Wikis work because there are loads and loads of people who want to contribute to them - small bits at a time. They work because *anyone* can edit them.
As soon as we say "only specific users can edit pages" we throttle the Wiki and it is likely to fail.
That's certainly one school of thought ... the converse is that there are only a fairly small school of people who actually want to create or amend content on Eastercon.org and a larger group who just want to read (and perhaps comment
( ... )
the converse is that there are only a fairly small school of people who actually want to create or amend content on Eastercon.org and a larger group who just want to read (and perhaps comment) Precisely. This is what we have for our (as in work) wikis. Letting "*anyone*" edit a wiki/CMS these days is - as you've been finding - a recipe for disaster.
Surely it would do no harm, though, to allow any registered user to edit, and allow anyone to register? But it would just put that extra step in the way of spammers' bots. Especially if you could tie registration into confirmatory email, as with sign-up to mailing lists, for example.
People might not think it worth registering just to quickly correct a typo, or similar, so I suppose you might lose out in that way.
I know boinng runs a Drupal powered community site. I asked if he's give some advise on the captcha and mandatory "about me" set up he uses, but he can't see this post.
Hello - there's a few tricks you can use in Drupal without installing anything extra - the first thing I'd do is add a profile field (similar to the "homepage" and "first convention attended" fields you already have) but make it mandatory. You'll probably want to think up what that should be, I'd suggest something random like "shoe size" which everyone should have, and nobody will mind entering, but that a spambot won't be expecting
( ... )
The existing Drupal site is 4.6 based. Is it worth me moving to 5.x now. Is there a simple automated upgrade path? I am tending towards creating a brand new site and copying the content over by hand.
> It's had over 50 new users added in the last 48 hours ..
OK, most of those have been deleted.
New users (authenticated_users) can no longer do anything at all - but can presumably put spam in their own user profiles.
I have created a new level of user called "known_users" which I have asigned to everyone I thought was a real person. This means that someone real has to actually say that they know this person. I shall see if that can be done easily.
I have also gone through all the users and added moderator and sometimes editor privileges to just about anyone I thought was capable of editing html. lets see if they mess it up :-)
I was getting link spam to a form-to-email form on my site. I put in code to reject anything containing the text "http://" (and put a note to that effect on the page). That stopped it dead.
Comments 32
As soon as we say "only specific users can edit pages" we throttle the Wiki and it is likely to fail.
Reply
Reply
Precisely. This is what we have for our (as in work) wikis. Letting "*anyone*" edit a wiki/CMS these days is - as you've been finding - a recipe for disaster.
Reply
People might not think it worth registering just to quickly correct a typo, or similar, so I suppose you might lose out in that way.
Reply
Reply
I've opened up the post, so if you want to point him this way again, that would be fanastic.
cheers
Reply
Reply
The existing Drupal site is 4.6 based. Is it worth me moving to 5.x now. Is there a simple automated upgrade path? I am tending towards creating a brand new site and copying the content over by hand.
Reply
OK, most of those have been deleted.
New users (authenticated_users) can no longer do anything at all - but can presumably put spam in their own user profiles.
I have created a new level of user called "known_users" which I have asigned to everyone I thought was a real person. This means that someone real has to actually say that they know this person. I shall see if that can be done easily.
I have also gone through all the users and added moderator and sometimes editor privileges to just about anyone I thought was capable of editing html. lets see if they mess it up :-)
Reply
Reply
Leave a comment