Quote:
Originally Posted by sfisque
except that lalo's solution works fine for "untargetted" attacking. if someone is taking the time to sniff the site for vulnerabilities in order to hand craft their bot's attack, we can assume it is a targetted attack from a (most likely small) set of addresses which can be black listed.
security through obscurity works fine, if it is maintained (read: the dictionary of questions is modified over time to prevent staleness), for a "one off" which our wiki would be (there wont be 1000's of shrink wrapped releases of our wiki).
== sfisque
|
Yeah but come on lol, the spammer is posting advertisements. Thats not targeted in the least, thats the same as email spam; someone has a list of URLs set up in a bot to go out and advertise their websites for the search engines to pick up on. I've seen the same thing on MediaWiki quite a bit.
Image verification, even the simplest verifications will shut down the spam we have been seeing.
If someone is outright attacking the website, then the admins need to get a hold of the FBI, they
DO investigate those whom intrude in networks and information systems (including gaining unauthorized access to spam the wiki).