Combatting Spam on the Wiki

Share via Twitter Share via Facebook Share via Linkedin Share via Reddit

As I’ve mentioned and you may have seen for yourself, our wiki has recently been discovered by a small legion of evil-doers as some of the folks from Wikipedia told us it would. Thanks to the heoric efforts of Andy Fundinger, along with some work from the likes of myself and Tim Hardy, we’re keeping up with the spammers, but barely. See the list of recent changes here.

Given that this level of effort is not sustainable longer term – not to mention the lost productivity – I’ve installed (or tried to) the SpamBlacklist extension for our Mediawiki instance. That’s the good news; the bad news is that as near as I can determine, there’s no logging so I won’t know if a.) it’s installed properly or b.) working properly for a little while.

I must say that I’m a bit surprised at the state of the anti-spam toolkits. As Mediawiki is the basis for the enormously popular Wikipedia site, and has been growing in popularity of late (see the Hula and Mono websites now based on it), I’d expected the anti-spam tools to be a bit more user friendly, like Movable Type’s. Instead, it’s hand editing of PHP, crontab -e, etc. Plus the no logging, although at least I didn’t have to muck around in the MySQL DB.

Given our experience, I’d expect that we’ll be seeing some shiny new anti-spam plugins in the near future. Meantime, wish us luck.

Update: Well, so much for that. Apparently my quick test was done when the extension was yet active, because I just tried to update the wiki and got a weird “Unsupported operand type” error which turned up no results in either Google or the Mediawiki list archives. So while I see if anyone on that list has any ideas, to at least introduce some deterrent I’m forcing login for anyone attempting to save to the wiki. I hate to do it, as I’d prefer for anyone to be able to edit – and it’s not as if it’s a huge deterrent anyway, but as a stopgap it’s the best I can do. If this doesn’t work, and I can’t get the SpamBlacklist (or an equivalent) working, I’ll be forced to restrict login creation to sysops only. Hope it doesn’t come to that.


  1. It would help to spot the "real" content additions if recent changes filtered out anything where the comment includes "Spam" as a default. Or perhaps just anything by a named user with that comment?

  2. great idea, Andy. let me dig around the Mediawiki site and see if there's anything like that available.

Leave a Reply

Your email address will not be published. Required fields are marked *