Saturday, January 02, 2010

How to fight TWiki / FOSSWiki spam

I operate a TWiki instance. It is a great tools and eases collaboration. However the more popular it gets the more attractive is it for spammers. There is little one can do about this. Even Google's captcha has been broken recently.

There seems to be little one can do to automatically prevent spam. There are however a few things a sysadmin can do manually to keep a Wiki clear or better yet to clean it up.

At first it seemed random how spammers show up. However there are a few tricks to identify them.

1.) First thing to do is to configure TWiki in a way it will email the sysadmin whenever someone registers. That way you get informed when someone , spammer or not, shows up.
2.) When someone registers take a look at the E-Mail address and potential links that are placed in their profile. Most spammers register for placing links in their profile.

If you identify a spammer do not just delete their profile. Instead go tho the .htaccess file and delete a character or two from their password. That way the account still exists but the spammer cannot log in anymore. If you do not delete the profile the spammer cannot register the same name again.

Next step is to log into TWiki and delete the offending links in the corresponding profile. The sooner you do this the fewer the chances a spammer will put content into the Wiki. If they have done so delete the topic and the corresponding rcs file.

One of the more obvious measures is to install the BlackList plugin. Once configured you can extract the IP address of the spammer from their registration mail and block it.

It's not perfect but if done continously it will keep your Wiki clean. Just in case an attack is launched against you site it might be a good idea to do nightly backups of TWiki so you can always roll back.