Sustained Wiki Spam Attack

wiki.ucalgary.ca has been under a sustained spam attack all day. What started out as a minor irritation has grown into something that is impossible to ignore. The spammer is somehow getting around both Bad Behavior and Spam Blacklist extensions (I’ve blacklisted their URLs, but they keep getting edits into the system). This is one of the more frustrating aspects of trying to do things in an open manner. If there is the slightest possibility that something will be subverted for spamilicious purposes, it will be. And most likely it will happen before more than a handful of legitimate users are able to take advantage of a service.

These cretins are being rather clever (or, they’ve gotten some good Script Kiddie l337 tools) because they’re coming from many different (and changing) IP addresses, and each edit is accompanied by its very own account creation. So I can’t just block IPs, or roll back all edits by a user. So, I’ve had to disable account creation for now until I can figure out wtf to do about this.

To the spammer(s): may you rot in the most insidious inner circle of hell, reserved for parasites like yourself who find it necessary to suck energy and resources from (otherwise) free and open educational resources.

11 Replies to “Sustained Wiki Spam Attack”

  1. Meredith – yeah. It’s a really sticky one. Bad Behavior isn’t blocking it, and the Wiki Spam Blacklist is being cut through like butter. wtf? All I could do was disable new account creation, but that sucks as a longer term solution. They were hitting LOTS of pages in our wiki, so just locking a single (or handful of) page(s) wouldn’t have worked here.

  2. I should have known that if I was having a problem you and Paul would be too. 😉 The same thing has been happening to me since around the 10th as well. For some reason they’ve only been hitting my front page, which I decided to protect, and that stopped them more or less. But the minute I tried today (four days later) to unprotect that page, the spam came back again. If you and Paul figure something out, please let me know. 🙂

  3. Bill – good point. But I’ve long ago given up any hope/faith in the “report spam/abuse” services for ISPs and domain hosts…

  4. Hi D.
    What do you think about the idea that its better for educational organisations to use free web services instead of setting up and maintaining their own servers and apps? Especially orgs with even less resources than yours to deal with spam and stuff?

  5. Leigh – I love the idea of just telling folks to use the Wikipedia (or whatever) but they seem to be intimidated by the “global” resources. If it’s local, it feels more accessible. But, yeah – move it all into wikipedia.org for the betterment of all…

  6. On the what to do front, The URLs in the spam all seem to point to pages at maximum-search.net. I was to assume that is who is making money out of this.

    maximum-search.net is an anonymously registered domain by ESTDOMAINS that has a nice ‘report abuse’ page at
    http://estdomains.com/abuse/report_abuse.php

    It even has a drop down choice for WIKI SPAM.

    I’d be looking to see who elses problem you might be able to make this –

    My $0.02 – Bill

  7. Michael, I just cracked open my database to get the logs, and noticed there is no bad_behavior_log table in my mediawiki database. On opening the bad-behavior-mediawiki.php file, it looks like it’s coded for WordPress – not sure if that’s true or not. Perhaps it’s not finding the database/table and just dying…

  8. I’m looking for solution and landed on your post. It looks like there isn’t an effective solution yet for mediawiki.

    pmwiki, another wiki, has an interesting idea of rejecting post with too many url links. Looking at the spam, this might just work. Does mediawiki has something similar?

Comments are closed.