By Meredith Farkas | January 4, 2006
You have no idea how happy I am to report that my brilliant husband seems to have found the solution to my spam problems. We’re tried blacklists and they never worked. I required people to register and the spambots were kind enough to register before dumping spams on 60 or more pages. They got really clever and put the spam between div tags so that it was harder to see and more difficult to get rid of. MediaWiki unfortunately does not have a capcha plugin and they really seem to have gotten behind in creating ways to outsmart the spammers. I was beginning to regret ever having chosen MediaWiki for my wikis (and for enthusiastically suggesting it to so many other people).
My husband tried a somewhat experimental plugin called Bad Behavior. Rather than looking for certain words that are in a blacklist, Bad Behavior “prevents spambots from accessing your site by analyzing their actual HTTP requests and comparing them to profiles from known spambots.” After the first two days of using it, Bad Behavior had blocked 300 spams (and no legitimate wiki posts). And while a few spam bots got off between 2 and 5 spams, they were quickly prevented from posting any more than that. Over the past week, I’ve probably had 12 spam messages total, versus the hundreds I’ve gotten in the past.
Here’s some more info about the plugin:
Bad Behavior was designed and built by watching actual spambots which harvested email addresses, posted comment spam, and used fake referrers. By logging their entire HTTP requests and comparing them to HTTP requests of legitimate users, it is possible to detect most spambots. Bad Behavior blocks spambots with a 412 error. It also has three configurable User-Agent lists for spambots and other malicious bots which actually identify themselves. Bad Behavior can use string matching or regular expression matching against a User-Agent.
This software can also be used in WordPress blogs if you find that things like Spam Karma aren’t working for you (though I’ve found that spam karma works brilliantly).
So for those of you whose wikis (only those written in PHP) are being besieged by spam, I would definitely recommend checking this out. I’ve been using it for just one week, but it has done an amazing job of blocking spam.