Talk:How Things Work Around Here: Difference between revisions
No edit summary |
No edit summary |
||
Line 34: | Line 34: | ||
:::::::::Turning off anon edits: Yes. (By the way, I am wondering if the cookies glitch is browser-specific as I see it happens to others, but hasn't happened to me yet. I'm using Safari on Mac OS X.) CAPTCHA: Yes, but ''only'' if there is a way to make it accessible to the visually impaired. (Or even those with normal vision. I had to submit a CAPTCHA page three times earlier today before I got it right, because the letters were ''so'' distorted I couldn't read them.) -- [[User:Wenyeva|Wenyeva atte grene]] 19:50, 6 Dec 2005 (EST) | :::::::::Turning off anon edits: Yes. (By the way, I am wondering if the cookies glitch is browser-specific as I see it happens to others, but hasn't happened to me yet. I'm using Safari on Mac OS X.) CAPTCHA: Yes, but ''only'' if there is a way to make it accessible to the visually impaired. (Or even those with normal vision. I had to submit a CAPTCHA page three times earlier today before I got it right, because the letters were ''so'' distorted I couldn't read them.) -- [[User:Wenyeva|Wenyeva atte grene]] 19:50, 6 Dec 2005 (EST) | ||
::::::::: I like Wenyeva's simple math problem for a CAPTCHA -- this could be extended into an SCA story problems, and the answer could be given in the question so as not to make them too hard. eg "Manfred reigned with the Fair Queen -- Morwyn or Morag? I don't remember ;( -- immediately after An Tir ceased to be a Principality" -- with the Question: Who was the first King of An Tir? OK, I'm pretty sure it was Morag who was queen cause I got my AA at the 12th nite coronation. Whatever.... Whether, Krenn shuts down annonymous posting or puts the CAPTCHA into the submit | ::::::::: I like Wenyeva's simple math problem for a CAPTCHA -- this could be extended into an SCA story problems, and the answer could be given in the question so as not to make them too hard. eg "Manfred reigned with the Fair Queen -- Morwyn or Morag? I don't remember ;( -- immediately after An Tir ceased to be a Principality" -- with the Question: Who was the first King of An Tir? OK, I'm pretty sure it was Morag who was queen cause I got my AA at the 12th nite coronation. Whatever.... Whether, Krenn shuts down annonymous posting or puts the CAPTCHA into the submit edit page(s) depends mostly on how many pages he would have to modify. --[[User:Jl|Jl]] 22:57, 6 Dec 2005 (EST) | ||
Revision as of 21:27, 6 December 2005
I was seeing a lot more anonymous edits show up in the recent changes, and while I know this page implies some are OK, I think it's really best to require the login. I can easily remove it (or you can, EB - it's the last line in LocalSettings.php). This way we have accountability, and it's not as if we're about to sell people's email addresses. --Krenn 11:21, 16 Sep 2005 (EDT)
- I'm of two minds about this and would like more input from the community (that's you, whomever is reading this). One side of me agrees with Krenn, we'd like to have some way of confirming the authority behind any changes (who is this person and do they really know what they're talking about?). Also, sometimes when I arrive at the Wiki it says it knows who I am, but as soon as I edit a page, it loses the cookie and treats my edits as anonymous. Sometimes I go for two or three edits before I realize it. The OTHER side of me doesn't want to discourage participation in any way. If I have a choice, I prefer to access web services anonymously and will often skip over a site requiring a registration/login in favour of one that doesn't. I don't want folks feeling that way about the An Tir Wiki.
- Anybody have thoughts either way on this? --Elizabeth Braidwood
- I think there are a lot of people who do an edit or two before they get hooked and create an account. I know that at other wikis I like to have the ability to do a quick edit without needing to create yet another account. One wiki that I have seen go the other way is: http://www.katrinahelp.info/wiki/main.html which does require an account. --IasonVorax
- Personally, I regard the cookie glitch as a really good reason to have this turned on. Otherwise, you don't realize you're making edits without the system properly attributing you. I truly don't see the login requirement as a barrier at all, and people can still access it fine without login, it's just edits that require that. It may be possible to set it so that talk pages can be anonymous but main pages require it, I'm not certain. --Krenn
- Krenn, I don't think we've come to a consensus on this issue yet. Please turn OFF the required login for the time being. --Elizabeth Braidwood
- OK, done, but having seen automated wikispam hit several other sites, I reserve the right to say "I told you so." ;) --Krenn
- Three bot hits in the last two days. IMO, we either need to turn off anon posting, or add in Captcha images to block bots. I'm not sure how hard the latter would be. --Krenn 06:20, 30 Nov 2005 (EST)
- I'm in favor of encouraging, but not requireing. And I'm fully ready to hear the "I told you so"! :) - Quentin Martel
- Three more spamhits (rv'd by Wenyeva) since my last message. I think that qualifies for "I told you so". :( --Krenn 23:51, 30 Nov 2005 (EST)
- I know Wikipedia doesn't believe in requiring logins, and I understand why, but I also think that a wiki with a small editor base like this may need to require logins. We don't have thousands of people patrolling to catch the spam. I just started editing here, and I have been checking Recent Changes since I noticed that wikispammers were here, but if the edits have scrolled out of Recent Changes, I (and others) might miss them. Hopefully there are enough people watching to keep the spammers away, but this wiki is definitely on their list now... I hate captchas. I'd rather require logins. Wenyeva atte grene 23:59, 30 Nov 2005 (EST)
- I think it may be possible to have the CAPTCHA only on anonymous and on account registration, but not on validated accounts. It's definitely a "hack the code" implementation, so I'll need to step lightly. --Krenn 00:28, 1 Dec 2005 (EST)
- CAPTCHAs especially sophisticated ones can be annoying, and there are accessibility issues. OTOH I've already stuck a real basic one on the recommendation page on the main An Tir site, with the actual letters spelled out in the alt tag. Obviously pretty hackable, but my theory was that it wouldn't be worth the bother. Another option would be email notification of edits, but that could be pretty annoying just by itself. --JL
- On my weblog what we did was add a script that generates a tiny math problem like "3+2=?" and they have to answer the question for the post to go through. I didn't want CAPTCHAs because of the accessibility issue. For the weblog, the math problem has worked great -- but only because we're the only ones using it in that form. If every Wordpress blog used it, the spammers would crack it in no time flat. But they don't bother for just my own blog. I still get the occasional spam but the moderation there catches it, and they all seem to be hand-entered and not automated. So if you come up with something unique for this wiki, it might help keep the automated spammers away, even if it's not really complex. Wenyeva atte grene 17:01, 1 Dec 2005 (EST)
- Remember, what I'm hoping to do is make it so that registered users don't see CAPTCHAs except for a one-time deal when they make an account. If a spammer wants to make an account, then we can just lock out that account, problem solved. The CAPTCHA will also be a handy reminder to somebody that the Wiki has forgotten who they are and to log back in if they want proper attribution. You can see the number of changes that Jeanjacqueslavigne is making, and yet half of them are IP-tagged because the loss of the login token is so subtle. --Krenn 05:10, 2 Dec 2005 (EST)
- I am leaning toward the above option (a CAPTCHA on the account creation and turning off anonymous edits). I dislike doing it, because it adds barriers to new users, but it's beginning to sound like spam-patrol is taking up too much time. As nominal godmother and one of the senior admins of this site, I'm asking that everyone weigh in with a simple Yes/No/Brief comment by... say Saturday night and we'll go from there. If you don't mind spam-patrol, we don't have to do this, but it looks like Krenn had to do some fancy rollbacks to get the homepage back and he (and we) have better things to do. --Elizabeth Braidwood 18:09, 6 Dec 2005 (EST)
- Turning off anon edits: Yes. (By the way, I am wondering if the cookies glitch is browser-specific as I see it happens to others, but hasn't happened to me yet. I'm using Safari on Mac OS X.) CAPTCHA: Yes, but only if there is a way to make it accessible to the visually impaired. (Or even those with normal vision. I had to submit a CAPTCHA page three times earlier today before I got it right, because the letters were so distorted I couldn't read them.) -- Wenyeva atte grene 19:50, 6 Dec 2005 (EST)
- I like Wenyeva's simple math problem for a CAPTCHA -- this could be extended into an SCA story problems, and the answer could be given in the question so as not to make them too hard. eg "Manfred reigned with the Fair Queen -- Morwyn or Morag? I don't remember ;( -- immediately after An Tir ceased to be a Principality" -- with the Question: Who was the first King of An Tir? OK, I'm pretty sure it was Morag who was queen cause I got my AA at the 12th nite coronation. Whatever.... Whether, Krenn shuts down annonymous posting or puts the CAPTCHA into the submit edit page(s) depends mostly on how many pages he would have to modify. --Jl 22:57, 6 Dec 2005 (EST)
IP banning spammers?
Is it possible to ban the IPs of some of these spammers? At least one of them is using the same IP each time. I'm about to go clean up after him/her again. Wenyeva atte grene 17:25, 2 Dec 2005 (EST)
- 212.62.19.185 is a problem here. Right after I posted this and cleaned up one batch of his spams, he returned to spam again. Wenyeva atte grene 17:47, 2 Dec 2005 (EST)
- I can try that. I suspect it'll just switch to a new bothost though. --Krenn 00:10, 3 Dec 2005 (EST)
- Probably. But it was pretty brazen of it to keep using the same IP over and over. Wenyeva atte grene 05:02, 3 Dec 2005 (EST)
Added thought: But if there's a way to catch edits that include style="overflow:auto;height:1px;" that would also help. I don't know how easy that is with MediaWiki, though. I might have posted this already but I don't remember. :) Wenyeva atte grene 17:31, 2 Dec 2005 (EST)
- Not easily. I'd rather have a robust solution than a brittle one like that (they change one character and it gets through again). --Krenn 00:10, 3 Dec 2005 (EST)
- Ah, good point. I wonder if it would be enough. I noticed that sometimes they are testing the spams in the Sandbox. Is that something bots do? Or is that an indication that a human is manually spamming? Wenyeva atte grene 05:02, 3 Dec 2005 (EST)
- Actually, some Wikis will save the Sandbox if the form submit method is faked (tikiwiki comes to mind). It could also just be selecting a random link on the site, possibly from the recent changes, or else from links on the front page. --Krenn 06:59, 3 Dec 2005 (EST)