Talk:How Things Work Around Here

From An Tir Culture Wiki
Jump to navigation Jump to search

Anonymous editing

I was seeing a lot more anonymous edits show up in the recent changes, and while I know this page implies some are OK, I think it's really best to require the login. I can easily remove it (or you can, EB - it's the last line in LocalSettings.php). This way we have accountability, and it's not as if we're about to sell people's email addresses. --Krenn 11:21, 16 Sep 2005 (EDT)

I'm of two minds about this and would like more input from the community (that's you, whomever is reading this). One side of me agrees with Krenn, we'd like to have some way of confirming the authority behind any changes (who is this person and do they really know what they're talking about?). Also, sometimes when I arrive at the Wiki it says it knows who I am, but as soon as I edit a page, it loses the cookie and treats my edits as anonymous. Sometimes I go for two or three edits before I realize it. The OTHER side of me doesn't want to discourage participation in any way. If I have a choice, I prefer to access web services anonymously and will often skip over a site requiring a registration/login in favour of one that doesn't. I don't want folks feeling that way about the An Tir Wiki.
Anybody have thoughts either way on this? --Elizabeth Braidwood
I think there are a lot of people who do an edit or two before they get hooked and create an account. I know that at other wikis I like to have the ability to do a quick edit without needing to create yet another account. One wiki that I have seen go the other way is: http://www.katrinahelp.info/wiki/main.html which does require an account. --IasonVorax
Personally, I regard the cookie glitch as a really good reason to have this turned on. Otherwise, you don't realize you're making edits without the system properly attributing you. I truly don't see the login requirement as a barrier at all, and people can still access it fine without login, it's just edits that require that. It may be possible to set it so that talk pages can be anonymous but main pages require it, I'm not certain. --Krenn


Krenn, I don't think we've come to a consensus on this issue yet. Please turn OFF the required login for the time being. --Elizabeth Braidwood
OK, done, but having seen automated wikispam hit several other sites, I reserve the right to say "I told you so." ;) --Krenn
Three bot hits in the last two days. IMO, we either need to turn off anon posting, or add in Captcha images to block bots. I'm not sure how hard the latter would be. --Krenn 06:20, 30 Nov 2005 (EST)
I'm in favor of encouraging, but not requireing. And I'm fully ready to hear the "I told you so"! :) - Quentin Martel
Three more spamhits (rv'd by Wenyeva) since my last message. I think that qualifies for "I told you so". :( --Krenn 23:51, 30 Nov 2005 (EST)
I know Wikipedia doesn't believe in requiring logins, and I understand why, but I also think that a wiki with a small editor base like this may need to require logins. We don't have thousands of people patrolling to catch the spam. I just started editing here, and I have been checking Recent Changes since I noticed that wikispammers were here, but if the edits have scrolled out of Recent Changes, I (and others) might miss them. Hopefully there are enough people watching to keep the spammers away, but this wiki is definitely on their list now... I hate captchas. I'd rather require logins. Wenyeva atte grene 23:59, 30 Nov 2005 (EST)
I think it may be possible to have the CAPTCHA only on anonymous and on account registration, but not on validated accounts. It's definitely a "hack the code" implementation, so I'll need to step lightly. --Krenn 00:28, 1 Dec 2005 (EST)
CAPTCHAs especially sophisticated ones can be annoying, and there are accessibility issues. OTOH I've already stuck a real basic one on the recommendation page on the main An Tir site, with the actual letters spelled out in the alt tag. Obviously pretty hackable, but my theory was that it wouldn't be worth the bother. Another option would be email notification of edits, but that could be pretty annoying just by itself. --JL
On my weblog what we did was add a script that generates a tiny math problem like "3+2=?" and they have to answer the question for the post to go through. I didn't want CAPTCHAs because of the accessibility issue. For the weblog, the math problem has worked great -- but only because we're the only ones using it in that form. If every Wordpress blog used it, the spammers would crack it in no time flat. But they don't bother for just my own blog. I still get the occasional spam but the moderation there catches it, and they all seem to be hand-entered and not automated. So if you come up with something unique for this wiki, it might help keep the automated spammers away, even if it's not really complex. Wenyeva atte grene 17:01, 1 Dec 2005 (EST)
Remember, what I'm hoping to do is make it so that registered users don't see CAPTCHAs except for a one-time deal when they make an account. If a spammer wants to make an account, then we can just lock out that account, problem solved. The CAPTCHA will also be a handy reminder to somebody that the Wiki has forgotten who they are and to log back in if they want proper attribution. You can see the number of changes that Jeanjacqueslavigne is making, and yet half of them are IP-tagged because the loss of the login token is so subtle. --Krenn 05:10, 2 Dec 2005 (EST)
I am leaning toward the above option (a CAPTCHA on the account creation and turning off anonymous edits). I dislike doing it, because it adds barriers to new users, but it's beginning to sound like spam-patrol is taking up too much time. As nominal godmother and one of the senior admins of this site, I'm asking that everyone weigh in with a simple Yes/No/Brief comment by... say Saturday night and we'll go from there. If you don't mind spam-patrol, we don't have to do this, but it looks like Krenn had to do some fancy rollbacks to get the homepage back and he (and we) have better things to do. --Elizabeth Braidwood 18:09, 6 Dec 2005 (EST)
Turning off anon edits: Yes. (By the way, I am wondering if the cookies glitch is browser-specific as I see it happens to others, but hasn't happened to me yet. I'm using Safari on Mac OS X.) CAPTCHA: Yes, but only if there is a way to make it accessible to the visually impaired. (Or even those with normal vision. I had to submit a CAPTCHA page three times earlier today before I got it right, because the letters were so distorted I couldn't read them.) -- Wenyeva atte grene 19:50, 6 Dec 2005 (EST)
I like Wenyeva's simple math problem for a CAPTCHA -- this could be extended into an SCA story problems, and the answer could be given in the question so as not to make them too hard. eg "Manfred reigned with the Fair Queen -- Morwyn or Morag? I don't remember ;( -- immediately after An Tir ceased to be a Principality" -- with the Question: Who was the first King of An Tir? OK, I'm pretty sure it was Morag who was queen cause I got my AA at the 12th nite coronation. Whatever.... Whether, Krenn shuts down annonymous posting or puts the CAPTCHA into the submit edit page(s) depends mostly on how many pages he would have to modify. --Jl 22:57, 6 Dec 2005 (EST)
The CAPTCHA enabling is not simple as it's not supported by MediaWiki directly. It'll require some experimental grafting. The simplest stage would be to turn off anon-edits, and then to watch to see if spammers start to register accounts. If they do that, we can start using CAPTCHAs. I don't think we really need CAPTCHAs unless we're continuing to allow anonymous editing. Heck, we could probably fake-captcha the anon edit or registration pages with instructions to "enter the name of this kingdom in the blank". Only a customized spambot would be able to fill that in, the rest would bomb out. --Krenn 11:47, 8 Dec 2005 (EST)
Yup, that is sort of like how my blog's math script is. It would be trivially easy to program a way around it, but bots don't bother custom programming for a single blog or a single wiki. So that might do the trick. And it would be more accessible than a traditional CAPTCHA. -- Wenyeva atte grene 18:48, 8 Dec 2005 (EST)
The latest batch of spam was a huge mess -- from several different IPs, but all advertising At*v*n. They created a bunch of new pages to hold spam, too. And they are using the CSS trick to hide the spam, as well as putting a ton of white space at the top of the edit. Look out for more of this. *Sigh* -- Wenyeva atte grene 02:31, 12 Dec 2005 (EST)
Right. Krenn, please turn off anonymous edits and everyone keep an eye out for how the spammers react. Wenyeva, were you able to clear up the mess? Need any help? --Elizabeth Braidwood 19:07, 12 Dec 2005 (EST)
Well, I cleaned up that bunch but it looks like 3 more just appeared at 16:18. I can get rid of those pretty quickly. If you see any more of these crop up, though, by all means, revert them. :) -- Wenyeva atte grene 19:49, 12 Dec 2005 (EST)

IP banning spammers?

Is it possible to ban the IPs of some of these spammers? At least one of them is using the same IP each time. I'm about to go clean up after him/her again. Wenyeva atte grene 17:25, 2 Dec 2005 (EST)

212.62.19.185 is a problem here. Right after I posted this and cleaned up one batch of his spams, he returned to spam again. Wenyeva atte grene 17:47, 2 Dec 2005 (EST)
I can try that. I suspect it'll just switch to a new bothost though. --Krenn 00:10, 3 Dec 2005 (EST)
Probably. But it was pretty brazen of it to keep using the same IP over and over. Wenyeva atte grene 05:02, 3 Dec 2005 (EST)

Added thought: But if there's a way to catch edits that include style="overflow:auto;height:1px;" that would also help. I don't know how easy that is with MediaWiki, though. I might have posted this already but I don't remember. :) Wenyeva atte grene 17:31, 2 Dec 2005 (EST)

Not easily. I'd rather have a robust solution than a brittle one like that (they change one character and it gets through again). --Krenn 00:10, 3 Dec 2005 (EST)
Ah, good point. I wonder if it would be enough. I noticed that sometimes they are testing the spams in the Sandbox. Is that something bots do? Or is that an indication that a human is manually spamming? Wenyeva atte grene 05:02, 3 Dec 2005 (EST)
Actually, some Wikis will save the Sandbox if the form submit method is faked (tikiwiki comes to mind). It could also just be selecting a random link on the site, possibly from the recent changes, or else from links on the front page. --Krenn 06:59, 3 Dec 2005 (EST)

Yikes! Spam attack

I was working on editing content on the wiki just a few minutes ago, when we started getting slammed with wikispam, from multiple anon IPs, faster than I could keep up with fixing it. I have to get back to my real job and have to leave the wiki alone for a while so I can't fix all the new spams, but I hate to leave it with a bunch of spam on it. I will check back in later, but someone might want to look in on it. There hasn't been any new spam added in about 10 minutes, so maybe the bots took a few minutes off... but of course, they will be back.

Also, spam was posted from one logged-in account a bit earlier: User:Qolyan. (I e-mailed this text to Krenn just now, as well as posting here.) -- Wenyeva atte grene 20:56, 12 Dec 2005 (EST)

  • Sorry folks, was laid up ill for a bit there. Anonymous edits are now disabled. Will also ban the fake user, and look into CAPTCHA for 1.4. --Krenn 23:08, 12 Dec 2005 (EST)
Yikes, now they are logging in to spam. See the edits of User:Bounty. If it's a bot, would customizing the account creation page help? Making it not match what the bot expects? -- Wenyeva atte grene 22:19, 13 Dec 2005 (EST)
Yeah, that's likely the next step I'll take. I have to take care of some stuff but will be looking at this before work tonight. Out of curiosity, do you see the blocks show up in the log when I ban them, or do only admins see that? --Krenn 16:01, 14 Dec 2005 (EST)
Yes, I see the blocks. -- Wenyeva atte grene 17:16, 14 Dec 2005 (EST)

CAPTCHA enabled on account creation

I've installed and enabled CAPTCHAs on new user registration. I also made a small custom dictionary of SCA-related words. EB, you can add to it if you want to, it's in /var/www/wiki.antir.sca.org/docs/extensions/authimage-inc/words/words.txt.

Wiki or an orphanage? ;)

Yikes! I just looked at the Orphan pages listing (pages that are not linked to) and we're up to 293. There should probably be some time spent whittling that down wherever possible. --Krenn 17:17, 24 Jan 2007 (PST)

Hmm, that sounds like a good task for being bored at work. Should put it on the "to do" page. --Michelino di Gino Martini 18:20, 28 Jan 2007 (PST)
A number of these pages have category tags, which means that they are linked to -- just not with a direct link. What else should we be doing with them? --Elizabeth Braidwood 18:44, 28 Jan 2007 (PST)
The first fifty I looked at all had category tags (not counting the "more content" category). While some should perhaps be redirects, for most, I'm not sure how I'd link to them other than by the category (glossary, people). Is there a way to make the Orphan Pages take category links into account? --Michelino di Gino Martini 13:02, 29 Jan 2007 (PST)
Hmm. This must be something that Wikipedia has hit before. It may be resolved in a newer version of MediaWiki - let's revisit after I upgrade the software running the site. --Krenn 15:50, 29 Jan 2007 (PST)

Templates & standardization

One thing I noticed on Wikipedia is a lot of templates, particularly for items where there is a standard set of information associated together. F'rinstance, here one might consider a template for displaying a person's arms or a branch's arms, so that the image, the blazon and the owner are always associated.

Second, is there a need or a desire for a more-or-less standardized layout for personal pages? Maybe Society name, branch, personal arms, persona history, Society history, a link to the OP, etc? Likewise, should there be a standardized layout for branch pages? Recurring event pages?

Just some thoughts... Uilliam 13:47, 4 Mar 2007 (PST)

Image Uploads

Say, what's the policy on image uploads? Currently I tend to host and link - I tend to be somewhat hesitant to use space on other's servers. Seems to be fairly liberally used, however, and I've already hit the broken external link problem myself (when my hosting changed).--Michelino di Gino Martini 01:52, 28 Jul 2007 (EDT)

Also about images... I haven't been around here much for a while, but I noticed that an external image link in my page was broken (link pointed to my own server, and the URL is good). Have external image links been disabled for security reasons? I'd like to upload the image in question (it's my heraldic achievement, which would be nice to have on my page), but I don't have an image upload link showing, either. Wenyeva atte grene 01:34, 10 March 2011 (PST)

External image linking is intentionally disabled. The Upload link should be in the toolbox on the left but it's gone. I'll check on it when I get home; probably just an issue with new defaults. --Krenn 09:10, 11 March 2011 (PST)

Upload link is still gone. Just wondering if there is an update on this. --gigasloth 10:29, 22 March 2011 (PST)

Image upload still gone. Any news? Although I see it's restricted to Admins - which is fine, of course, but just let us know… --Michelino di Gino Martini 18:23, 13 June 2014 (UTC)

Due to Corporate policy we no longer allow uploads of images without a signed release from both the photographer and the model(s) in an image. You are however able to link to your own images from your photo site. Please read [[1]] for links to the release forms from Corp. --Chiara 7:16pm, 19 Jun 2014 (PST)

Ah ha, thanks for the update. When you say "link to your own images", do you mean just have a clickable link to go to that site and view them, or to display them like inline linking in the wiki? My understanding is inline links should work just by adding the url into a wiki page, but it currently ends up as a clickable link, as if $wgAllowExternalImages is still set to false (which is what I got from Krenn's comment in 2011 just above). Just trying to understand the options here. --Michelino di Gino Martini 00:51, 25 June 2014 (UTC)

That is correct, as a link. If you find the image already in use on the Wiki you can ask permission to reuse it on yours. --Chiara 11:39pm, 24 Jun 2014 (PST)

Security blocks me, but not spambots

I just ran into an issue when trying to update my page here -- because there are existing external URLs on the page (which have been there for years), I can't save any new edits to the page. Unless I delete those URLs, I guess. Which I don't want to do.

And yet, I look at Recent Changes, and see that the wiki is being seriously slammed by bots who are making accounts and then posting spam to their bot user pages. Whatever security you have for making new accounts, the bots have figured it out. Wenyeva atte grene 12:20, 25 May 2013 (UTC)


How does one become an Admin around here?

Just wondering if there's an official (or unofficial) way to volunteer to help admin. I keep running into (hopefully legit) edits I can't do because of spam filters and such. I also seem to spend a bit of time here. --Michelino di Gino Martini 00:03, 15 July 2015 (UTC)