Now that we're on our own once more, and slowly beginning to differentiate ourselves from the Wikia fork, we need to start considering how we will keep project vandalism in check. We simply don't have the resources Wikia does for limiting such edits; I spent a good twelve minutes this morning doing nothing but reverting spam and banning the various IPs the bot(s) used in making them.
One option we may want to consider is limiting edits to logged-in users. It would prevent the less sophisticated bots from spamming the project. We will also need to protect articles particularly important to the project's structure, as it does not appear article protections carried over in the transfer. This would not only be our front page and portals, but policy pages and reference templates; an industrious spammer wanting to make the most of a single edit would simply change Template:Cite book/Campaign Setting, and have his links show up on over 1000 of our articles.
I agree. This is insane. Requiring editors be logged in makes it easier for us to block spammers, since they seem to be able to use multiple IP addresses without much trouble.
Directions on restricting edits to registered users can be found within MediaWiki's Manual: Preventing Access
. It is done by editing the file LocalSettings.php.
Wow, that was crazy! OK, edits are limited to registered users. Also, several thousand known proxies frequented by spammers have been blocked. Also, basic spam filtering has been turned on (go ahead and try creating an article named after that blue pill that Bob Dole advertised for back in the day). I took a first look at doing some captcha stuff, but it didn't work right away (I'll look closer at it this weekend). The strangest thing is that just after I'd finished doing this, the number of web server processes went through the roof and we were quickly headed to an out-of memory situation (we were already well into swap). I restarted the sever and we've been OK since (about 30 minutes now). Was this last issue caused by our spammer or something I did... I don't know, but I'm going to keep an eye on it.
Hmm, maybe something I did, since we ran out of memory again. I've turned off all of the fancy stuff I talked about before, except for requiring registered users. *sigh!*