Talk:Meta:Anonymous editing

(Ban anonymous over HTTP, but not HTTPS: new section)
Line 7: Line 7:
I freely admit that I want to raise the bar for editing information on a source I would like to consider 'reference'.<br>
I freely admit that I want to raise the bar for editing information on a source I would like to consider 'reference'.<br>
[[User:lbt|lbt]] 16:23, 21 June 2008 (UTC)
[[User:lbt|lbt]] 16:23, 21 June 2008 (UTC)
 +
 +
== Ban anonymous over HTTP, but not HTTPS ==
 +
 +
The set-up of wiki.maemo.org uses a ''reverse proxy'', which uses Apache to forward requests from HTTP to the HTTPS port. This means that all anonymous edits over HTTP show up as 127.0.0.1. However, anonymous edits over HTTPS will feature the (non-repudiable) IP address of the editing user.
 +
 +
This would seem to stop the spam: all the spam to-date (and there's been a lot of it over the few days in the middle of June) has been through HTTP editing, and so a '''temporary''' ban on edits from 127.0.0.1 has eliminated it.
 +
 +
Therefore, we should probably make that ban permanent and deny any anonymous access through HTTP; or we "fix" the problem and expose the external requesting IP to mediawiki over HTTP as well, and then move quickly to ban spamming IPs. Obviously, this will be ineffective if we are hit by a distributed spam botnet.
 +
''--[[User:jaffa|Jaffa]] 17:26, 21 June 2008 (UTC)''

Revision as of 17:26, 21 June 2008

CAPTCHA

lcuk on #maemo had an interesting idea, NIT-based CAPTCHA questions (i.e. What is the codename for Maemo 4.0? Chinook). Of course a regular CAPTCHA system should work fine, but this'd be a nice touch. The CAPTCHA has the nice effect of both not entirely preventing anonymous edits, while hopefully stopping the bots. This should probably come with a strong suggestion for the user to register. —GeneralAntilles 15:52, 21 June 2008 (UTC)

Just Say No

I vote no for anonymous edits.
I freely admit that I want to raise the bar for editing information on a source I would like to consider 'reference'.
lbt 16:23, 21 June 2008 (UTC)

Ban anonymous over HTTP, but not HTTPS

The set-up of wiki.maemo.org uses a reverse proxy, which uses Apache to forward requests from HTTP to the HTTPS port. This means that all anonymous edits over HTTP show up as 127.0.0.1. However, anonymous edits over HTTPS will feature the (non-repudiable) IP address of the editing user.

This would seem to stop the spam: all the spam to-date (and there's been a lot of it over the few days in the middle of June) has been through HTTP editing, and so a temporary ban on edits from 127.0.0.1 has eliminated it.

Therefore, we should probably make that ban permanent and deny any anonymous access through HTTP; or we "fix" the problem and expose the external requesting IP to mediawiki over HTTP as well, and then move quickly to ban spamming IPs. Obviously, this will be ineffective if we are hit by a distributed spam botnet. --Jaffa 17:26, 21 June 2008 (UTC)