Phosphorus and Lime
A Developer's Broadsheet
This blog has been deprecated. Please visit my new blog at klenwell.com/press.
Monday, November 20, 2006
wikka comment spam
Noticed I was getting an unusual number of hits all of the sudden on my mushpup wikka wiki. At first, I thought: "At last, people are finally catching on."
Then I looked where they were coming from. Primarily, Google. But they weren't searching for "mushpup" or "passwords". Instead, it was more like, "nubile rapidshare" and "Aneta TeenPinkVideo". Hmmmm... I don't remember posting anything about pink videos.
Well, I did a Google search on these terms, found the mushpup listing and figured it out: wikka comment spam.
Googled for a shotgun solution. Didn't really find one but came up with one pretty quickly.
Three steps:
1. Backup your database
Now as good as time as any. Especially if you screw up one of the next two steps.
2. Change
The key ones
This will limit page editing and commenting privileges to registered users.
These are the global settings. Access can also be limited on a per-page basis by the through the admin web interface.
info on other settings here: http://wikkawiki.org/ConfigurationOptions
3. Delete any existing spam comments
This is pretty easy since they're all in a simple table named something like
phpMyAdmin makes it simple to delete the offenders. Or you could use a statement like this:
(81.177.22.243 was the actual ip adding most the spam.)
keywords: wiki, wikka, spam, comments, comment spam, mysql, phpmyadmin
Then I looked where they were coming from. Primarily, Google. But they weren't searching for "mushpup" or "passwords". Instead, it was more like, "nubile rapidshare" and "Aneta TeenPinkVideo". Hmmmm... I don't remember posting anything about pink videos.
Well, I did a Google search on these terms, found the mushpup listing and figured it out: wikka comment spam.
Googled for a shotgun solution. Didn't really find one but came up with one pretty quickly.
Three steps:
1. Backup your database
Now as good as time as any. Especially if you screw up one of the next two steps.
2. Change
wikka.config.php settingsThe key ones
default_write_acl and default_comment_acl. Set to the following:'default_write_acl' => '+',
'default_comment_acl' => '+',
'default_comment_acl' => '+',
This will limit page editing and commenting privileges to registered users.
These are the global settings. Access can also be limited on a per-page basis by the through the admin web interface.
info on other settings here: http://wikkawiki.org/ConfigurationOptions
3. Delete any existing spam comments
This is pretty easy since they're all in a simple table named something like
wikka_comments.phpMyAdmin makes it simple to delete the offenders. Or you could use a statement like this:
DELETE FROM `wikka_comments` WHERE user="81.177.22.243"
(81.177.22.243 was the actual ip adding most the spam.)
keywords: wiki, wikka, spam, comments, comment spam, mysql, phpmyadmin
some rights reserved, © 2006
assuming you are on Apache, if the spam persist you can also blacklist the spammer's IP in your .htaccess file by adding the following line:
deny from 81.177.22.243
right after
deny from env=BadReferrer