The MeFi Wiki appears to be spammed, Captain. January 9, 2006 10:07 AM Subscribe
The MeFi Wiki appears to be spammed, Captain.
The ironic thing is I was just looking at the drama (queen) that happened last year around this time and maybe this is to commenerate this.
posted by wheelieman at 10:14 AM on January 9, 2006
posted by wheelieman at 10:14 AM on January 9, 2006
Just because you asked nicely, I reverted it.
posted by Captain_Tenille at 10:18 AM on January 9, 2006
posted by Captain_Tenille at 10:18 AM on January 9, 2006
The Wiki gets spammed pretty much every damn day. Some of us (read: 99% Richard P) are on the case reverting the spam on a regular basis.
posted by Gator at 10:18 AM on January 9, 2006
posted by Gator at 10:18 AM on January 9, 2006
There isn't a way to lock it down? Additions by committee maybe?
posted by Mijo Bijo at 10:23 AM on January 9, 2006
posted by Mijo Bijo at 10:23 AM on January 9, 2006
Mijo Bijo: "There isn't a way to lock it down? Additions by committee maybe?"
Now that's the wiki way!
posted by Plutor at 10:25 AM on January 9, 2006
Now that's the wiki way!
posted by Plutor at 10:25 AM on January 9, 2006
For whatever reason, the mefi wiki seems particularly vulnerable to spam. If you look at the recent changes, 99% are spam, followed by cleanup by the RichardP bot.
posted by monju_bosatsu at 10:35 AM on January 9, 2006
posted by monju_bosatsu at 10:35 AM on January 9, 2006
It's pretty ludicrously easy to write a bot that spams open wikis. (I would be more subtle if I were them. )
posted by smackfu at 10:42 AM on January 9, 2006
posted by smackfu at 10:42 AM on January 9, 2006
Why not change the wiki hostname to wiki.metafilter.com -- easy enough to do since you control the DNS -- and then tweak the wiki code to test for the metafilter.com domain cookie. That way only logged-in metafilter users would be able to edit pages.
Net result: either no spam, or spammers pay $5/incident, since you'll be able to kill their account if they do it. Sounds like win/win to me.
posted by George_Spiggott at 12:29 PM on January 9, 2006
Net result: either no spam, or spammers pay $5/incident, since you'll be able to kill their account if they do it. Sounds like win/win to me.
posted by George_Spiggott at 12:29 PM on January 9, 2006
since you control the DNS
I should have phrased that "since you control the metafilter.com zone file".
posted by George_Spiggott at 12:31 PM on January 9, 2006
I should have phrased that "since you control the metafilter.com zone file".
posted by George_Spiggott at 12:31 PM on January 9, 2006
(And the "you" in this case refers to Matt, of course.)
posted by George_Spiggott at 12:32 PM on January 9, 2006
posted by George_Spiggott at 12:32 PM on January 9, 2006
since you control the DNS
we control the horizontal.
we control the vertical.
posted by keswick at 12:41 PM on January 9, 2006
we control the horizontal.
we control the vertical.
posted by keswick at 12:41 PM on January 9, 2006
Beam me up, Scotty
I control your body.
As deadly as AIDS,
been known to rock a party.
posted by klangklangston at 12:48 PM on January 9, 2006
I control your body.
As deadly as AIDS,
been known to rock a party.
posted by klangklangston at 12:48 PM on January 9, 2006
The wiki isn't actually run by Matt - it's on adrianhon's server. It's a great resource and RichardP is doing a sterling revert job but I can't help feeling that it's unnecessary effort. Some form of user authentication would save the poor chap from going slowly mad...
posted by blag at 1:14 PM on January 9, 2006
posted by blag at 1:14 PM on January 9, 2006
you know, it really wouldn't. any authentication would either a) make it no longer a wiki (say, if we went the "only 2 people may edit this. mathowie and richardp" way)
b) be easily circumventible. if people will spend $5 to self link a whopping once or twice before earning bannination, they'll certainly spend it to spam a wiki every day until they get banned, too.
posted by shmegegge at 1:21 PM on January 9, 2006
b) be easily circumventible. if people will spend $5 to self link a whopping once or twice before earning bannination, they'll certainly spend it to spam a wiki every day until they get banned, too.
posted by shmegegge at 1:21 PM on January 9, 2006
But wikispamming is done by bots rather than humans, right? Making it registration only is a pretty reasonable solution.
posted by Firas at 1:30 PM on January 9, 2006
posted by Firas at 1:30 PM on January 9, 2006
Yeah, the current spam problem seems to be just bot-related. I'd bet that even a capchta or similar would get rid of 90% of the problem.
posted by blag at 1:39 PM on January 9, 2006
posted by blag at 1:39 PM on January 9, 2006
Even easier than that. The TV Tropes Wiki used to have quite a problem with spamming too. So it instituted a password--which is given right in the instructions on the login form. No spamming problems since, AFAIK.
posted by DevilsAdvocate at 1:51 PM on January 9, 2006
posted by DevilsAdvocate at 1:51 PM on January 9, 2006
blag: I think the reverting is done automagically, so no-one is going mad doing it.
posted by beniamino at 1:58 PM on January 9, 2006
posted by beniamino at 1:58 PM on January 9, 2006
The TV Tropes Wiki idea is genius!
posted by pithy comment at 1:58 PM on January 9, 2006
posted by pithy comment at 1:58 PM on January 9, 2006
blag, thanks for the info. The fact that the wiki's on RichardP's server wouldn't rule out making it part of the metafilter.com domain if he were willing. You can create a virtual host under apache (for example) and make it apparently part of one domain and everything else on that same machine some other domain.
And yes, I know from experience that even an obvious password, spelled out under the users nose, will foil spambots -- provided that the way you spell it out isn't standardized. If a bot knows where to expect the password in the HTML stream it can scrape it and use it. (Which is why MovableType can't distribute this simple trick to prevent comment spam -- Bot authors would catch up with it i no time. ) But if the site owner hand-edits the page to display the password in their own idiosyncratic way then a bot can't use it.
posted by George_Spiggott at 2:45 PM on January 9, 2006
And yes, I know from experience that even an obvious password, spelled out under the users nose, will foil spambots -- provided that the way you spell it out isn't standardized. If a bot knows where to expect the password in the HTML stream it can scrape it and use it. (Which is why MovableType can't distribute this simple trick to prevent comment spam -- Bot authors would catch up with it i no time. ) But if the site owner hand-edits the page to display the password in their own idiosyncratic way then a bot can't use it.
posted by George_Spiggott at 2:45 PM on January 9, 2006
beniamino writes 'blag: I think the reverting is done automagically, so no-one is going mad doing it.'
Good grief. He's fighting spam all over the internets. Jolly good show.
posted by blag at 5:26 PM on January 9, 2006
Good grief. He's fighting spam all over the internets. Jolly good show.
posted by blag at 5:26 PM on January 9, 2006
Are my ears burning? blag was kind enough to send me an e-mail to bring this thread to my attention. As blag mentioned upthread, I don't actually operate the MetaFilter wiki. It's hosted and operated by Adrian Hon, but he has been kind enough to grant me admin privileges to the wiki (but not the server). Most of the despamming is actually done by my anti-wikispam bot, called WikiMinion. It reverts spam on dozens of wikis, including the MetaFilter wiki. It operates largely autonomously, but I do check on it once a day (or so) to update its database and to make sure hasn't gone berserk.
posted by RichardP at 7:33 PM on January 9, 2006
posted by RichardP at 7:33 PM on January 9, 2006
You could just add some sort of captcha to the wiki.
With a hole of some sort for the previously mentioned Minion, of course.
posted by graventy at 6:23 AM on January 10, 2006
With a hole of some sort for the previously mentioned Minion, of course.
posted by graventy at 6:23 AM on January 10, 2006
We're quick to whine and moan when things here don't work but, apparently, not so quck to praise and thank those who keep things working. So much of what works on the Internet does so because people take it upon themselves to help without expecting any compensation or recognition or expressed appreciation. It's nice to be able to identify one of those silent helpers and be able to say thanks. Thanks RichardP for your bot and your efforts on our behalf.
posted by TimeFactor at 12:12 PM on January 10, 2006
posted by TimeFactor at 12:12 PM on January 10, 2006
I'm happy to do the password thing if it's clear that it would prevent a lot of the spamming and it isn't too troublesome to implement. It'd probably save me some bandwidth and diskspace, at least (not that I am in danger of running out, but still). I will probably have a chat with the ever-helpful RichardP about this via email soon.
posted by adrianhon at 4:27 PM on January 10, 2006
posted by adrianhon at 4:27 PM on January 10, 2006
« Older People are derailing this perfectly decent... | I've tweaked the way subdomains work on MetaFilter... Newer »
You are not logged in, either login or create an account to post comments
posted by Mijo Bijo at 10:12 AM on January 9, 2006