#foswiki 2013-11-17,Sun

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
pharvey1has anybody been following p5-mop stuff? [03:44]
.................. (idle for 1h26mn)
***gac410 has left [05:10]
........................................... (idle for 3h33mn)
ChanServ sets mode: +o MichaelDaum [08:43]
........... (idle for 54mn)
ChanServ sets mode: +o MichaelDaum [09:37]
...................................................... (idle for 4h26mn)
Tarbox has left [14:03]
........ (idle for 39mn)
ChanServ sets mode: +o gac410 [14:42]
...................................... (idle for 3h8mn)
ChanServ sets mode: +o MichaelDaum [17:50]
...... (idle for 25mn)
nomikehi [18:15]
gac410hi nomike [18:15]
nomikeI want to create a website and want to use FOSwiki as a hybrid of CMS, public Wiki and internal collaboration plattform.
What I want to do now is to remove/hide the edit button for unauthenticated users in certain webs.
I've seen instructions to remove the edit button for unauthenticated users everywhere but that's not what I like
[18:15]
gac410Ah... hm I think there is a q&a about that somewhere. I... oh... per web. Hm. [18:17]
nomikeWell what I need to consider first is if having a public Wiki is generally a good Idea. I mean, having a way of quickly editing a page is IMHO a very good thing. But our Website will be very low traffic with a very small userbase and I'm worried about Spambots
The next level would be requiring users to sign up before being able to contribute
[18:19]
gac410Yeah spam can be an issue. foswiki.org has a small but constant stream of registrations that result in spam. Need to be vigilant. [18:20]
nomikeBut that's a very hard step and I'm not sure how deep the impact is [18:20]
gac410Generally registration is very important. Otherwise you can't easily track down who edited ... and find other edits if there is a problem. [18:21]
nomikeOn Websites like Wikipedia there are enough active users so Spam seems to be no issue here. For every spammer who tries to spam, there are hundreds of good users who immediatly remove it.
Ok, so it would be fine for me to remove the Edit Button for every unauthenticated user, as I will require users to sign in for being able to edit.
[18:21]
gac410Extensions.AntiWikiSpamPlugin can help. Right, unless you have a big community, the spam slips through. And sometimes it's not easy to identify the actual spam. Some just register and include some text / links in their user topic.
So is it really spam, or just some low volume link farming, or a legitimate background on the registered user.
You'll also want to "confirm" the registrations. Ensure that a valid email is used. Though the spam registrations will still come. You might also block some of the throw-away email domains. mailinator for ex. There are a few.
[18:23]
nomikeBut I'm also thinking of letting anonymous users edit pages when they pass some verification. I hate captcha's so I'm thinking more of Kitten Auth.
My website will be about privacy and data retention. A platform against PRISM, Tempora, etc. so requiring a valid email address and blocking trash-mail operators will be a bit to far...*g*
[18:26]
gac410So if you suddenly see some spam links, how would you find all other edits by the same user. Registration is pretty important. [18:26]
nomikeDoes FOSwiki track IPs of unauthenticated users, like mediawiki does? [18:27]
gac410It's unfortunate, but once the spammers find a valid target, the volume can be rather impressive.
Our logs by default include the IP, but it's not recorded in the topic history. Probably a custom mapper could be written to map to a pseudo-id built from the ip address.
Foswiki is quite flexible, but it may require some perl code
The AntiWikISpamPlugin can block save when a topic matches a public list of regexes of known spam links. But my experience on foswiki.org is spam never matches.
[18:28]
nomikeI think I'll experiment with KittenAuth a bit. Of course some adoption to our topic. Like: Click the three pictures of CCTV Cameras from the 3x3 Grid below.
This is a very uncommon method which is easy for users, hard for spambot's and as it's uncommon, they have no ready scripts for that.
[18:33]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)