Talk:Meta:Anonymous editing

m (Ban anonymous over HTTP, but not HTTPS)
(Proposal)
 
(5 intermediate revisions not shown)
Line 7: Line 7:
I freely admit that I want to raise the bar for editing information on a source I would like to consider 'reference'.<br>
I freely admit that I want to raise the bar for editing information on a source I would like to consider 'reference'.<br>
[[User:lbt|lbt]] 16:23, 21 June 2008 (UTC)
[[User:lbt|lbt]] 16:23, 21 June 2008 (UTC)
 +
:+1 from me. No anonymous edits seems like a fair balance between protecting the wiki and protecting spammer's rights to mess it up. --[[User:dneary|dneary]] 07:34, 23 June 2008 (UTC)
 +
:<del>+1. Spam is a serious problem. Registering or logging in is not.</del> (just saw [http://www.mediawiki.org/wiki/Captcha MediaWiki's Manual:Combating spam] and was convinced by the discussion in maemo-developers)  --[[User:qgil|qgil]] 11:47, 23 June 2008 (UTC)
 +
:+1. If you want to say something, say who you are first.--[[User:anidel|anidel]] 11:55, 23 June 2008 (UTC)
== Ban anonymous over HTTP, but not HTTPS ==
== Ban anonymous over HTTP, but not HTTPS ==
Line 17: Line 20:
''--[[User:jaffa|Jaffa]] 17:26, 21 June 2008 (UTC)''
''--[[User:jaffa|Jaffa]] 17:26, 21 June 2008 (UTC)''
:Having said that, if there's a suitable CAPTCHA-type system or plugin we can easily deploy, that'd also be effective. However, if it's non-trivial, I wouldn't say the investment of effort in it was worthwhile (IMHO). --[[User:jaffa|Jaffa]] 17:30, 21 June 2008 (UTC)
:Having said that, if there's a suitable CAPTCHA-type system or plugin we can easily deploy, that'd also be effective. However, if it's non-trivial, I wouldn't say the investment of effort in it was worthwhile (IMHO). --[[User:jaffa|Jaffa]] 17:30, 21 June 2008 (UTC)
 +
 +
== Proposal ==
 +
 +
This was a [http://lists.maemo.org/pipermail/maemo-users/2008-June/021627.html proposal sent to maemo-users]. Proposing to continue the discussion here until agreement.--[[User:qgil|qgil]] 21:51, 19 July 2008 (UTC)
 +
 +
Frantisek Dufka wrote:
 +
:The only argument left which I do agree with is additional work for
 +
:implementing captcha and fixing occasional vandalism if it won't be 100%
 +
:bulletproof. But maybe we already wasted more time in this dicussion
 +
:that it would take to implement this http://recaptcha.net/plugins/mediawiki/
 +
 +
Probably true.
 +
 +
Proposal: let's go for incremental changes until the satisfactory level.
 +
 +
We had it fully open and we have seen that this is not good enough since
 +
we get spammed and this is just the beginning of a small and young wiki
 +
not much linked.
 +
 +
Next step
 +
 +
Ban anonymous over HTTP, but not HTTPS?
 +
 +
: Done. --[[User:dneary|Dave Neary]] 11:31, 11 August 2008 (UTC)
 +
 +
If this is not good enough then next step
 +
 +
Captcha
 +
 +
if this is not enough then registration.
 +
 +
About anonymous contributors, I think a wiki doesn't compare to a
 +
mailing list or a bug report tool. A comma, a number, a vowel or a word
 +
might make a lot of sense and be a useful spontaneous contribution in a
 +
wiki. The same cannot be said in other media.
 +
 +
Myself I have edited anonymously in several wikis just for minor fixes,
 +
and I wouldn't have registered to do so.
 +
 +
I was already convinced by Jaffa, Frantisek and
 +
http://www.mediawiki.org/wiki/Captcha . Then
 +
https://wiki.maemo.org/index.php?title=Task%3AMaemo_brand&diff=2641&oldid=2502
 +
came as a proof.  :)

Latest revision as of 11:31, 11 August 2008

Contents

[edit] CAPTCHA

lcuk on #maemo had an interesting idea, NIT-based CAPTCHA questions (i.e. What is the codename for Maemo 4.0? Chinook). Of course a regular CAPTCHA system should work fine, but this'd be a nice touch. The CAPTCHA has the nice effect of both not entirely preventing anonymous edits, while hopefully stopping the bots. This should probably come with a strong suggestion for the user to register. —GeneralAntilles 15:52, 21 June 2008 (UTC)

[edit] Just Say No

I vote no for anonymous edits.
I freely admit that I want to raise the bar for editing information on a source I would like to consider 'reference'.
lbt 16:23, 21 June 2008 (UTC)

+1 from me. No anonymous edits seems like a fair balance between protecting the wiki and protecting spammer's rights to mess it up. --dneary 07:34, 23 June 2008 (UTC)
+1. Spam is a serious problem. Registering or logging in is not. (just saw MediaWiki's Manual:Combating spam and was convinced by the discussion in maemo-developers) --qgil 11:47, 23 June 2008 (UTC)
+1. If you want to say something, say who you are first.--anidel 11:55, 23 June 2008 (UTC)

[edit] Ban anonymous over HTTP, but not HTTPS

The set-up of wiki.maemo.org uses a reverse proxy, which uses Apache to forward requests from HTTP to the HTTPS port. This means that all anonymous edits over HTTP show up as 127.0.0.1. However, anonymous edits over HTTPS will feature the (non-repudiable) IP address of the editing user.

This would seem to stop the spam: all the spam to-date (and there's been a lot of it over the few days in the middle of June) has been through HTTP editing, and so a temporary ban on edits from 127.0.0.1 has eliminated it.

Therefore, we should probably make that ban permanent and deny any anonymous access through HTTP; or we "fix" the problem and expose the external requesting IP to mediawiki over HTTP as well, and then move quickly to ban spamming IPs. Obviously, this will be ineffective if we are hit by a distributed spam botnet. --Jaffa 17:26, 21 June 2008 (UTC)

Having said that, if there's a suitable CAPTCHA-type system or plugin we can easily deploy, that'd also be effective. However, if it's non-trivial, I wouldn't say the investment of effort in it was worthwhile (IMHO). --Jaffa 17:30, 21 June 2008 (UTC)

[edit] Proposal

This was a proposal sent to maemo-users. Proposing to continue the discussion here until agreement.--qgil 21:51, 19 July 2008 (UTC)

Frantisek Dufka wrote:

The only argument left which I do agree with is additional work for
implementing captcha and fixing occasional vandalism if it won't be 100%
bulletproof. But maybe we already wasted more time in this dicussion
that it would take to implement this http://recaptcha.net/plugins/mediawiki/

Probably true.

Proposal: let's go for incremental changes until the satisfactory level.

We had it fully open and we have seen that this is not good enough since we get spammed and this is just the beginning of a small and young wiki not much linked.

Next step

Ban anonymous over HTTP, but not HTTPS?

Done. --Dave Neary 11:31, 11 August 2008 (UTC)

If this is not good enough then next step

Captcha

if this is not enough then registration.

About anonymous contributors, I think a wiki doesn't compare to a mailing list or a bug report tool. A comma, a number, a vowel or a word might make a lot of sense and be a useful spontaneous contribution in a wiki. The same cannot be said in other media.

Myself I have edited anonymously in several wikis just for minor fixes, and I wouldn't have registered to do so.

I was already convinced by Jaffa, Frantisek and http://www.mediawiki.org/wiki/Captcha . Then https://wiki.maemo.org/index.php?title=Task%3AMaemo_brand&diff=2641&oldid=2502 came as a proof.  :)