[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[school-discuss] Re: Wiki spam: one possible solution

on Sun, Nov 13, 2005 at 05:20:56PM +0100, Pau Cabot (paucabot@xxxxxxxxxxx) wrote:
> Hi to everybody and thanks for your responses,
> There is an easy way to prevent wiki spam on Phpwiki without enabling 
> user authentication:
> Edit /etc/phpwiki/index.php and set ALLOW_BOGO_LOGIN and 
> This way, users must register (using whatever username) but they don't 
> have to introduce a password. This stops spam robots.

There's a surprising amount of non-robot spam.

... or robots smart enough to use commonly-found Wiki authentication and
registration schemes.

Blocklisting mechanisms are finding their way into most current Wiki

> The explanation from the index.php file:
> // If ALLOW_BOGO_LOGIN is true, users are allowed to login (with
> // any/no password) using any userid which:
> //  1) is not the ADMIN_USER,
> //  2) is a valid WikiWord (matches $WikiNameRegexp.)
> // If true, users may be created by themselves. Otherwise we need
> // seperate auth. This might be renamed to ALLOW_SELF_REGISTRATION.
> if (!defined('ALLOW_BOGO_LOGIN')) define('ALLOW_BOGO_LOGIN', true);
> // This will go away, with true page permissions.
> // If set, then if an anonymous user attempts to edit a page he will
> // be required to sign in.  (If ALLOW_BOGO_LOGIN is true, of course,
> // no password is required, but the user must still sign in under
> // some sort of WikiWordName.)
> if (!defined('REQUIRE_SIGNIN_BEFORE_EDIT')) 
> Pau.

Karsten M. Self <kmself@xxxxxxxxxxxxx>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
    Compiling from source / is an adventure as well. /  What crap code that is.
    - Haiku compiling from source

Attachment: signature.asc
Description: Digital signature