[Moin-user] Spam on Moin wikis and anti-spam best practices

Thomas Waldmann tw at waldmann-edv.de
Tue Sep 3 05:04:28 EDT 2013


> perhaps we need safer defaults

I don't think we should change defaults within a stable release series.

But we can change how example configs look like and document stuff better.

> Really control registration: for extra control over registration, perhaps use 
> the http://www.moinmo.in/MoinMoinPatch/VerifyAccountCreationByEmail patch to 
> require e-mail verification of account registration.

I wouldn't recommend this patch until someone cleans it up (see my
comments there), does more testing and reviews the code again.

> Does anyone have any opinions about the above?

Good writeup, should be supplemented with a modified default wiki/farm
config.

One can add to regularly review logs, esp. after spam gets in. So one
can sometimes identify static IP addrs only used for spamming (put them
in moin's hosts_deny or handle via web server) and also textchas that
have been broken and should be replaced.





More information about the Moin-user mailing list