Tightening up our Wiki

[Stefan Bodewig <bo...@apache.org>]

Hi all,

the user wikimouse is using new techniques that makes it more difficult
to keep spam out of the Wiki: he reverts the pages to those that
contained spam once we delete it - this does not send out notification
mails - and uses tinyurl to circumvent the BadContent list.

I suggest we close down Wiki access to the few of us who actually edit
the Wiki from time to time using
<http://wiki.apache.org/general/OurWikiFarm#per_wiki_access_control_-_tighten_your_wiki_just_a_little.2C_benefit_just_a_lot>

I'll ask infra to change the setup in a few days unless anybody stops
me.

Stefan

---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org

Re: Tightening up our Wiki

[Konstantin Kolinko <kn...@gmail.com>]

2012/5/4 Stefan Bodewig <bo...@apache.org>:
> Hi all,
>
> the user wikimouse is using new techniques that makes it more difficult
> to keep spam out of the Wiki: he reverts the pages to those that
> contained spam once we delete it - this does not send out notification
> mails - and uses tinyurl to circumvent the BadContent list.
>
> I suggest we close down Wiki access to the few of us who actually edit
> the Wiki from time to time using
> <http://wiki.apache.org/general/OurWikiFarm#per_wiki_access_control_-_tighten_your_wiki_just_a_little.2C_benefit_just_a_lot>
>
> I'll ask infra to change the setup in a few days unless anybody stops
> me.
>

Add "tinyurl.com" to the list of spam addresses? We did so in Tomcat a year ago,
http://wiki.apache.org/tomcat/LocalBadContent

> Still, in Gump's case there only are very few people who ever edit the
> Wiki so the ContributorGroup setup would be a good fit IMHO.

I agree.

Best regards,
Konstantin Kolinko

---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org

Re: Tightening up our Wiki

[Stefan Bodewig <bo...@apache.org>]

On 2012-05-04, Jörg Schaible wrote:

> Hi,

> Stefan Bodewig wrote:

>> Hi all,

>> the user wikimouse is using new techniques that makes it more difficult
>> to keep spam out of the Wiki: he reverts the pages to those that
>> contained spam once we delete it - this does not send out notification
>> mails - and uses tinyurl to circumvent the BadContent list.

>> I suggest we close down Wiki access to the few of us who actually edit
>> the Wiki from time to time using
>> <http://wiki.apache.org/general/OurWikiFarm#per_wiki_access_control_-
> _tighten_your_wiki_just_a_little.2C_benefit_just_a_lot>

>> I'll ask infra to change the setup in a few days unless anybody stops
>> me.

> Hmm. Why not have a general security setting to allow reverts only for
> privileged people (i.e. those who can edit BadContent)?

Good question, I'll ask on the infra list whether this is possible.

> Tinyurls: Do we really need those in the wiki? The URL is normally
> hidden in the markup anyway and it does then not matter how long it
> is.

Not sure whether there is a way to prevent this.  We could add tinyurl
ot the BadContent list but I guess there are too many URL shortening
services for us to keep up with.

Still, in Gump's case there only are very few people who ever edit the
Wiki so the ContributorGroup setup would be a good fit IMHO.

Stefan

---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org

Re: Tightening up our Wiki

[Jörg Schaible <Jo...@scalaris.com>]

Hi,

Stefan Bodewig wrote:

> Hi all,
> 
> the user wikimouse is using new techniques that makes it more difficult
> to keep spam out of the Wiki: he reverts the pages to those that
> contained spam once we delete it - this does not send out notification
> mails - and uses tinyurl to circumvent the BadContent list.
> 
> I suggest we close down Wiki access to the few of us who actually edit
> the Wiki from time to time using
> <http://wiki.apache.org/general/OurWikiFarm#per_wiki_access_control_-
_tighten_your_wiki_just_a_little.2C_benefit_just_a_lot>
> 
> I'll ask infra to change the setup in a few days unless anybody stops
> me.

Hmm. Why not have a general security setting to allow reverts only for 
privileged people (i.e. those who can edit BadContent)?

Tinyurls: Do we really need those in the wiki? The URL is normally hidden in 
the markup anyway and it does then not matter how long it is.

- Jörg


---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org