I don't see any reason our Wiki should be so vulnerable, and before we make it official I would insist that we fix that. The Boost list never gets spammed, and moderators don't even seem to have to reject any spammers. All we need to do is use the same approval and posting process for the Wiki. Is something wrong with that? -- Dave Abrahams Boost Consulting www.boost-consulting.com
On Sat, 05 Mar 2005 09:09:44 -0500, David Abrahams wrote
I don't see any reason our Wiki should be so vulnerable, and before we make it official I would insist that we fix that. The Boost list never gets spammed, and moderators don't even seem to have to reject any spammers. All we need to do is use the same approval and posting process for the Wiki. Is something wrong with that?
Well it's generally against the philosophy of Wiki's to require a login to modify pages. It prevents the casual user from making minor updates as they read a page, etc. Even Wikipedia, which is one of the top 100 sites on the web and a huge spam target doesn't require a login to edit. Since I'm the one that gets to deal with a large part of the spam, I'm already looking at better ways to protect the Wiki from Spam. The current process involves waiting for someone to spam the wiki, reverting it, and banning the address that submitted the content. This is bad because of the time it requires and some legitmate users can get blocked (that's come up a couple times now after I got tired and started blocking out whole domains that have repeatedly spammed). Other Wiki's are now using content filters to prevent spam from ever being committed. At the core of the spamming is a desire to get links into google. So the filters essentially evaluate the content of the submitted pages looking for off-wiki links and certain words associated with common spamming. I'm working on implementing such a filter for our Wiki now. I'm actually hoping to have this in place this weekend. So I'd like to take this path and see if we can damp down the spamming without requiring logins. If it doesn't work then, I agree, we will have to go to some kind of login which is harder to implement... Jeff
"Jeff Garland" <jeff@crystalclearsoftware.com> writes:
On Sat, 05 Mar 2005 09:09:44 -0500, David Abrahams wrote
I don't see any reason our Wiki should be so vulnerable, and before we make it official I would insist that we fix that. The Boost list never gets spammed, and moderators don't even seem to have to reject any spammers. All we need to do is use the same approval and posting process for the Wiki. Is something wrong with that?
Well it's generally against the philosophy of Wiki's to require a login to modify pages. It prevents the casual user from making minor updates as they read a page, etc. Even Wikipedia, which is one of the top 100 sites on the web and a huge spam target doesn't require a login to edit.
Since I'm the one that gets to deal with a large part of the spam, I'm already looking at better ways to protect the Wiki from Spam. The current process involves waiting for someone to spam the wiki, reverting it, and banning the address that submitted the content. This is bad because of the time it requires and some legitmate users can get blocked (that's come up a couple times now after I got tired and started blocking out whole domains that have repeatedly spammed).
Other Wiki's are now using content filters to prevent spam from ever being committed. At the core of the spamming is a desire to get links into google. So the filters essentially evaluate the content of the submitted pages looking for off-wiki links and certain words associated with common spamming. I'm working on implementing such a filter for our Wiki now. I'm actually hoping to have this in place this weekend.
Cool! Spambayes is a great adaptable spam filter; I'm using it with great success for my email. FWIW. -- Dave Abrahams Boost Consulting www.boost-consulting.com
On Sat, 05 Mar 2005 14:18:46 -0500, David Abrahams wrote
Cool! Spambayes is a great adaptable spam filter; I'm using it with great success for my email. FWIW.
Interesting thought -- for the moment the filter will probably be a bit more low-tech. Other Wiki admins have been working on this problem so I'm leveraging their work. For example, others have already created and maintain lists of sites and word combinations that indicate spam. BTW, I consider my current effort to be a somewhat short term solution. I want to upgrade the Wiki software sometime this year to something with more features like RSS support and better spam control built-in. But the upgrade is more involved -- not something I can really take on just now. Jeff
Jeff Garland wrote:
[...] Other Wiki's are now using content filters to prevent spam from ever being committed. At the core of the spamming is a desire to get links into google. So the filters essentially evaluate the content of
Another solution is to add rel="nofollow" to all hyperlinks in the Wiki (or use a filter to add this attribute only to some links). Google, MSN Search and Yahoo! (and maybe others) will ignore these links. Google came up with the idea in January because of the huge amount of comment spam in blogs. See http://www.google.com/googleblog/2005/01/preventing-comment-spam.html Of course we have then to make sure that the spammers get the message and understand that their links are not considered any more. Boris
On Sat, 5 Mar 2005 22:38:31 +0200, Boris wrote
Jeff Garland wrote:
[...] Other Wiki's are now using content filters to prevent spam from ever being committed. At the core of the spamming is a desire to get links into google. So the filters essentially evaluate the content of
Another solution is to add rel="nofollow" to all hyperlinks in the Wiki (or use a filter to add this attribute only to some links). Google, MSN Search and Yahoo! (and maybe others) will ignore these links. Google came up with the idea in January because of the huge amount of comment spam in blogs. See http://www.google.com/googleblog/2005/01/preventing-comment- spam.html Of course we have then to make sure that the spammers get the message and understand that their links are not considered any more.
Yes, thanks, I'm already aware of this and is another step I'm considering. It has two disadvantages I see. It doesn't stop the uninformed spammer from defacing the site. It has the potential to reduce the overall influence of the boost user community has on search results if we do it globally... Jeff
Hey Jeff, Another suggestion I threw out before: put in a challenge-respose system like many web companies use to prevent automated subscriptions, etc. See http://en.wikipedia.org/wiki/Captcha, there are some nice open-source projects in the "external links" section there. max.
participants (4)
-
Boris -
David Abrahams -
Jeff Garland -
Maxim Khesin