---+!! !AntiWikiSpamPlugin <!-- * Set SHORTDESCRIPTION = Lightweight wiki spam prevention --> %SHORTDESCRIPTION% %TOC% ---++ Stop your wiki getting spammed This plugin attempts to reduce the instance of Wiki Spam by using the [[http://moinmo.in/MoinMoinWiki][MoinMoin]] [[http://moinmo.in/AntiSpamGlobalSolution][AntiSpamGlobalSolution]] regex's. Anytime it detects that a saved page contains a string in the regex list, it _only_ refuses to save it. It can also check new registrations to see if the email address used matches a blacklist (or whitelist). *Major premise is not to create any unnecessary load on the server and not to use excess server resources by holding connections open.* All its processing is _only_ done on =save=, or on =attach=. (Foswiki:Extensions/BlackListPlugin does alot of processing on _every_ topic operation, including view) It uses a timeout on save to check if the list has changed, so if there are no saves, there is no un-needed network traffic. Alternatively the regex list can be loaded by a cron script to minimize save overhead. To manually update the list, click [[%SCRIPTURLPATH{"rest"}%/%TOPIC%/forceUpdate][here]] Note that the retrieve of the !MoinMoin regex list can still take some seconds which will delay topic saves when the list needs to be refreshed. For best performance: * Refresh the list using the =rest= script from a scheduled cron job <verbatim> cd [foswiki-bin-directory] ./rest /AntiWikiSpamPlugin/forceUpdate </verbatim> * Set the =GETLISTTIMEOUT= to a very large number so that the cron job will be the only source of updates ---++ Removing User Accounts Normally user accounts should not be removed, as they represent the history of topic changes. In addition if the WikiName is reused, the new user "assumes" the history of the prior user. However, when dealing with spam registrations, it's generally recommended to remove the accounts. This plugin provides a REST handler that can remove user accounts from the wiki, which you can access through the following form. * The User will be removed from the Mapping manager if supported * The User will be removed from any groups * The User topic and any attachments are moved to the %TRASHWEB% Web as =SuspectSpammer<WikiName><timestamp>= *This function is only available to Administrators* <!-- %JQREQUIRE{"ui, ui::autocomplete"}% --> <form name="admin" action="%SCRIPTURLPATH{rest}%/AntiWikiSpamPlugin/removeUser" method="post"> %INCLUDE{"%SYSTEMWEB%.JQueryAjaxHelper" section="userselector" INPUT_NAME="user" MULTI="false"}% <input type="submit" class="foswikiSubmit" value="Remove User" /> </form> ---++ Configuration The configuration of this plugin is done using the %SCRIPTURL{"configure"}% tool. There are 5 settings used to control the operation and aggressiveness of the spam filter: %TABLE{sort="off"}% | *Setting* | *Definition* | *Default* | | ={Plugins}{AntiWikiSpamPlugin}{CheckTopics}= | Enable to check topic text against the spam regular expressions | (enabled) | | ={Plugins}{AntiWikiSpamPlugin}{CheckAttachments}= | Enable to check attachment text against the spam regular expressions | (enabled) | | ={Plugins}{AntiWikiSpamPlugin}{CheckRegistrations}= | Enable to check Registrations against the white and black lists. | (enabled) | | ={Plugins}{AntiWikiSpamPlugin}{ANTISPAMREGEXLISTURL}= | URL containing the public list of regular expressions used to block spam. The default list is provided by !MoinMoin. | http://arch.thinkmo.de/cgi-bin/spam-merge | | ={Plugins}{AntiWikiSpamPlugin}{LOCALANTISPAMREGEXLISTTOPIC}= | A topic containing a list of local regular expressions. A sample topic is provided. | %SYSTEMWEB%.AntiWikiSpamLocalList | | ={Plugins}{AntiWikiSpamPlugin}{GETLISTTIMEOUT}= | Maximum age of the public regular expression list in minutes. When age is exceeded, an updated list will be fetched | 60 | | ={Plugins}{AntiWikiSpamPlugin}{BypassGroup}= | A Wiki group listing members who are permitted to save without any Spam checking. Note that members of the %USERSWEB%.AdminGroup are always permitted to save. | AntiWikiSpamBypassGroup | | ={Plugins}{AntiWikiSpamPlugin}{HitThreshold}= | Number of regex hits required to block the save. Set to -1 to simulate operation. | 1 | | ={Plugins}{AntiWikiSpamPlugin}{RegistrationWhiteList}= | Name of topic containing regular expressions that permit registration by matching email domains. | %SYSTEMWEB%.AntiWikiSpamRegistrationWhiteList | | ={Plugins}{AntiWikiSpamPlugin}{RegistrationBlackList}= | Name of topic containing regular expressions that deny registration by matching email domains. | %SYSTEMWEB%.AntiWikiSpamRegistrationBlackList | ---++ Registration Registration is controlled by limiting the email domains that can be used by people registering to the wiki. For example, you can set up a whitelist so that only people with a corporate email address can register, or set up a blacklist to filter known email hosts that spammers use. The lists are held in topics, usually called %SYSTEMWEB%.AntiWikiSpamRegistrationWhiteList and %SYSTEMWEB%.AntiWikiSpamRegistrationWhiteList. Sample topics are provided. Each topic is a simple list of Perl regular expressions. At least one expression in the whitelist must match the email address to permit registration. If any expression in the blacklist matches, registration will be denied. ---++ Installation Instructions You do not need to install anything in the browser to use this extension. The following instructions are for the administrator who installs the extension on the server. Open configure, and open the "Extensions" section. Use "Find More Extensions" to get a list of available extensions. Select "Install". If you have any problems, or if the extension isn't available in =configure=, then you can still install manually from the command-line. See http://foswiki.org/Support/ManuallyInstallingExtensions for more help. ---++ Testing Edit %SANDBOXWEB%.AntiWikiSpamTestTopic using the Admin user. (This topic is protected against non-admin access.) Save will be permitted, but the matching regular expressions will be logged to the foswiki error log (typically =working/logs/error.log=) To cause a true failure, remove the VIEW and CHANGE restrictions to the topic and edit it using a non-admin user. ---++ Info | Author(s): | Foswiki:Main.SvenDowideit - http://fosiki.com | | Copyright: | © 2005-2009 SvenDowideit@fosiki.com %BR% © 2012 George Clark %BR% © 2012 Crawford Currie http://c-dot.co.uk | | License: | [[http://www.gnu.org/licenses/gpl3.html][GPL 3 (Gnu General Public License)]] | | Version: | 1.5 | | Release: | 1.5 | | Change History: | <!-- versions below in reverse order --> | | 1.5 (31 Dec 2012) | Foswikitask:Item12296: !BypassGroup doesn't work, also unit tests don't work on trunk.%BR%\ Foswikitask:Item12323: Fails to remove user topic on Foswiki 1.1.x | | 1.4 (10 Aug 2012) | Foswikitask:Item11679: When removing a user, remove it from any groups.<br />\ Foswikitask:Item12038: Allow checking to be disabled | | 1.3.1 (19 Mar 2012) | Remove dialog would remove current user if entered user was not konwn to the Mapper. | | 1.3 (14 Mar 2012) | Foswikitask:Item11644: add white/black lists for common spam sources (Foswiki:Main.CrawfordCurrie) <br />\ Foswikitask:Item11646: add remove dialog <br />\ Foswikitask:Item11593: Uninitialized variable | | 1.2 (25 Apr 2011) | Foswikitask:Item1091 - add whitelist, <br />\ Foswikitask:Item1580 - also process comments, <br />\ Foswikitask:Item10680 - Improve local regex capability | | 1.1 (4 Jan 2009) | updated for Foswiki v1.0 | | 1.0 (22 Aug 2005) | Initial version | | Dependencies: | <table class="foswikiTable" border="1"><tr><th>Name</th><th>Version</th><th>Description</th></tr><tr><td align="left">Socket</td><td align="left">cpan</td><td align="left">Required to check the DNS of registration email addresses</td></tr></table> | | Home page: | http://foswiki.org/bin/view/Extensions/AntiWikiSpamPlugin | <!-- Do _not_ attempt to edit this topic; it is auto-generated. -->
This topic: System
>
AntiWikiSpamPlugin
Topic revision:
02 Nov 2013,
UnknownUser
(raw view)
Copyright © CC-BY-SA by the contributing authors. All material on this collaboration platform is copyrighted under CC-BY-SA by the contributing authors unless otherwise noted.
Ideas, requests, problems regarding Foswiki?
Send feedback