···
On Fri, Apr 5, 2013 at 3:43 PM, Philipp Gesang wrote:
Hi all,
I’d like to draw your attention to the wiki. The spammers appear to know the solution to the current entry barrier “What is usually the last command in a ConTeXt source file (without the backslash)?”, and the number of fake accounts is growing fast:
http://wiki.contextgarden.net/Special:Log/newusers
They don’t, however, seem to vandalize yet, so I guess the postal code of Hasselt is unbreakable with today’s technology ;-)
I spoke too soon (or maybe those guys read the list and view this discussion as a challenge?): http://wiki.contextgarden.net/Special:Contributions/TrenaLege
Nevertheless the account spam is messing up the recent changes feed:
http://wiki.contextgarden.net/index.php?title=Special:RecentChanges&feed=rss
Even if it’s not urgent, may I suggest we collect possible replacements for the current question? I can’t image the damage those accounts would do once they figure out how to post links.
It would probably be best to:
1.) Remove all those account (attention: some users are actually legitimate and contributed valid content).
2.) Find out if there is any problematic IP and block those IPs.
Careful as their IPs could be spoofed, you might end up blocking innocent users.
3.) Install something like http://www.mediawiki.org/wiki/Extension:ConfirmAccount and/or maybe use both captcha and some context-specific question (honestly: if users don't know how to answer some slightly more tricky question, they shouldn't be able to get the account). We could use questions like "Last name of president of ConTeXt User Group."
This could discourage people from fixing trivial stuff like misspellings. Maybe add a note that they should drop a mail to the list if they don’t know the answer. Regards Philipp -- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments