Recent spam attacks
I have noticed a number of spam pages being created on StrategyWiki over the last few days. They are all attempts at SEO'ing the phone numbers of technical support scammers. While Procyon has been deleting the pages and blocking the users as they come up, this is at best a game of whack-a-mole, as the spammers can always create new accounts and/or pages until and unless something more stringent is implemented.
I do not know this wiki's politics too well, so feel free to rebut my suggestion, but will the something like Wikipedia's Edit filter work here? I see few legitimate uses for including phone numbers in articles (the only one I can think of is Mike Tyson's Punch-Out!!, which uses them as cheat codes). In that case, edit filters can be programmed to allow edits from certain users (such as admins) that would ordinarily be forbidden; Wikipedia uses this feature all the time to perform legitimate edits that were blocked only because they were attempted by a new user. Could this be considered? Although the spam is mostly hidden (I can only see it in the Recent Changes log), I don't want it to get any worse.
- Always open to suggestions! I've looked at mw:Extension:AbuseFilter and was considering installing it, but I'm not sure how hard it is to administer. Do you think we could do something with SpamBlacklist? -- Prod (talk) 03:08, 1 August 2017 (UTC)
- I have no administrative experience on Wikipedia (nor any editing experience there, either), so I cannot make a truly informed comment about how hard AbuseFilter is to administer. However, that being said, it shouldn't be that hard. The doc page for AbuseFilter that you linked contains cut-and-paste directions for how to install it, and best-practice guidance regarding permissions. In addition, I am professionally a computer programmer; to me, AbuseFilter syntax is incredibly easy. :) If you ever need technical help, feel free to ask. Unfortunately, SpamBlacklist won't work, as it can only filter actual links, not random text. For example, http://www.apple.com/ would be examined by the filter, but www.apple.com would always go scot-free. (Linkspammers on Wikipedia often take advantage of this deficiency.) Hope this helps! Wjk (talk) 23:28, 2 August 2017 (UTC)
- Thanks for the offer Wjk. We've taken the draconian step of preventing unconfirmed users from creating new pages. It's not what we'd like to do, but it's definitely stemmed the tide of the attacks. At some point, we'd like to turn that off and see if things go back to normal. If they don't, then yeah, we'll have to adopt a measure like AbuseFilter. Both Prod and I are programmers as well, so between the three of us, we should be able to get something going. Let's see how things shake out over the next week or two and reevaluate then. Procyon 02:30, 3 August 2017 (UTC)
- The installation itself isn't the problem, it's getting the filters configured and tested without impacting normal users. We also have MediaWiki:Titleblacklist which should work for page names. -- Prod (talk) 17:31, 5 August 2017 (UTC)
Hi, there, KeybladeSpyMaster here from the Square Enix Wiki and Kingdom Hearts Wiki. We're issuing a SEIWA-wide notice for a particular form of vandal attack from a particular user. This user, who initially attacked the Kingdom Hearts Wiki last month with "Kingdom Hearts is communist"-styled vandal attacks, has now engaged in the same behavior on the Square Enix Wiki yesterday. It's expected that the user will continue to engage in similar attacks on both wikis, and may attempt similar attacks on Kingdom Hearts-related pages on this wiki. The various user accounts and IPs used have been identified as related to a user blocked in June from the KHWiki. We just want to let you know that this is going on so you can keep an eye out for this on your wiki. Something our site dev did on the KHWiki is install the Moderation extension, which submits all edits from new users and all IPs to review by those with the moderation right, so maybe that may help with the spam you seemed to have dealt with last month, too. Anyways, if you have any questions, be sure to let us know. Thanks! KeybladeSpyMaster (talk) 01:43, 11 August 2017 (UTC)