hasn't gone berserk.
posted by RichardP at 7:33 PM on January 9, 2006


You could just add some sort of captcha to the wiki.

With a hole of some sort for the previously mentioned Minion, of course.
posted by graventy at 6:23 AM on January 10, 2006


We're quick to whine and moan when things here don't work but, apparently, not so quck to praise and thank those who keep things working. So much of what works on the Internet does so because people take it upon themselves to help without expecting any compensation or recognition or expressed appreciation. It's nice to be able to identify one of those silent helpers and be able to say thanks. Thanks RichardP for your bot and your efforts on our behalf.
posted by TimeFactor at 12:12 PM on January 10, 2006


Indeed. Seconded.
posted by blag at 2:01 PM on January 10, 2006


I'm happy to do the password thing if it's clear that it would prevent a lot of the spamming and it isn't too troublesome to implement. It'd probably save me some bandwidth and diskspace, at least (not that I am in danger of running out, but still). I will probably have a chat with the ever-helpful RichardP about this via email soon.
posted by adrianhon at 4:27 PM on January 10, 2006


« Older People are derailing this perfectly decent...   |   I've tweaked the way subdomains work on MetaFilter... Newer »

You are not logged in, either login or create an account to post comments