[pydotorg-www] Vandalism/spam on wiki.python.org: changes to default permissions

Paul Boddie paul at boddie.org.uk
Sat May 31 23:04:26 CEST 2014 

On Saturday 31. May 2014 22.49.58 M.-A. Lemburg wrote:
> Hello,
> 
> in recent weeks, the Python Wiki has seen an increasing amount of
> spam and vandalism:
> 
> https://wiki.python.org/moin/RecentChanges?max_days=60
> 
> Since the textchas we've been using apparently no longer serve their
> intended purposes, I've now pulled the plug and disabled editing
> permissions for new users:
> 
> https://wiki.python.org/moin/FrontPage (see "Editing pages")
> 
> I've added a new user group called NewUsersGroup, which does
> get editing rights, but we'll have to manage this manually and
> new users who want to receive editing rights will have to write
> to this mailing list to be added to the group.

Thanks for doing this! I imagine that this will have very little impact on 
serious contributors. Certainly, anyone wanting to edit the pages will need an 
account, but they should be able to manage their credentials using OpenID and 
not have to remember another password for the site.

> I'm sorry for having to take this step, but the level of spam
> and (more importantly) vandalism we've been getting is too high
> to keep the wiki as open as it used to be.
> 
> Please regard the above step as emergency action. I'm more than
> open to discussing alternative approaches to the situation, since
> I don't like this step myself.
> 
> PS: I've only applied the new configuration to the Python wiki.
> We may also have to take this step for the Jython wiki.

I think I've made my position on this quite clear before. We can certainly 
implement measures similar to those used by other Web applications, but this 
requires an investment in the development of functionality that has been 
rather difficult to justify doing until now (speaking personally). For anyone 
motivated enough, just looking at Wordpress and MediaWiki extensions for anti-
spam should provide enough to go on, however.

Meanwhile, in contrast to many sites where highly restrictive policies prevail 
- indeed, how many sites have disabled editing entirely due to spam? - the 
available forms of registration and editing approval for MoinMoin are rather 
benign, in my opinion.

In any case, thanks for taking this step and also for cleaning up some of the 
recent spam. I for one appreciate this!

Paul

More information about the pydotorg-www mailing list