Forum:Improving spam protection

So, What should we do to stop spambots overwhelming this uncyclopedia? Please take a look here.--Aleks - Meow To Me 07:11, 16 June 2015 (UTC)

I copied and pasted this from the main page's talk discussion cos I think it would be a lot less annoying for admins if we improved security, and i wanted as many people as poss to check out the link.

Are any/all of the security things on the link either 1) In force already 2) easily implementable? Leverage (talk) 07:20, 16 June 2015 (UTC)

I've asked about this before, I think I was told basically there are a lot of these things in place already and somehow a lot of bots get through anyway, but I don't know much about it, so I'll await an answer from someone who does. - B@NZai k!tten (Meow?)B 09:09, 16 June 2015 (UTC)

I find it annoying too. XY007 • talk • contributions 10:49, 16 June 2015 (UTC)

I think Bizzeebeever once said that he tried hard blocking their user agents server-side at one point but they managed to simply keep changing it. Not particularly hard to do if the accounts are running off of a script, which would indicate that there is some human involvement somewhere. What I'm ultimately getting at is that at this point, these "spambots" are probably more along the line of mechanical turks (google it if you don't know what that is). There might still be a way to stop them but I don't run the servers for this place, so take what I say with a grain of salt. -- Lost Labyrinth • (t) • (c) • (a) 16:49, 16 June 2015 (UTC)

Hi there! I hope you realize that our system administrators, of which many are also "regular" admins, are prominent MediaWiki developers (save for Zombiebaron, he's a world-famous zombie) — some so good that they're *gasp* paid for the work they do! As such, you're definitely preaching to the choir here. Let's not forget that our sysadmins are behind a very effective spam filter, which is filtering out obvious spam edits as we speak type. We also work closely with other prominent sites using MediaWiki, like Brickimedia and ShoutWiki to reduce the amount of spam with new techniques, because spam is not just a site-specific issue: it's everyone's issue.

I think your premise — that Uncyclopedia would somehow be "overwhelmed" by spambots — is outright false. It's not. We have advanced anti-spam mechanisms in place, and we quickly take care of the ones that do get past the automated checks. That being said, your message did prompt me to update the email blacklist with some of the recently used spam-only domains, so now the spambot operators will have to find (or register) some new domains to abuse. But let me assure you this: we are not overwhelmed by spambots. And we never will be. -- Jack Phoenix, professional killer admin (Whine?) • (Wikia ♥ ads) 04:17, 17 June 2015 (UTC)

So there's nothing else we can do, Jack? The spam we get every day is the best of the best? --Leverage (talk) 09:09, 17 June 2015 (UTC)

There's always something we can do, no doubt, but I wanted to emphasize that the admins — sysadmins and other admins alike — are not, contrary to the popular belief, sitting on their asses all day long and eating Doritos. AbuseFilter and other related tools (such as the WMF-developed, rather obscure AntiBot extension) which allow private collaboration on anti-spam measures are the way to go forward if you ask me. Having things like the email blacklist is not just good for transparency, but also for the very people we try to keep out — spambots and their operators, as they can view what's blocked and just work around it.
If you look at Special:AbuseFilter, you'll see that we have plenty of custom anti-spam measures in place. The filter for long-term Chinese spambots (#29), for example, has prevented over 700 spam edits. We can improve the pre-existing filters and add new ones as needed.
The key is identifying a pattern in spambot edits that we can target. Spambots frequently use the HTML line break (<br>) tag, but since this tag has legitimate uses, having AbuseFilter prevent any and all edits where that tag is present would obviously generate tons of false positives (and no doubt it'd also repel off some good users while at it).
However, it's possible to filter out, say, page creations by very new users in a certain namespace when the page contains too many of the line break tags. In fact, I've just created a new filter (#40) to hopefully catch one of the three spambot families that spammed Uncyc on 16 June (see the deletion log for more context) based on similar criteria. -- Jack Phoenix, professional killer admin (Whine?) • (Wikia ♥ ads) 23:26, 17 June 2015 (UTC)

I dunno about you, but I actually am sitting on my arse eating doritos. Or I would be if I had doritos. But brown cheese on bread is totally similar.

Anyway, to expand on this, we do what we can from the backend and technical crap, but not all spam is technical and crap either. In line with what Lost Labyrinth said, the stuff we can't block we often can't block because there's an actual person behind it updating things and stuff, so we need actual people here updating filter rules onsite as applicable and deleting/reverting the rest of it. Sucks, but that's how it is. Fortunately it looks like folks have been doing that since the site's still the site, so thank you to all of you. -— Lyrithya ༆ 17:44, 18 June 2015 (UTC)

Brown cheese? - B@NZai k!tten (Meow?)B 14:59, 23 June 2015 (UTC)

Nyet! XY007 • talk • contributions 23:28, 23 June 2015 (UTC)

I have some spam-fighting measures in mind

They're all server-side, so I may end up breaking literally everything. Keep your eyes peeled and your ear to the ground in the near future, and you just may see the absolutely nothing which will happen. But I'm lazy, so it might not happen for a while.

Oh, also, I may set up https for all Uncyclomedia sites, so we'll all be able to log in with our super-secret passwords super-secretly, without the NSA seeing them. Once again, lazy, so this may happen in a few years, or not at all. Or tomorrow. ~ BB ~ (T) ~ Mon, Jun 29 '15 10:24 (UTC)

Make new article creation for rollback+ users only

The site is dead/dying anyway. 90% of the user duties are improving and upkeep and community stuff. Limit creation to a class of users that has to be personally appointed by an actual human. -- TKF, logged out, why am I here (hi BB, I miss you) 11:50, 2 July 2015 (UTC)

Eh, deleting spammy pages isn't much of a chore, furs I can see. Give the little buggerers a chance. Rum, buggery and the lash. Speaking of buggery, you should come on IRC. I live there now. It's awesome. Did you know you can upload your entire brain to IRC now? Yeah. I'm telling you, the future is now, man.  ~ BB ~ (T) ~ Mon, Jul 6 '15 8:20 (UTC)