[OpenStack-Infra] Wiki.o.o sustaining spam attack

JP Maxwell jp at tipit.net
Tue Feb 23 07:34:57 UTC 2016


OK - so per the info here, you have to set the type of Captcha and add in
editing and create page as triggers requiring Captcha.

As an example to use QuestyCaptcha a the bottom of the LocalSettings.php
file:

https://www.mediawiki.org/wiki/Extension:ConfirmEdit#QuestyCaptcha

And make sure the triggers are set:

https://www.mediawiki.org/wiki/Extension:ConfirmEdit#Configuration

So, for example (you might want to change the questions), but the below
should at least stop the bleeding?

require_once "$IP/extensions/ConfirmEdit/ConfirmEdit.php";

// Use this line ONLY if your MediaWiki version is 1.25 or newer:
//wfLoadExtension( 'ConfirmEdit/QuestyCaptcha' );
// Use this line ONLY if your MediaWiki version is older than 1.25:
require_once "$IP/extensions/ConfirmEdit/QuestyCaptcha.php";

$wgCaptchaClass = 'QuestyCaptcha';

// Add your questions in LocalSettings.php using this format
$wgCaptchaQuestions[] = array( 'question' => "A question?", 'answer' => "An
Answer");
$wgCaptchaQuestions[] = array( 'question' => 'How much wood would a
woodchuck chuck if a woodchuck could chuck wood?', 'answer' => 'as much
wood as...' );
$wgCaptchaQuestions[] = array( 'question' => "What is this wiki's name?",
'answer' => "$wgSitename" );
// You can also provide several acceptable answers to a given question (the
answers shall be in lowercase):
$wgCaptchaQuestions[] = array( 'question' => "2 + 2 ?", 'answer' => array(
'4', 'four' ) );

$wgCaptchaTriggers['edit']          = true;
$wgCaptchaTriggers['create']        = true;


J.P. Maxwell / tipit.net <http://www.tipit.net>


On Tue, Feb 23, 2016 at 12:55 AM, Tom Fifield <tom at openstack.org> wrote:

> For wiki.o.o, I believe this is at:
>
> https://wiki.openstack.org/wiki/Special:Version
>
> On 23/02/16 14:51, JP Maxwell wrote:
>
>> I did setup a wiki and have a look at this briefly.   Can you confirm
>> what extensions you are loading?  When you setup the wiki it generates a
>> localsettings.php file that lists the extensions:
>>
>>
>>
>> Inline image 1
>>
>> # Enabled Extensions. Most extensions are enabled by including the base
>> extension file here
>> # but check specific extension documentation for more details
>> # The following extensions were automatically enabled:
>> wfLoadExtension( 'ConfirmEdit' );
>> wfLoadExtension( 'InputBox' );
>> wfLoadExtension( 'SpamBlacklist' );
>> wfLoadExtension( 'TitleBlacklist' );
>> wfLoadExtension( 'WikiEditor' );
>>
>> I think if you have that ConfirmEdit extension you can enable captcha
>> when creating new pages / editing existing ones.  In addition, there do
>> seem to be some spam extensions that come built in.
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-infra/attachments/20160223/c76454c5/attachment.html>


More information about the OpenStack-Infra mailing list