UESPWiki:Administrator Noticeboard/Archives/Using Captcha on Anonymous Editors

A UESPWiki – Sua fonte de The Elder Scrolls desde 1995
Semi Protection
This is an archive of past UESPWiki:Administrator Noticeboard discussions. Do not edit the contents of this page, except for maintenance such as updating links.

Block an IP?

Multiple nonsense edits have been made by the IP address 203.158.221.227, as well as the IP 88.201.1.20. Both of those IPs have only ever made nonsense edits. Darkle 19:21, 10 July 2008 (EDT)

Blocked both of them, along with 5 others since that. I think we may have to start thinking about ways to protect ourselves from future onslaughts from thes bots. They disappeared for a while, but now they're back with a vengeance. I'd like to again propose what I said before about making IP editors and new accounts go through the captchas for their first 10 posts or so. For a minimal and perfectly understandable annoyance to new editors, we can virtually eliminate these junk edits. It's not that bad yet, but this particular type of bot has gotten pretty nasty in the past, and a small amount of preventative measures would save us a lot of hassle in the long run. --TheRealLurlock Talk 00:11, 11 July 2008 (EDT)
I would most certainly agree. Coming at this from the other end, if I were a new editor, would I be willing to do the captchas for my first 10 edits? For myself, I'd be willing to do them for all edits, but I'm a UESP zealot now. As a newling, I think I woulda been okay with the captchas, especially if there was something under the captcha box saying "this is only because we've dealt with so much vandalism," or something to that effect. But, yeah, I'd noticed the vaffanculo bandits were back... --Somercy 00:18, 11 July 2008 (EDT)
Perhaps 5 Captcha edits are enough to deter the bots? This isn't much more hassle for a new legit editor then many message boards that require you to register and send a validation email, IMHO. BTW, there are two more to block now, 89.28.127.255 and 62.12.137.20. --BenouldTC 21:05, 11 July 2008 (EDT)
It looks like the nonsense bots are using the Special:Random page function, maybe we disable it until there are better defenses in place? This is getting old, fast. --BenouldTC 14:07, 13 July 2008 (EDT)
That seems like a good idea, maybe we should disable it for unregistered users, and do the 5 capatchas, that seems the safest route. After all, an unregistered user is probably trying to find their information & go (unless they have bad intentions) so it won't affect them if they can't use the Special:Random page funtion.-Puddle TalkContribs. 12:46, 17 July 2008 (EDT)
They don't use the Random Page function. They seem to target some pages more than others - that's why we sometimes use :Category:Spam-Blockers|Spam-Blockers pages to stop the bots recreating the pages after they've been deleted. If the bots were using Special:Random the chances of them hitting the same page more than once would be greatly reduced. As for using Captcha for the first five edits... seems like a good idea to me. I'd personally be in favour of stopping anon IPs making any edits; if people can't be bothered registering, do we really think their contributions will have more time spent on them? –RpehTCE 12:52, 17 July 2008 (EDT)

They are definitely not using the Random Page function. User pages, talk pages, image pages, and a bunch of other pages that have been hit by the spambots never show up as random pages -- only "content" pages are included in the random pages function. So shutting down the random page feature isn't only impossible (at least without Daveh's intervention), but it also would have no impact on the spambots.

As for adding 5 captcha edits. First, it would really be helpful if someone could figure out logistically how to implement such a change, and whether it's really possible with our existing extensions or with other available extensions. Unless the idea is feasible, there's no point in dreaming about doing it. And I'm personally not willing to do all the legwork to figure out whether it can be done because I don't really believe in the idea.

Captcha is not a perfect fix for all wiki problems. Using captcha is onerous -- just ask Vesna about her opinions of captcha after she had to go through it for multiple edits. It can take multiple tries to correctly work out what the random characters are. And sometimes it completely fails and just locks out users altogether -- that happened to me the last time I tried to edit on CSwiki. After a dozen tries I just gave up, and I haven't subsequently tried to even edit on CSwiki. So despite idealistic dreams to the contrary, adding more captcha checks will dramatically decrease anonymous edits.

I, for one, believe that allowing anonymous edits is incredibly useful for the site. Unless our regular editors want to commit to carefully reading every page on the site multiple times, there is no way we can replace the effort made by anonymous editors who routinely find obscure spelling, grammar, and factual errors and help to fix them. We have many anonymous editors who take the time to voluntarily make constructive edits to the site, and throwing up unnecessary roadblocks is no way to thank them for their willingness to help the site. If this proposal is really an effort to shut down anonymous editing, then we should instead start a discussion to openly discuss and debate the site's policy of allowing anonymous edits. But if we are going to continue to say that the site supports anonymous editing, we should actually try to support anonymous editing, not discourage it in every other possible way.

On the other hand, yes, the spambots are annoying. But the spambots are not ruining the pages that they edit. Even before someone undoes the edit, the page is still completely functional for any readers who happen to stumble across it. And undoing the edit is really not that much work. So I don't think that extreme measures that will inevitably have negative consequences for the site are necessary just to limit a minor annoyance. In other words, I'd rather hit the "undo" button a few more times a day, instead of trying to find a way to replace the work done by anonymous editors. --NepheleTalk 14:02, 17 July 2008 (EDT)

Okay, I was NOT advocating that we disallow IP editors. I agree that there have definitely been some substantive edits from IPs without registered accounts, and I don't want to curtail that in any way. However, I think that having some precautions for new accounts, such as the 5-captcha idea, is far from unreasonable, and I doubt too many people are likely to be turned off by it, especially if we include a notice on the page apologizing for the inconvenience and explaining first why it's there (I'm sure even newbie editors will be understanding if we explain that it's there for spam-prevention, nobody likes spam), and secondly that they'll only have to do this five times. That's far more reasonable than the restrictions I've seen on some sites, where new users may have to deal with extra hassle for as many as their first 100 posts. As for the captchas not being readable on the first attempt - if that's a problem then we should find a new captcha program, because I'll agree that that's really unacceptable. There are any number of captcha programs out there, some of which are more easily read than others, though I'm not sure how many are compatible with wiki software. Unfortunately, I don't know enough about the core PHP or whatever it is behind these to even make an educated guess. Also, you say that you don't mind having to hit the "undo" button several times a day, and sure, it's not that big a hassle. But imagine if that turns into dozens of times per day, as it did the last time these bots attacked us. Or hundreds, as I've seen on other sites. Between the reverting, blocking, and placing block notices, that minute of your time can mushroom into a serious commitment. I've seen it happen, and it can get pretty bad. A small preventative measure can save us from a lot of work in the long run. --TheRealLurlock Talk 15:38, 17 July 2008 (EDT)
To Nephele, I completely agree, but as TheRealLurlock stated, some spambots are really tricky. I remember my first time with them. To admins with the rollback feature (or whatever you wish to call it) that you use to revert all edits by a user, it may seem a little problem, but for non-admins, such as me, the captcha program would really help us catch our breath, instead of killing our computers by opening new tabs over, and over, and over... Getting back on subject, it wouldn't be much of a hassle, and maybe we could try to find a new way to entice anonymous editors to sign up.-Puddle TalkContribs. 23:46, 17 July 2008 (EDT)
Okay well I assumed that Lurlock already knew of such an extension. If there isn't one already then let's just scratch the idea. With regards to anon IPs, yes I know there is the odd good contribution but those are massively outnumbered by the nonsense that is generally their output. As a random, unscientific test: there are currently 32 uses of the Undo or Revert functions recorded in the last 500 Recent Changes. Of those, 23 (72%) were made by anon IPs. Or to put it another way, anonymous users are nearly three times as likely as registered ones to produce edits that are considered pure gibberish. Let's look another way: There were 82 anon edits in total so that means over one in four anon edits were rubbish. In fact it's more than that because nine of those edits were undone in a batch rather than using the Undo. Taking out the edits that were undone, questions on talk pages and posts to pages like Roleplaying and Glitches and you end up with 11 edits. I'm really not seeing any "incredibly useful" input from anon users.
Nephele, with regard to your edit summary - I'm always happy and eager to read your comments, even when I'm skeptical about what you have to say, but in this case I simply disagree. –RpehTCE 05:17, 18 July 2008 (EDT)