«

Folks,

As many people will know, the RubyGarden wiki
(http://www.rubygarden.org/ruby) has been under constant spam attacks for
a while now. Does anyone have any idea how to prevent these attacks?

Cheers,
Gavin

"Gavin Sinclair" <> schrieb im Newsbeitrag
news:42377.129.78.228.114.1089019858.squirrel@webm ail.imagineis.com...
> Folks,
>
> As many people will know, the RubyGarden wiki
> (http://www.rubygarden.org/ruby) has been under constant spam attacks
for
> a while now. Does anyone have any idea how to prevent these attacks?

Better login / authentication? OTOH, the problem is, that Wiki's are
meant to be extended and filled by anybody - so there's a certain conflict
between openness and security...

Kind regards

robert

il Mon, 5 Jul 2004 18:31:12 +0900, "Gavin Sinclair"
<> ha scritto::

>Folks,
>
>As many people will know, the RubyGarden wiki
>(http://www.rubygarden.org/ruby) has been under constant spam attacks for
>a while now. Does anyone have any idea how to prevent these attacks?

add a uman detection system on the edit page. Mothing fancy, just
soemthing like "what color Napoleon's white horse was?" and a text
box. Real users answer the question, spambot don't.

Hello,

On Monday, July 5, 2004, at 05:31 AM, Gavin Sinclair wrote:
> As many people will know, the RubyGarden wiki
> (http://www.rubygarden.org/ruby) has been under constant spam attacks
> for
> a while now. Does anyone have any idea how to prevent these attacks?

Do the spam attacks seem come from the same set of individuals, or are
spammers in general looking for wikis with high Page Ranks?

I have sneaky ideas on how to deal with the former. Once you've
identified a vandal, instead of denying access you automate a process
of quietly discarding their edits in a way that is hard to notice and
that wastes their time.

The latter is bothersome -- you might need to setup the same sort of
"enter the number in the image" process as network solutions, ebay, etc.

Cheers,

Patrick

On Mon, 2004-07-05 at 18:31 +0900, Gavin Sinclair wrote:
> Folks,
>
> As many people will know, the RubyGarden wiki
> (http://www.rubygarden.org/ruby) has been under constant spam attacks for
> a while now. Does anyone have any idea how to prevent these attacks?

Yes. Alter the engine so that external URLs go to a non-indexed-by-
search-engines "leaving the site" page. It effectively kills any
pagerank that adding a link would add to the linkee. That's both good
and bad, but it's a short-term solution.

It may be that a simple HTTP redirect script would work, too, but I'm
not sure.

Ari

Patrick May wrote:
[snip]
> The latter is bothersome -- you might need to setup the same sort of
> "enter the number in the image" process as network solutions, ebay, etc.

FWIW, I've got a CAPTCHA library on rubyforge that does just this. As
long as you've got the freetype and gd libraries installed, it should
just drop right in.

http://rubyforge.org/projects/captcha

--
Jamis Buck

http://www.jamisbuck.org/jamis

ruby -ropenssl
-e'k="01234567";p((c,c.padding,c.iv,c.key=OpenSSL:: Cipher::BF.new,0,k,k*2)[0].decrypt.update("1A81803C452C324619D319F980D5B84DB B45FC0FE2BAA045".scan(/../).map{|n|n.to_i(16).chr}.join))'

On Tue, Jul 06, 2004 at 01:43:34AM +0900, Aredridel scribed:
> On Mon, 2004-07-05 at 18:31 +0900, Gavin Sinclair wrote:
> > Folks,
> >
> > As many people will know, the RubyGarden wiki
> > (http://www.rubygarden.org/ruby) has been under constant spam attacks for
> > a while now. Does anyone have any idea how to prevent these attacks?
>
> Yes. Alter the engine so that external URLs go to a non-indexed-by-
> search-engines "leaving the site" page. It effectively kills any
> pagerank that adding a link would add to the linkee. That's both good
> and bad, but it's a short-term solution.
>
> It may be that a simple HTTP redirect script would work, too, but I'm
> not sure.

This removes the long term incentive, but the spammers can't
be counted on to realize that their spam isn't effective... just
as they don't care about filling my mailbox, even though I'll never
click.

The capcha solution seems like the most preferable way to go
about it. Just make sure it has an alternative non-visual captcha
for the visually impaired.

-Dave

--
work: me:
MIT Laboratory for Computer Science http://www.angio.net/

On Tue, 2004-07-06 at 06:32 +0900, David G. Andersen wrote:
> On Tue, Jul 06, 2004 at 01:43:34AM +0900, Aredridel scribed:
> > On Mon, 2004-07-05 at 18:31 +0900, Gavin Sinclair wrote:
> > > Folks,
> > >
> > > As many people will know, the RubyGarden wiki
> > > (http://www.rubygarden.org/ruby) has been under constant spam attacks for
> > > a while now. Does anyone have any idea how to prevent these attacks?
> >
> > Yes. Alter the engine so that external URLs go to a non-indexed-by-
> > search-engines "leaving the site" page. It effectively kills any
> > pagerank that adding a link would add to the linkee. That's both good
> > and bad, but it's a short-term solution.
> >
> > It may be that a simple HTTP redirect script would work, too, but I'm
> > not sure.
>
> This removes the long term incentive, but the spammers can't
> be counted on to realize that their spam isn't effective... just
> as they don't care about filling my mailbox, even though I'll never
> click.

I'm not sure. It seems to have effectively cut down on link-spam in a
blog I visted this morning. It's hard to tell, though, with the editing.

They do post that they've done so, though.

> The capcha solution seems like the most preferable way to go
> about it. Just make sure it has an alternative non-visual captcha
> for the visually impaired.

I'd only go Capcha if the other failed, though.

Ari