[Bioperl-l] bioperl wiki spam
Hilmar Lapp
hlapp at drycafe.net
Thu Mar 17 16:01:42 EDT 2011
Indeed. And I guess we can add "bad" providers incrementally as we
spam from them trickle in. I can imagine that at some point there'll
also be a blacklist of spam OpenID providers.
-hilmar
On Mar 17, 2011, at 3:40 PM, Chris Fields wrote:
> That's easy enough to do with the OpenID plugin settings:
>
> $wgOpenIDConsumerAllow
> an array of regular expressions that match OpenIDs you want to allow
> to log in. For example, "@^(http://)?wikitravel.org/@" will allow
> OpenIDs from the Wikitravel domain.
> $wgOpenIDConsumerDeny
> an array of regular expressions that match OpenIDs you want to deny
> access to. This is mostly useful for servers that are known to be
> bad. Example: "#^(http://)?example.com/#".
>
> chris
>
> On Mar 17, 2011, at 2:38 PM, Hilmar Lapp wrote:
>
>> Just a thought towards the future - OpenIDs are so easy to obtain
>> that the way it is right now (any OpenID will do) is built on the
>> premise that it's not used widely enough (yet!) to make it worth
>> the spammers' time. Same story as with reCaptcha, probably. So
>> once OpenID is used widely, we'll probably have to restrict the
>> OpenID providers that we permit.
>>
>> -hilmar
>>
>> On Mar 17, 2011, at 12:16 PM, Chris Fields wrote:
>>
>>> Peter,
>>>
>>> It's set up for biopython. Will make an announcement on open-bio-
>>> l and post something on the blog when I catch my breath (redmine
>>> and this in one week is a little tiring!).
>>>
>>> Will also ping biojava and the other wiki groups about switching
>>> over.
>>>
>>> chris
>>>
>>> On Mar 17, 2011, at 3:27 AM, Peter Cock wrote:
>>>
>>>> Yes please - thanks Chris!
>>>>
>>>> Peter
>>>>
>>>> On Thursday, March 17, 2011, Chris Fields <cjfields at illinois.edu>
>>>> wrote:
>>>>> Done, for BioSQL. Let me know about Biopython and the others.
>>>>>
>>>>> -c
>>>>>
>>>>> On Mar 16, 2011, at 10:05 PM, Hilmar Lapp wrote:
>>>>>
>>>>>>
>>>>>> On Mar 14, 2011, at 11:01 PM, Chris Fields wrote:
>>>>>>
>>>>>>> Okay, we have bioperl.org set up to use OpenID, works well:
>>>>>>
>>>>>> Seems to work mostly - there seems to be some odd small problem
>>>>>> with ClaimID: typing in my username leads to an OpenID error,
>>>>>> whereas entering my full ClaimID OpenID works. Not sure why
>>>>>> that would be.
>>>>>>
>>>>>> Any chance this can be enabled for BioSQL too (and accordingly
>>>>>> account creation disabled there, too)?
>>>>>>
>>>>>> -hilmar
>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> http://www.bioperl.org/wiki/Special:OpenIDLogin
>>>>>>>
>>>>>>> I have also temporarily shut down new user account creation
>>>>>>> (new users must now use OpenID); old users can still use the
>>>>>>> login, but they can also tie their account to an OpenID.
>>>>>>> Let's see if it cuts down on the spam.
>>>>>>>
>>>>>>> chris
>>>>>>>
>>>>>>> On Mar 14, 2011, at 1:48 PM, Hilmar Lapp wrote:
>>>>>>>
>>>>>>>> Any update on the OpenID extension?
>>>>>>>>
>>>>>>>> -hilmar
>>>>>>>>
>>>>>>>> On Mar 14, 2011, at 2:25 PM, Chris Fields wrote:
>>>>>>>>
>>>>>>>>> On use of Recaptcha: according to the ConfirmEdit page (http://www.mediawiki.org/wiki/Extension:ConfirmEdit
>>>>>>>>> ):
>>>>>>>>>
>>>>>>>>> "Unfortunately, reCAPTCHA might be a victim of its own
>>>>>>>>> success - as of 2011, some spammers appear to have figured
>>>>>>>>> out a way to bypass it, either through character recognition
>>>>>>>>> or by using humans. For that reason, it is not necessarily
>>>>>>>>> recommended."
>>>>>>>>>
>>>>>>>>> I agree about the barrier to entry issue, but unfortunately
>>>>>>>>> with the wiki we're facing a reality check re: spam
>>>>>>>>> attacks. We can probably set up a new group for users that
>>>>>>>>> allows account approval, though, which might alleviate the
>>>>>>>>> process somewhat.
>>>>>>>>>
>>>>>>>>> chris
>>>>>>>>>
>>>>>>>>> On Mar 14, 2011, at 1:12 PM, Scott Cain wrote:
>>>>>>>>>
>>>>>>>>>> Hi Chris,
>>>>>>>>>>
>>>>>>>>>> The GMOD wiki has been getting hit similarly. I've been
>>>>>>>>>> thinking
>>>>>>>>>> about the "vampire" model that EcoliWiki uses: once you
>>>>>>>>>> have an
>>>>>>>>>> account, you have the ability to approve other people's
>>>>>>>>>> accounts. The
>>>>>>>>>> hope being to distribute the load. I'm not thrilled about
>>>>>>>>>> it though:
>>>>>>>>>> I want the barrier to entry to be as low as possible. We
>>>>>>>>>> already make
>>>>>>>>>> it so that you have to have an account to edit, passing a
>>>>>>>>>> recaptcha on
>>>>>>>>>> the way. Apparently that barrier is already a little too
>>>>>>>>>> low :-/
>>>>>>>>>>
>>>>>>>>>> Scott
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Mon, Mar 14, 2011 at 1:44 PM, Chris Fields <cjfields at illinois.edu
>>>>>>>>>> > wrote:
>>>>>>>>>>> All,
>>>>>>>>>>>
>>>>>>>>>>> We have been getting inundated on the wiki with spam
>>>>>>>>>>> lately. In order to get on top of this, I'm thinking
>>>>>>>>>>> about having the wiki set up so wiki admins approve new
>>>>>>>>>>> user accounts, using the ConfirmAccount plugin:
>>>>>>>>>>>
>>>>>>>>>>> http://www.mediawiki.org/wiki/Extension:ConfirmAccount
>>>>>>>>>>>
>>>>>>>>>>> I wanted to get everyone's opinion on this prior to
>>>>>>>>>>> enforcing it. The queue is pretty configurable, and one
>>>>>>>>>>> can set this to auto-delete old requests.
>>>>>>>>>>>
>>>>>>>>>>> Any thoughts?
>>>>>>>>>>>
>>>>>>>>>>> chris
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> Bioperl-l mailing list
>>>>>>>>>>> Bioperl-l at lists.open-bio.org
>>>>>>>>>>> http://lists.open-bio.org/mailman/listinfo/bioperl-l
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> ------------------------------------------------------------------------
>>>>>>>>>> Scott Cain, Ph. D.
>>>
>>
>> --
>> ===========================================================
>> : Hilmar Lapp -:- Durham, NC -:- hlapp at drycafe dot net :
>> ===========================================================
>>
>>
>>
>>
>
--
===========================================================
: Hilmar Lapp -:- Durham, NC -:- hlapp at drycafe dot net :
===========================================================
More information about the Bioperl-l
mailing list