New User Flood

Jump to navigation Jump to search
Revision as of 2 October 2014 at 01:36.
The highlighted comment was created in this revision.

New User Flood

There seems to be a flood of new users, I can only guess that these are not people interested in robocode, but rather some kind of spam bot (or spam bots). We need some way to captcha user creation I think.

While we are at it, remove some of those "new users" without any edits.

    Chase15:07, 30 September 2014

    I wonder why create spam bots when you can create Robocode bots. :P

      MN (talk)00:30, 1 October 2014
       

      Speaking of user removal. How many active admins do we have?

        Beaming (talk)01:57, 1 October 2014

        Well a few, for example I don't have access to actual site stuff (so I can't add a captcha).

        We could just go through and manually delete them all, but there is no bulk method way to do that (that I know of).

          Chase02:20, 1 October 2014
           

          List of those with mediawiki "administrator" access:
          AW‏‎, Chase-san‏‎, Darkcanuck‏, David Alves‏‎, GrubbmGait‏‎, Jdev‏‎, MN‏‎, PEZ‏‎, Rednaxela‏‎, Sheldor‏‎, Skilgannon, Skotty‏‎, Voidious, Wompi

          List of those with server shell access:
          David Alves‏‎, Rednaxela‏‎, Skilgannon, Voidious

          The one whose name the server name is under:
          David Alves‏‎

          The one whose name the domain name is under:
          PEZ

          The last several times the server needed config maintnance I've dealt with that. I know Skilgannon is also checking in wiki sometimes. Voidious less often recently to my knowledge.

            Rednaxela (talk)20:03, 1 October 2014
             

            For future reference, you can see who's a wiki administrator or bureaucrat by using the "Group:" filter on the user list page.

              Sheldor (talk)23:29, 1 October 2014
               

              Hate to break it to you Chase, but we already have a captcha on user creation. In fact, we have *TWO* captchas (reCaptcha, plus a simple math question presented as an image) required for user creation, and the bots involved in these user creations seem to crack crack both. I tend to wonder if they're using a "mechanical turk" type of system to outsource bulk captcha breaking to humans.

              Only reason they very rarely succeed at actually posting content these days, is because of a custom Mediawiki extension I added, which blocks any edits which add new external URL links if the user account was created within X hours of the attempt. (Note, it does not block external URLs that are not formatted as Mediawiki links, such as the participants page of course)

              Perhaps I should augment this extension to remove users whose only attempted edits during a 1 week period were blocked in this fashion?

                Rednaxela (talk)19:48, 1 October 2014

                My experience with captcha locked registration, is that at some point someone, most likely a human, provides an answer to at least one question. After this bots will register like crazy. On my site I had non googlable question, which holds bots for a month or two, but sooner or letter they will come.

                The only way to deal with it, is to remove old questions and generate new ones.

                  Beaming (talk)22:38, 1 October 2014
                   

                  "Perhaps I should augment this extension to remove users whose only attempted edits during a 1 week period were blocked in this fashion?"

                  That policy sounds pretty reasonable, as long as it is clearly written somewhere new users would see.

                    Sheldor (talk)23:12, 1 October 2014

                    Make it 3 days and that'll do it for me. We should also nuke users without any posts that registered more then 3 days ago as well (and were not added by an admin), or something.

                      Chase02:36, 2 October 2014