Wiki spam - Journal of Omnifarious
May. 28th, 2008
08:26 pm - Wiki spam
I've been getting lots of spam on the wiki for my long dormant CAKE project. Mostly Moin Moin's (the wiki software I've been using) anti-spam feature has worked in defending against these attempts. The feature is that Moin Moin periodically downloads a list of regular expressions that match spam URLs and checks on wiki edits to see if they are introducing these URLs into the wiki.
But recently it hasn't been keeping up. Recently spammers have been registering hundreds of random letter jumble domain names or breaking into legitimate web servers and hosting their content in a weird part of the server. In fact, my wiki currently seems to be the target of a very concerted and coordinated attempt to use a botnet to spam it with URLs that do not appear in the banned list.
I found one aspect of how the software spams the wiki. It puts the spam URLs in the change comment. Most humans don't even fill in that comment, and hardly ever put a URL in it. And I modified the wiki software to check for that behavior. That has been successful in rebuffing almost all of the attacks so far.
I'm now also recording all failed attempts to alter the wiki and adding the IPs to a big list of banned IPs, and that's succeeded in rebuffing even more attacks. In one case I even decided to put in a whole /24.
Spammers and the security issues of people running Windows are the most consistently irritating problem on the Internet today.