> I can suggest the following options:
> 1) put a captcha into launchpad account registration form
Definitely a start, should prevent most bot registrations. It isn't perfect but it will reduce all but the most persistent.
> 2) restrict wiki attachements to non-html ones
I don't understand why anything other than images is allowed, there is still the vulnerabilities with GIF/JPG of course. There is also the problem of identifying the files being uploaded - extension is not enough as it can be renamed.
> 3) restrict amount of attachments that can be added by one user at a
> given time
Possibly - is there any way to search for the largest number of (legitimate) attachments and propose that should more than a certain number be needed on a page then the page need to be approved by a wiki editor.
> Any other suggestions?
I have got one, which is fairly fool proof unfortunately very time consuming - introduce a method of approving all new pages from new usernames for a certain period of time. At the lowest level, we could restrict wiki edits to 24 hours after first registration or go the whole distance and say, disallow un-approved pages until contributing for a certain length of time.
Unfortunately the advantage of a wiki is that anyone can edit it, which is negated by such a draconian approach. I do think it is reasonable to have new pages by new users approved though.
Hi,
> I can suggest the following options:
> 1) put a captcha into launchpad account registration form
Definitely a start, should prevent most bot registrations. It isn't perfect but it will reduce all but the most persistent.
> 2) restrict wiki attachements to non-html ones
I don't understand why anything other than images is allowed, there is still the vulnerabilities with GIF/JPG of course. There is also the problem of identifying the files being uploaded - extension is not enough as it can be renamed.
> 3) restrict amount of attachments that can be added by one user at a
> given time
Possibly - is there any way to search for the largest number of (legitimate) attachments and propose that should more than a certain number be needed on a page then the page need to be approved by a wiki editor.
> Any other suggestions?
I have got one, which is fairly fool proof unfortunately very time consuming - introduce a method of approving all new pages from new usernames for a certain period of time. At the lowest level, we could restrict wiki edits to 24 hours after first registration or go the whole distance and say, disallow un-approved pages until contributing for a certain length of time.
Unfortunately the advantage of a wiki is that anyone can edit it, which is negated by such a draconian approach. I do think it is reasonable to have new pages by new users approved though.
£0.05 FWIW
Cheers,
Dougie