Abrir menu principal

UESPWiki β

UESPWiki:Administrator Noticeboard/Archive 6

< UESPWiki:Administrator Noticeboard
This is an archive of past UESPWiki:Administrator Noticeboard discussions. Do not edit the contents of this page, except for maintenance such as updating links.


Possible Solutions for Spam Attacks

Okay, this being the worst single attack I've seen (I counted 53 spam edts, and added 23 notches to my BanHammer blocking them), I'm beginning to think some change needs to be made. I'm not sure what, but this is just getting ridiculous. Possible solutions I've been considering:

  • Change UESPWiki:Spam Blacklist from Full-Protection to Semi-Protection. This would allow non-Admins to edit it, but not new accounts or IP editors. In this case, it would have allowed Eshe or one of the other editors to block this spam attack long before it got as bad as it did. Downside - could be abused if a spam-bot was smart enough to create an account, hold it dormant for a while, and then edit the Blacklist to free itself to do more damage. However, I don't think this is a likely occurance, and if it were to happen, damage to the Blacklist can easily be reverted. Worst case, we could just Full-Protect it again if this happened.
  • Promote more Admins. Right now, with only 3 active Admins, one of them on vacation, and another asleep during these hours, the responsibility fell on only me, and I just can't be around all the time. (Even if I am unemployed.) Or we could create a Semi-Admin position, who could edit protected pages, but not block users or delete pages. Again, this would allow certain people we trusted with the position to be able to edit the Blacklist and prevent these attacks before they get serious. I could think of a few people we could entrust with that power, for example, most of our Patrollers.
  • CAPTCHA. It may be a pain, but requiring IP-editors to prove they're human would go a long way towards preventing these attacks. We could couple the CAPTCHA page with a suggestion that creating an account means you won't have to go through that every time, which would encourage more people to sign up. Admittedly, it might turn away some editors, which is a possible downside. Though honestly, with few exceptions, most of the edits from IP-editors have been somewhat sub-par anyhow.
  • Smarter wiki software. I mean, there have got to be ways of preventing this sort of thing. Somebody has to have written plug-ins or something that can recognize and squash these attacks before they happen. What are they using on Wikipedia? Sure, there's lots of vandalism on Wikipedia, but the one thing I've never seen is spam. Their vandals seem to be all human, and I'd really like to know how they manage that. We've seen some definite patterns in the way these spam-bots work. Plus-sign vandalism is easy to spot. Large 12K+ edits by anonymous IPs or accounts with names that follow some basic rules (6 random characters, 1st and 4th always capital letters) are obvious warning signs. Talk pages created for non-existant articles, or with "index.php" in the title or a / as the final character, all good clues. (See :Category:Spam-Blockers for examples of these.) Pages being suddenly filled of hundreds of links, etc. We can recognize these things instantly. Surely there must be a way to program the site to recognize some of these same signs and catch them before they happen.

If anybody has any thoughts, suggestions, etc., I'd really like to hear them, because this has been getting steadily worse over the past several months, and we really need to do something to stop it. --TheRealLurlock Talk 23:34, 3 October 2007 (EDT)

I just did some research. This blog spam type really does get annoying. I'm by no means a computer whiz (I haven't even taken my first computer class, and I won't until my Sophomore high school year), but couldn't we do a keyword block? I checked the histories of the spam we just got and they repeat a lot of words like windjammer, 500hats, and justforkeepers. They are words practically never used by contributers. Is that possible? Just a thought. --Vesna 23:45, 3 October 2007
That's pretty much exactly what the Spam Blacklist (linked in my first post above) does. Take a look at it. Problem is that every time we block a batch of these keywords, it stops them for a while, but they just come back a few days later with a dozen new sites to spam us with. There's also some worry that if the Blacklist gets too long, it may impact general performance of the site, though I'm note sure there's any basis to that. (The Blacklist is only checked when you post an external link to another website on an article. Since very few legitimate edits ever do this, and when they do, it's at most one or two links, not hundreds like the spam-posts, it would probably not affect the site too much.) The problem is that right now, the Blacklist can only be editted by Admins, and right now there's only 3 of us that are active on the site. (Or right now, only 1, since one is on vacation and the other hasn't woken up yet.) Hence the reasoning behind my first two suggestions, making it possible for more people to edit this page. --TheRealLurlock Talk 00:16, 4 October 2007 (EDT)
Captcha. CS Wiki pretty much eliminated their spam problem by installing captcha. It kicks in on account creation and whenever adding a new link to an external site. It's really not too intrusive (relatively few valid edits add new links to external sites), so you don't see it that much. And when you do get it, it only adds a few seconds to editing time. --Wrye 00:13, 4 October 2007 (EDT)
We're going to need our own WikiSpam Project soon. I'll do some more research on this. I'll post back in a few hours. --Vesna
Hmm, that does sound good - though if it also has an option to make it only affect IP editors and new accounts, that would minimize the impact even further. Sure, spammers could create accounts and let them lay dormant until they get past the newbie-phase, but they'd still have to get past the Captcha in order to create the accounts in the first place, so that would require at least some human-intervention to spam the site, and that might be all the protection that's needed. Normal editors would then feel no effects from the change whatsoever, other than the site being blissfully spam-free. Of course, any such change would require Daveh to do the work to install it, so we might try my earlier suggestions in the mean-time. Semi-Protecting the Blacklist is something we can do right away if people agree with it. --TheRealLurlock Talk 00:27, 4 October 2007 (EDT)
I think a Captcha system is going to be the way to go in the long run. Of the other ideas, I suppose changing the spam blacklist to semi-protection would work - I just feel somewhat nervous that most people don't get regular expressions and might make mistakes. Only one way to find out there, though. More admins? Well I'm still peeved I didn't get to dirty my ban-stick this time! The problem is that the obvious candidates for admin-hood all share roughly the same time, and school / college means there will still be problems with non-coverage. It's not a reason not to do it but I doubt it will solve the issue. Smarter wiki software... well there's this but I don't know enough about the software to say much. It's just depressing that some people are so destructive. --RpehTalk 03:56, 4 October 2007 (EDT)
Okay, now why limit ourselves to one solution, guys? I'm all for promoting more admins, as per the "the more, the merrier" attitude that we have about patrollers. I mean, is it just me, or do we have more new users? So our proportion of admins to users has shrunk. I think a semi-admin position is a less-than-worthwhile pursuit. Most semi-admins could quickly become useful enough to be full admins. And if we trust someone to edit the spam blacklist, why don't we trust them to block bots, or delete pages that are created by spammers?
That said, I'm also for semi-protecting the spam blacklist. Heck, I tried to edit it once before!
As for Captcha, well, I can see the benefits. I just personally can't stand having to squint at things like that to get into a site. Somercy 10:36, 4 October 2007 (EDT)
See, but with the settings I suggested, you'd only have to do it once when you created your account. (Of course, since you already have an account, you wouldn't have to do it at all, but I'm talking about the general "you", not you specifically.) Between Wrye's suggestion and mine, I think the Captcha would be a pretty non-intrusive solution. The only way you'd ever see it is if you were a IP-editor trying to add an external link to a page, or if you were creating a new account. Everybody else would barely even notice it was there.
One other possibility that occurred to me was to create a new level of page-protection in between semi-protection and full-protection. The reason for this is that while we could trust most of our regular editors to treat the Spam Blacklist properly, there's a LOT of pages that are full-protected for a reason. Everything in the Mediawiki namespace, for example, needs to be protected, because a careless edit there could affect the whole site and screw a lot of things up. This is where my semi-admin idea comes in. Handing out the keys to more people and allowing the potential for them to cause site-wide damage could be a very bad idea. But at the same time, I'd like to be able to trust people to use tools such as the Blacklist without the need for an Admin to be on vigil 24/7. --TheRealLurlock Talk 11:24, 4 October 2007 (EDT)
Re captcha. I really think that captcha should trigger on both new accounts and new external links. If you only trigger on new accounts, then your encourage spammers to set up bogus accounts (which is a pain in the butt by itself). And yes, they will do this. Before anonymous editing was allowed here, plenty of bogus accounts were created early and used later. Same thing happened at CS wiki when they got spam nuked back in June. And the captcha really isn't bad. Around the time CS wiki got nuked, I was adding articles over there and I had an unusually high number of external links in the articles -- I was surprised at how non-invasive captcha was. As an active editor there, it really wasn't a problem at all. Again, since it only triggers when you add new external links, most edits won't trigger it. I would say configure it that way first. If after using it for a while it seems to be too much of a hassle, turn it down a little bit. --Wrye 15:32, 4 October 2007 (EDT)
I'd agree with Wrye. Apart from anything else the number of external links (not including spam) is vanishingly small so most users won't notice the difference. Now. Is it actually possible? --RpehTalk 15:43, 4 October 2007 (EDT)
See brief prior discussion UESPWiki:Administrator_Noticeboard/Vandalism#Captcha for a few links. So, it's possible and (apparently) not too hard to do. It's an extension, so it has to be added by Dave. Other than that, I don't know the tech details. I believe that Nephele's up on the details and probably did more research into various alternatives, so if we want to do it, it's probably best to wait until she gets back from vacation. (A couple of weeks, I think.) --Wrye 16:32, 4 October 2007 (EDT)
One minor question - can the Captcha distinguish between an actual link to an external site and one which is a link to the site but using the external link formatting? E.g.: UESP One thing we sometimes use external links for is to point to an old version of a page, e.g. Penultimate Edit. These look like external links, but are actually within the site - actually while I think about it, any link to the Forums, the old site, the Oblivion Map, or any other non-wiki parts of the site would fall into this category as well. No big deal, just wondering how intrusive this will be... --TheRealLurlock Talk 17:14, 4 October 2007 (EDT)
I just tested that over at cs wiki. Yes, it will trigger on that. --Wrye 20:30, 4 October 2007 (EDT)
Although it's occurred to me that neither the Blacklist nor Captcha would have had any effect on the latest batch of spam. It was formatted with <a href=blahblah> instead of [blahblah], which technically doesn't create links in wiki-markup. This also makes it fairly ineffective as spam, since there's no actual links on the page. It's still annoying crap that has to be reverted, of course, but none of the automatic techniques we have discussed would do anything to stop it. I guess we just have to hope that most spam-bots will realize that this form of spamming doesn't benefit them at all, and just stick to the type we can easily block... --TheRealLurlock Talk 23:37, 4 October 2007 (EDT)
Always test before making such claims, Lurlock! :lol: I just did a quick test at cs wiki and captcha correctly triggers in response to href as well as regular linking. If you've got any further questions about what captcha does and doesn't do, you should set up an account at cs wiki, then experiment on your user page there to see when captcha does and does not trigger. --Wrye 15:30, 5 October 2007 (EDT)

Confirm Edit Installed

I've installed the ConfirmEdit extension as suggested and a quick test shows that it seems to be working fine. I'm currently just using the default configuration settings but just let me know if anything needs to be changed. -- Daveh 11:52, 6 October 2007 (EDT)

I like it! Completely invisible for registered users and reasonably non-intrusive for unregistered ones. Hopefully that'll keep the problem down to manageable levels. --RpehTalk 12:16, 6 October 2007 (EDT)
Thanks Dave. I was kind of expecting to see the cs wiki word recognition tests, and I am a little concerned about just encouraging bogus signups. But better a quick start, I think. --Wrye 14:11, 6 October 2007 (EDT)
Yah, I was assuming it was going to do that to. Looking more closely at the CS wiki it seems they use reCaptcha in addition to ConfirmEdit (or perhaps it is an extension/branch, its not completely clear). -- Daveh 15:16, 6 October 2007 (EDT)
I noticed that ever since the installation of ConfirmEdit, I have to confirm almost every edit I do. The reason being that many templates have "external" links to allow users to edit a page or part of it. E.g. the {{stub-mw}} template has a link like this:
You can help by <span class="plainlinks">
 [{{SERVER}}{{localurl:{{NAMESPACE}}:{{PAGENAME}}|action=edit}} expanding it]</span>.
which triggers the confirmation. These are not really external links, but links that point back to our wiki. Would it be possible to filter them out? --DrPhoton 08:34, 8 October 2007 (EDT)
I've found that the MediaWiki:Captcha-addurl-whitelist page can be edited with sites to omit from the captcha test. I've added the UESP and a couple of common ES sites to it and it seems to work fine. Let me know if doesn't solve the template issue though. -- Daveh 09:50, 8 October 2007 (EDT)
That worked, thanks! By the way, shouldn't that page be protected? --DrPhoton 13:41, 9 October 2007 (EDT)
Good idea - I'll just give it semi-protection for now. I honestly don't think spam-bots will be smart enough to get around that, and we can always change it to full-protection if the need arises in the future. --TheRealLurlock Talk 13:59, 9 October 2007 (EDT)
Hmm - never mind, for some reason, I can't protect it. I don't get the protect tab on the top of the page like most pages, and when I tried manually, I just got an error. That's kind of weird... --TheRealLurlock Talk 14:01, 9 October 2007 (EDT)
All pages in the MediaWiki namespace are automatically protected given their nature (see MediaWiki_namespace). -- Daveh 14:15, 9 October 2007 (EDT)

So, great...

We finally come up with a perfect solution for how to prevent bots from posting spam on the site. And now the bots decide they don't want to post spam any more. They'd rather just fill pages up with nonsense instead. Any idea what to do about these kinds of attacks? Seems to be a similar M/O to the Plus-Sign Vandal. It changes certain characters into other characters, and always adds some nonsense word to the top of the page as well. It's also created one page from scratch so far. (I deleted it.) At least we know it won't post any spam, but it still makes a big mess. I'm afraid any solution to this problem would have to get a bit more technical - find some way to recognize open proxies, or maybe some sort of restriction on rapid multiple posts in a short amount of time by a new IP editor. Like, say, you get a 60-second timer between posts before you can post again until your post-count gets above 20 or something. (IMDB forums do something like that.) I don't know, I just get frustrated, after all we've done cleaning up in here, some damn bot comes in and messes the place up again. Sometimes, I just wish the world would stay saved for a bit, you know what I'm saying? --TheRealLurlock Talk 22:56, 9 October 2007 (EDT)

We may want to wait to see if it continues to be a problem or if it's just temporary. --Wrye 16:56, 10 October 2007 (EDT)
Well, we've waited, we've seen, and it doesn't seem to be going away. Also, my previous idea of an edit-timer doesn't seem like it would be all that effective now. Most of these IPs have done only one edit, so this wouldn't stop them or slow them down, as it just gets a new IP every time. Even this latest IP which did four edits before being stopped had a gap of over 2 hours between each of its edits, so a flood-timer would have no effect. I do have another idea, however. Could we implement the Captcha so that it automatically kicks in for the first, say, 5 posts for every new editor? Add a note at the top saying "This will only be required for your first five edits. We apologize for the inconvenience, but this is the only way we can prove that you are human and not a vandal-bot." or something like that - probably somebody should re-word that to be a little more polite and avoid scaring off legitimate editors. I very much doubt that any vandal bot user would go to the trouble of manually doing a Captcha for 5 edits prior to being set to do bot vandalism - especially since the spam-potential has basically been defeated. (It was one thing when they were doing it for profit - quite another if it's just to be annoying.) I think this minor inconvenience to newbie editors would be more than worth it if it basically means no more bots - ever. What do people think about this? --TheRealLurlock Talk 11:26, 17 October 2007 (EDT)
Well we could turn off anonymous editing. (But, see previous archived discussion.) First five edits is an interesting idea. You would need to maintain a database of all ips that attempt to edit the site and track their completed edits. --Wrye 16:31, 17 October 2007 (EDT)
I'm not sure that'd be necessary. Just require a Captcha for any IP editor with <5 edits. While it'd be great to track the null-edits that don't complete, I'm not sure how easy or practical that is. But the site already keeps a track of how many edits each user has, so it shouldn't be too hard to use that count to determine if somebody was a new editor or not. And even though Nephele suggested at one point that these bots might be trojans on other people's machines (as opposed to open proxies), we've yet to see one of these nonsense edits come out of an IP which already has an established history of legit posts. Every one of the IPs has had no prior history, so a "prove you're human" thing for the first 5 posts would be 100% effective - at least for now (until the bot-user decides to waste their time doing 5 captchas in order to legitimize their IP, and then start the bot-vandal - which is a lot of work for someone to do for not much purpose considering they'd just get banned again almost immediately afterwards.) Of course, any such change would need to be implemented by Daveh, but I think in light of this bot's M/O, it seems to be the most reliable way of quashing this thing for good with minimal collateral damage. --TheRealLurlock Talk 14:53, 18 October 2007 (EDT)
I'd like to repeat this request in light of the most recent attack. 74.208.11.169 hit 36 pages before being stopped, and it's even started to hit the Template namespace. Given the severe impact that a bot like this could have on the site as a whole if it hit some of the right pages in the Template space, I think it's possibly a matter of urgency that we do something to stop it before it gets the chance. --TheRealLurlock Talk 11:19, 9 November 2007 (EST)
Unfortunately, if you check the documentation on ConfirmEdit, that is not an option that is available with the extension. Unless you can locate a wikimedia extension that provides this capability, it is going to require somebody writing a bunch of PHP code in order to implement any such change. And personally I feel like in the day or two that it would take me to work up any such code, there are dozens of other things that I can do that will help the site more. I'm not saying it wouldn't be useful, just that it's a lot of effort. --NepheleTalk 11:41, 9 November 2007 (EST)
Well, I posted a suggestion on their talk page. Hopefully somebody will take a look at it. I'm sure they've got people who know more about PHP than any of us, so if somebody wants to create this feature, they'll be able to do it. Let's just keep an eye out for any new versions of ConfirmEdit that get released. --TheRealLurlock Talk 12:18, 9 November 2007 (EST)
We might semi-protect the templates. Be a lot of work though -- you'd have to semi-protect a bunch of pages. --Wrye 18:31, 9 November 2007 (EST)
Well we wouldn't have to semi-protect all of them, just the ones that are used a lot like the NPC, quest, and a few others.--Ratwar 19:20, 9 November 2007 (EST)

Copying Our Images

Please can somebody with a better knowledge of the ins and outs of the ShareAlike license advise on (most of) the images on this page? The Arquen, Ungolim, Shaleez, Alval Uvani, Havilstein Hoar-Blood, Adosi Serethi, Adrian Decanius, Adrienne Berenne and Ah-Malz images have all been lifted directly from UESP. If this were text then I'd blank the page with an explanation. Images are a bit trickier though because we acknowledge Bethesda as the creators. Should we ask for credit anyway? --RpehTalk 08:01, 8 October 2007 (EDT)

Complicated answer (which I'll write a bit more time tonight), but you should look at the licensing that we have stated for those images. --Wrye 17:52, 8 October 2007 (EDT)
Okay, got a bit more time. The Major point is that this is not about our CC share alike license. This is about the license the screenshot images that are displayed here. Screenshot images are not under our cc-by-sa license. The undertanding is that, being derivative works, these are not copyrightable by the person who takes the screenshot. Instead we understand these to be fair use of Bethesda's original material. Anyway, our fair use understanding is noted on the information pages for our screenshots. In other words, if Wikiscrolls takes the screenshots that contributors here have taken and reposts them on their website, then we don't really have much grounds to complain on (since we (or rather the original contributor) don't hold copyright).
In short, the point is that since images are (presumably) protected by Bethesda's copyright, then we, both as contributors, and as a site, cannot license them under our cc-by-sa (if you don't own the copyright, then you can't license it). Hence, there's no violation of UESP's or of individual contributor's copyright in this case. --Wrye 23:02, 8 October 2007 (EDT)
Where it gets tricky is when text is copied - as the text IS under cc-by-sa. What would you propose we do about a site like wanbulei.com that copies entire articles, translating them into Chinese? Compare: Oblivion:Skills to this page. I noticed this because the icon images used here were created by me - same filenames and everything. The front page of the site gives credit to UESP, but we're not mentionned anywhere else on the site that I can tell. (Though, I can't read Chinese, so who knows?) I also can't tell what kind of license they're under, since it's also in Chinese. But they've copied half the Oblivion articles on the site onto their page, verbatim as far as I can tell. The formatting and organization is identical. Obviously, I can't tell how much is changed in translation, but when even the paragraphs are indented in the same way, same terms bold-faced, etc., it's pretty obvious. --TheRealLurlock Talk 23:13, 8 October 2007 (EDT)
First, some basic theory... If I create an article from scratch, then I alone hold the copyright to it. I can then sell or otherwise release copies of that article as I please. If I post that article on UESP wiki, then I haven't given away my copyright at all, but rather (under the terms of UESP contribution/licensing) released it under the terms of cc-by-sa license. Since I continue to hold the copyright to the article, I could also still release it elsewhere under a different license, sell it in a book, whatever.
However, suppose that I modify an existing article at UESP -- that's creating a derivative copy of the original work -- which is a right normally reserved to the original copyright holder. The only reason that I'm allowed to do it, is the the cc-by-sa license specifically allows me to do it -- so long as I obey the other terms of the license (give attribution, release under the same cc-by-sa license). Note that in this case, I only hold a copyright over the changes that I made to the original article, not the original article. Because of the terms of the license, I can only release under the cc-by-sa license. Specifically, I cannot release under an additional license.
Now since many/most article at UESP are created by multiple authors, each of which continues to hold their copyright, the only way to release it under a different license would be to contact each of the original authors and get them ALL to agree to do so. Obviously, this is impractical (or more often impossible since many authors are unreachable). Hence the site is effectively locked into cc-by-sa. Note that this is pretty much intentional --it's a large part of what makes the site an open source site. (Wikipedia and most other wikis work in the same way.)
Our UESPWiki:Copyright and Ownership page is pretty good. It states fairly clearly what is copyright, what the relationship between UESP and contributors is, etc.
The problem with the chinese site is not that they've copied our materials, but rather that they've failed to release under the cc-by-sa license -- which is a requirement -- see specifically the legal code behind cc-by-sa, paragraph 4b. So, the chinese site is in violation of UESP contributor copyrights by failing to obey the terms of the license -- which is the only thing that would allow them to both 1) create a derivative work (the translation) and 2) display it. I would suggest messaging them and indicating to them that they need to follow the terms of the cc license. Aside from displaying the license, they must also credit the original creators -- that's why it's a "by" license. Again our copyright page describes how to do that.
FYI, although Wikscrolls itself is under cc-by-sa, and prominently displays the license, it cannot use UESP cc-by-sa material since Wikiscrolls has a different relationship with its contributors. At UESP, contributors license their material to UESP; but at Wikiscrolls, contributors give their material to Wikiscrolls...
When contributing to Wikiscrolls, you agree to automatically transfer the ownership of your contribution over to Wikiscrolls, and in return, we license you back the rights to modify, distribute, publish, and sub-license your work. This gives the community the flexibility to re-license the site under a newer version of the CC-BY-SA or to choose a different free license if necessary. This also allows you to have the rights over your content that you would normally. --Wikiscrolls Copyright page
As copyright holder, Wikiscrolls can change the license completely, shut the site down, sell the site for as much money as anyone would pay, etc. -- and contributors wouldn't have a legal leg to stand on, since they gave the material to Wikiscrolls. In other words, the last statement in that claim is false -- the contributor doesn't have the same rights at all -- since they just gave all those right to wikiscrolls. (Now, why any contributor would choose to do that... :shrug:) Anyway, this means that Wikiscrolls cannot use our (non-screenshot) material since doing so would require the agreement of all authors who contributed to any article that Wikiscrolls would attempt to use.
Keep in mind that copyright is pretty complicated by itself, and various licences complicate things further. It generally makes sense if you take the time to follow it, but is also subject to a lot of stress in these days of easy copying, googling, etc. --Wrye 00:30, 9 October 2007 (EDT)
Thanks, Wrye. That's roughly what I thought, but you seem to have dealt more with all this than I have. That Chinese site is particularly galling though - especially when you consider they're probably using a lot of UESP's bandwidth too. --RpehTalk 03:01, 9 October 2007 (EDT)

Allowable Spam?

A couple of days ago I spotted the first edit by a new user - a change to their user page - and popped in to welcome them, as is my wont. What I found made me hold back because it seems to be manual spam (See for yourselves), and I don't think we want that on the site. I've just posted a guarded welcome on the talk page but I thought I ought to post notice here that I intend to delete that link from the user's page if no more detail is forthcoming. I know editing user pages is considered pretty close to taboo but I don't think we want users called drug-fan, phone-fan and pr0n-fan creating, do we? If there's a strong negative reaction to my suggestion then I will of course desist, but otherwise I will delete the link two days from now. Please let me have your opinions. --RpehTCE 17:45, 1 November 2007 (EDT)

That's spam. I deleted the link. My guess is that was a trial baloon. --Wrye 19:59, 1 November 2007 (EDT)

Just Need A Little Help Please

Greetings All,

a couple of months ago, I have came across that in the "SPAM Warning" "advertising" is misspelled. I have tried to find a way to edit the message inside the template, but no avail. I just wanted know how must I complete this task? It has been bugging me for months, and I keep forgetting to make this aware to others. So please respond with good news, you admins are pretty creative. Have a great and joyful day. --Playjex 12:13, 8 November 2007 (EST)

Thanks for pointing that out, Playjex. I've fixed the typo. For future reference, there are links at the bottom of UESPWiki:Messages that can be used to find the actual messages and edit them. (A further complication is that this one link was broken, but it's now been fixed, too). --NepheleTalk 12:23, 8 November 2007 (EST)
Highly Appreciated --Playjex 12:25, 8 November 2007 (EST)
Fortunately, this particular warning doesn't get used very often, since spamming typically gets a first-offense block, rather than a warning first. And now with Captcha installed, it's even less of an issue, but definitely good to have things spelled properly, even if they aren't used much. --TheRealLurlock Talk 12:40, 8 November 2007 (EST)

Nonsense Bots

74.208.11.169, 218.189.241.96, 62.241.141.242. These three are giving a lot of trouble. --Mankar CamoranTCE 08:44, 9 November 2007 (EST)

Especially the first one. I had never seen anything like this before. --Mankar CamoranTCE 09:08, 9 November 2007 (EST)
Done, done, and done. --TheRealLurlock Talk 09:47, 9 November 2007 (EST)
Thanks, thanks and thanks! --Mankar CamoranTCE 09:55, 9 November 2007 (EST)

196.20.72.17 More nonsense --GuildKnight (Talk) contribs 19:53, 15 November 2007 (EST)


Protecting Templates

Okay, so I've started protecting a few templates that might be vulnerable targets for the vandal bot, per Wrye's and Ratwar's comments above. (See So, great...) So far, I've just created a protection notice: Template:TemProtect, and put it on two pages, Template:! and Template:NPC Summary. (The {{!}} template was already semi-protected, but did not have a category stating this fact.) I've also moved NPC Summary's documentation to a separate sub-page, which seems to be another project we should be working on, due to the pre-expand limit issue discovered on some pages. What we need to do now is work up a list of which templates are most vulnerable and need semi-protection. Obviously, those that are used the most are the biggest concern, as are those with the most complex coding. Unfortunately, templates do not show up on Most linked to pages, so it may be hard to determine which are the most frequently used. Thus, I am opening this to suggestions. (Keep in mind this is only semi-protection, so anyone with an account older than a few days will still be able to edit these templates.) --TheRealLurlock Talk 11:20, 10 November 2007 (EST)

What about the quest header template? It seems like that could cause a lot of trouble too. --GuildKnight (Talk) contribs 18:07, 11 November 2007 (EST)
Sorry, took me a while to get around to responding here because I was caught up in a few other template-related issues (e.g., UESPWiki:Community Portal#Revamping Templates). Putting semi-protection on some of our templates probably is a wise move. The discussion at Template talk:NPC Summary#I Hesitate to Suggest This But... basically came to the same conclusion. Although another fix was found for the main issue that triggered that discussion, I felt that it still provided good arguments for why semi-protection was needed in some cases.
The trickiest part of this is likely to be just identifying how many templates we want to semiprotect if we want to try to be comprehensive. There are dozens, if not hundreds, of templates that get used on large numbers of pages. Nearly every template in Bread Crumb Trail Templates for example is used on many pages (and in a particularly high profile location right on top of each page). All the Infobox Templates are similarly high profile. Then there are the nearly invisible little templates that get used hundreds of times on a page (Linkable Entry, ID, FC,...). If we want some hard facts here, I could get NepheleBot to quickly scan through all the templates on the site and see how many pages use each of them (getting a count of how many times each is used would be somewhat more difficult, because AFAIK that's only possible by viewing the source of each page that uses the template).
As for Template:! I just added the semi-protection to that page last week. If NPC Summary was considered at risk from unwanted edits, I figured that a template transcluded multiple times into NPC Summary and dozens of other high profile templates was an even bigger risk. Plus the fact that there's no reason to ever edit it, especially with the new /Doc organization. I'd actually be in favour of full protection for a template like Template:! that are unlikely to ever need to be edited again. --NepheleTalk 20:03, 17 November 2007 (EST)
Update: NepheleBot assembled a list of templates sorted by usage at User:Nephele/Sandbox/2. --NepheleTalk 21:56, 17 November 2007 (EST)
I agree on full protection of Template:!. Wikipedia came to the same conclusion with their version of this template, given how common it is, and the fact that there's no need to ever change it. Likewise for any other templates that are "done", in that there is little or no reason why anybody would ever need to change them. Examples might be things like Template:ID, Template:FC. These are very commonly used, and any change to them could have a severe effect on a great number of pages. (Of course, we should use the /Doc thing on any such templates before protecting them.) Also, any template that is used almost exclusively by other templates should be at least semi- if not full-protected. That would be another thing to check for. Templates like breadcrumb trails, footers, and notes templates which are used directly by pages, even if they're used on a lot of pages, don't have nearly as widespread an effect as those which are used by other templates, which causes a sort of cascade ripple-effect whenever they are changed. --TheRealLurlock Talk 23:29, 17 November 2007 (EST)
{{ID}}, {{FC}}, {{LinkableEntry}} and its redirect {{LE}}, all protected now. (Also sub-paged the LinkableEntry documentation - if any template needed that, this would be one of them.) Any others? --TheRealLurlock Talk 11:57, 29 November 2007 (EST)

Trouble-Maker

194.80.21.10 They've been blocked before. Personally, I'd say that the message "This IP adress is one of several used in a public school, the students concerend have been made aware of the complaints made against us I.E. vandalism, and it is hoped that this issue will be resolved soon." was a lie. That's just me, though. At any rate, I just reverted about four of their bad edits. Note the one good edit among them. Or don't. Your call. IWon'tFightUndead 06:25, 12 November 2007 (EST)

I think the fact that there was a good edit to the Oblivion:Dark Brotherhood page, followed by an edit that looks more like a mistake than deliberate vandalism (IMHO), indicates that multiple individuals are using that IP address. A similar 'mistake' edit was made to Oblivion Talk:Drain Attribute, while the edit to Oblivion:History of Lock Picking is obvious vandalism.--Gaebrial 06:46, 12 November 2007 (EST)
They had their chance, I extended the block to a month this time. If we get more junk out of them after this one expires, I'd say we should make it permanent. If anyone wants to post legitimately from that address, they can go ahead and create an account, which I haven't blocked. --TheRealLurlock Talk 10:48, 12 November 2007 (EST)
As I said on the IP's talk page, this IP address does have a history of making productive edits as well as vandalism. Therefore I do not think that permanently blocking the IP would be appropriate. And if we want to turn to wikipedia for a precedent, they never place permanent blocks on IP addresses just on the possibility that it's shared. Here we know it's a shared IP address, so I think the same principle should apply. --NepheleTalk 12:47, 12 November 2007 (EST)
I agree with Lurlock. His solution still allows edits from that address - just not anonymous edits. --Wrye 13:08, 12 November 2007 (EST)
Now, not to get a bit off track here, but what does the Warning specify? I am currently thinking in my head, that it means "This address has been blocked for nonsense, and that this IP address is from public school use." Is that what it means? I KNOW that they're being blocked for nonsense, but are they coming from public schools? Thanks. --Playjex 14:19, 12 November 2007 (EST)
I have a sneaky feeling that User:Da Best may be operating from this IP. His vandalistic edits are in the same style. Is there an easy way of finding out what IP address a registered user is using?
Some Sysops have access to the Special:Check User page which shows Da_Best operating from the addresses 78.40.239.4 and 78.40.239.6. -- Daveh 09:01, 14 November 2007 (EST)


User 78.40.239.5 and Da Best

Moved from User talk:Rpeh

Looking at the DNS information, IPs in the range 78.40.232.x to 78.40.239.x are all allocated to Staffs County Council, which suggests that these IPs are being used in schools. According to Da Best's talk page, he has also been using 78.40.239.4, which strongly suggests that the .5 IP is the same user. I don't know if we want to go as far as blocking the entire range, but if he's going to keep jumping to a new IP in the range, it's something that needs to be considered. --Gaebrial 08:14, 19 November 2007 (EST)

Thanks - I hadn't spotted that one. If we end up having to block an entire range then so be it, but obviously it's a bit extreme. I wonder if it's worth trying to contact the school? --RpehTCE 08:17, 19 November 2007 (EST)
If it is confirmed, blocking the entire range is a good idea. If they want to make a constructive edit, they will appeal. --Mankar CamoranTCE 09:04, 19 November 2007 (EST)
It's pretty easy to block a whole range [1], assuming the feature is enabled on UESP (based on one test it seems like it is, but I wasn't able to be sure).
I'd propose that if another IP in this range is used for vandalism, then we do a one-month block on the whole range. I wouldn't want to do a permanent block on a range, especially if it's being used by a school. But we could just repeat one-month blocks as necessary. --NepheleTalk 12:01, 19 November 2007 (EST)
That makes sense. A similar thing has happened here, although it's not a range block. --Mankar CamoranTCE 12:09, 19 November 2007 (EST)
Well, if DaBest is identified as operating as those two IP addresses, and they are located from school activity, wouldn't the actual "DaBest" account have been made on school computers? It has been proven that he is a vandal at it's best, but is the DaBest account actually being used in school? Is it a possibility that we must actually contact the school - I don't think it's that serious. But we may need to block these accounts/IP's. Thank you and take this into consideration if needed. Have a great day. --Playjex 12:22, 19 November 2007 (EST)
It might be worth talking to the school if we can identify which it is, but even then there's probably not much chance they'll be able to work out who it is. --RpehTCE 12:42, 19 November 2007 (EST)
I hadn't realised it was that easy. I was anticipating hundreds of individual blocks, which would have been a huge pain to set up and take down again. If it's a fairly simply process then yes - one more edit and then at least a one month block. Da Best and his other incarnations have been a real pain and blocking the IPs one by one isn't going to stop the problem. --RpehTCE 12:42, 19 November 2007 (EST)

(outdent) Okay, looks like we have a lucky winner. This is from 78.40.239.6. Does everybody agree to the necessity of a range block? --RpehTCE 04:31, 20 November 2007 (EST)

Okay, two things. Firstly, please forgive me if I made any blocks against policy just now. I really needed to be getting on with my job rather than making dozens of reverts so I blocked when I should arguably have waited. In mitigation, I offer the chaos of the [Recent Changes] page from this morning as an illustration of what was going on. Second, just to add to the fun, that IP made one helpful edit here. I'm only mentioning it for completeness because personally I'm getting sick of dealing with vandalism from these people but it might mean there's an argument against range-blocking after all. --RpehTCE 05:07, 20 November 2007 (EST)
Well, I can't give you an actual school name, but the WHOIS entries for the IP addresses give a contact name of Alan Greatbatch, and the address given is that of the Staffordshire County Council Web Team. The contact email for them is webmaster@staffordshire.gov.uk. I don't know if it's worth somebody contacting Alan and explaining what has been going on. --Gaebrial 06:18, 20 November 2007 (EST)
FYI Wikipedia has been having similar problems; see this, this and this for example. Alas, I'm not sure that the council will be able to do anything. I'm willing to send an email if anybody else thinks it's worth it though. --RpehTCE 06:31, 20 November 2007 (EST)
Now, you all know I'm not an Administrator but although an experienced editor. I agree with Rpeh with this, but I am still NOT and Admin. so noone should complete these actions I speak of without permission of any Admin. Please take this into consideration, Rpeh, and all other Administrators. Thank You, and good luck to all. ---Playjex 12:19, 20 November 2007 (EST)
Umm, since you have to be an Admin in order to do any kind of block, I don't think that's something we need to worry about... --TheRealLurlock Talk 12:46, 20 November 2007 (EST)
Playjex, sorry, but I really have almost no idea what your contributions are trying to say. Most importantly, are you for or against a range block? What are these actions that you "speak of"? And whose permission are you saying is needed to take such actions? If you're talking about sending an email to the school, Rpeh is an admin. Therefore I'd say by definition if Rpeh is willing to send the email then the action has an admin's permission. If you are going to contribute to a discussion about whether to take an extreme administrative action against a user, and in particular if you choose to say "please take this into consideration," could you please put a bit more effort into making it absolutely clear to everyone what exactly you wish to have taken into consideration, and why. Because as it stands I have no idea whether you are trying to oppose or support the idea of a range block. And as long as it's not clear that the range block has unanimous support, I am very hesitant to take any action.
Just for the record, both Dabest1 and Poodoo edited using 78.40.239.6. And Rpeh, I'd say permanent blocks against both users would completely acceptable given that it's pretty obvious they're sockpuppets being used by an already-blocked user.
Finally, as for sending an email I have no objections to someone doing it, although I'm skeptical that it will produce any results. And I also don't think that sending an email has any impact on other actions that need to be taken. In other words, whether or not an email is sent, we still need to figure out what to do with blocking these IPs and preventing continued vandalism to the site. So I would like to proceed with a one month range block (with account creation disabled, but still allowing registered users access), as soon as it's clear that nobody opposes the idea. --NepheleTalk 13:05, 20 November 2007 (EST)

(outdent again) Okay. I think there's a consensus here but let's get the scores on the doors. The proposal is for a Range Block on 78.40.232.0/21.

Support: Let's get the site clear then we can see about a solution on the school's side. --RpehTCE 13:47, 20 November 2007 (EST)
Support: We need to at least stop the vandals, even if we need to investigate other solutions later-Ratwar 13:49, 20 November 2007 (EST)
Support: At least for the time being it makes sense. Stop the immediate problem and then figure out a more long-term solution. --TheRealLurlock Talk 13:50, 20 November 2007 (EST)
Support: With the qualification that it will only be a one month block, to be renewed repeatedly if needed. --NepheleTalk 13:53, 20 November 2007 (EST)
Support: Sorry all whom I confused. I say look at all the good and the bad he/she has done, and let's even it out. I agree with all of you. --Playjex 14:01, 20 November 2007 (EST)
Support: I have always been in favour of it. They can always appeal if they want to make constructive edits. --Mankar CamoranTCE 14:10, 20 November 2007 (EST)

Consensus: Support. Block has been put in place for one month. --NepheleTalk 14:20, 20 November 2007 (EST)

  • N.B. Individual notices will not appear on each user's talk page, however the message that pops up when someone tries to edit will provide the reason for the block, which will direct them to User talk:Da Best for explanations. Also, this is all assuming that range blocks are enabled for UESP. If any IPs in this range are able to edit, then I'll contact Daveh to make sure the settings are in place. --14:20, 20 November 2007 (EST)
Well it happened again. I'll hold my hand up for part of it because the block I placed on Poodoo expired and I didn't reinstate it after its sockpuppetry was confirmed. Two new accounts took part, though - Srantiuss and Elondir Blackfort. Is there any way to see when they were created - before or after the block? I'm now definitely of the opinion that we should write a letter to the council and try to find out who these idiots are. I'll draft something when I have time. --RpehTCE 05:16, 21 November 2007 (EST)
I just noticed Srantiuss was created at least as far back as mid-October. I'd still like to know about the other one though. --RpehTCE 05:30, 21 November 2007 (EST)
I don't know of anyway to find out when an account was created, at least not with our current mediawiki settings. From the fact that no edits were made tonight using anon IPs, I'd say it looks like the range block is working. And that block includes prevention of new account creation using that IP range, so it seems unlikely that the accounts were created today. Furthermore, Elondir Blackfort was able to create a new non-talk page (the Nordy Wordy page), which is an ability only possible with accounts that are at least three days old.
I think the main loophole at this point is that the IP range block still allows registered users to use those IPs. That could be changed, but I'd be inclined to wait a couple days first (although that's easy for me to say, given that rpeh's the one who has had to do all the work cleaning up after this guy). I think it's likely that this vandal has run out of accounts (or will very soon), in which case tightening up the range block won't be necessary. --NepheleTalk 05:48, 21 November 2007 (EST)
Fair enough - I didn't realise you could only create new pages after three days. And credit where credit's due - this morning's clean up was an Anglo-Dutch alliance; my train was delayed and Timenn had already done most of the work by the time I got here. I don't mind having to deal with this for another couple of days - it's just embarrassing that a) these idiots are English, and b) they've obviously read my story but the only thing they took out of it was the phrase "Nordy-wordy" ;) --RpehTCE 06:00, 21 November 2007 (EST)

Just Noticed:

I have noticed that the Userbox

  Este usuário é homem.

has no full stop at the end, whereas about every other Userbox does have one. I don't know how to change this, but I hope one of you will. That's all! --HMSVictory 11:19, 26 November 2007 (EST)

It has a full stop now! To do that you just have to edit the template itself. --Mankar CamoranTCE 11:43, 26 November 2007 (EST)


Prev: Archive 5 Up: Administrator Noticeboard Next: Archive 7