You may think 'why not just block them on sight'? That's all well and good for sites like Wikipedia, where hundreds of thousands of users are monitoring recent edits, any undesirable ones are reverted and the offending user blocked. However, for smaller wikis, the vandalism may go unnoticed for several hours or even days, making the following preventative measures necessary.
The most effective thing you can do is to install the AbuseFilter extension, and then set up rules to throttle edits (only allow X edits in Y minutes) from new/unregistered users. This is very effective, and prevents vandalbots from editing wildly, thus giving admins a chance to see the vandalism and block the bot before much damage has been done. Rules can be programmed to trigger on just about anything, and carry out a wide range of actions when tripped.
However, this is not easy for those inexperienced with MediaWiki, nor is it possible for wikis hosted on external servers (such as Wikia). However, if you can do it, it is the best way to limit vandal/spam bot activity.
If your wiki is quite small, or aimed at a niche community, you could edit LocalSettings.php (assuming you have access to the file, I know Wikia wikis need to have such changes approved) and restrict anonymous (unregistered) users from editing and even restrict new account creation by anyone except admins, thus requiring prospective new users to request an account. This will put off casual vandals, and make creating even a small set of vandalbot accounts difficult (if you suddenly get 30 requests in a day when you usually get 4, something is wrong).
OK, what if you are a wiki admin with no access whatsoever to the low-level settings of your wiki. What do you do to help protect it? Well, you could refer the site administrator to this post (^_^), or do the following:
- Watch out for the mass-creation of user accounts, especially with nonsense names or incremental names (Dfghsj01, dfghsj02, etc.), and block them if at all suspicious.
- If a bot does strike and cause mass havoc, fight fire with fire and use a bot (or a bot process running on your account) to undo the damage. I have created an antivandal utility which you can download here (source included (C#), dotnetwikibot included). It allows you to auto-revert a set number of edits by a certain user. It's very user-friendly and relatively fast.
UPDATE: If you're interested to see just what malicious bots can do, have a look at this. It's the contribs list of a test bot operating on my recently-created test wiki. The bot created 50 pages in just under 2 minutes, and then 'vandalised' said pages at about the same rate (25epm). I also tried testing the pagemove routine, but Wikia obviously has a throttle to prevent mass-pagemoves.
0 comments:
Post a Comment