Документ взят из кэша поисковой машины. Адрес
оригинального документа
: http://wiki.cs.msu.ru/System/AntiWikiSpamPlugin?cover=print;
Дата изменения: Unknown Дата индексирования: Sun Apr 10 22:29:58 2016 Кодировка: |
save
, or on attach
. (Foswiki:Extensions/BlackListPlugin does a lot of processing on every topic operation, including view)
The attachment scan for spam strings and some javascript exploits is extremely slow and not recommended, especially for large binary attachments. This feature is now disabled by default.
This plugin can use a timeout on save to check if the spam signature list has changed, This is no longer recommended. For best performance, manually update the signatures.
To manually update the list, click (Admin authority required!) The retrieve of the MoinMoin regex list can still take some seconds which will delay topic saves when the list needs to be refreshed. Good network connectivity is a must. If the configured server is not reachable, then save will be delayed or fail. The recommended solution is to refresh the list using the providedrest
script from a scheduled cron job,
and disable $Foswiki::cfg{Plugins}{AntiWikiSpamPlugin}{AutoUpdateSignatures}
(This is now the default configuration)
cd [foswiki-bin-directory] ./rest /AntiWikiSpamPlugin/forceUpdateHere is a sample
crontab
entry to run the signature refresh at 10 past the hour.
The ouptut is sent to a logfile.
10 * * * * cd /path/to/foswiki/bin && perl -T rest /AntiWikiSpamPlugin/forceUpdate > /path/to/foswiki/working/logs/LastSpamUpdate.log 2>&1Caution: Be sure to run the rest script under the control of the web server user;
apache
, www
, etc. If run as root, the ownership of the logfiles can change, which will cause an outage for your wiki.
Registration is controlled by limiting the email domains that can be used by people registering to the wiki. For example, you can set up a whitelist so that only people with a corporate email address can register, or set up a blacklist to filter known email hosts that spammers use.
The lists are held in topics, usually called AntiWikiSpamRegistrationWhiteList and AntiWikiSpamRegistrationWhiteList. Sample topics are provided. Each topic is a simple list of Perl regular expressions. The domain of the email address is tested against the regular expressions. If there is no match then the domain is reversed to an IP address, and it is also checked agains the list. At least one expression in the whitelist must match the email address to permit registration. If any expression in the blacklist matches, registration will be denied. The core foswiki feature, added in Foswiki-1.1.5, provides a similar facility but only checks by email address domain. It is a simpler implementation and has lower overhead. The core filter is set as an expert parameter in the Foswiki configuration{Register}{EmailFilter}
, in the "Security and Authentication" section, Registration tab.
The White and Black lists provided by this extension will do a DNS lookup and can also block by IP Address of the registrant.
SuspectSpammer<WikiName><timestamp>
This feature will be included as a core Foswiki feature in Foswiki 1.2.
Setting | Definition | Default |
---|---|---|
{Plugins}{AntiWikiSpamPlugin}{CheckTopics} |
Enable to check topic text against the spam regular expressions | (enabled) |
{Plugins}{AntiWikiSpamPlugin}{CheckAttachments} |
Enable to check attachment text against the spam regular expressions | (disabled) |
{Plugins}{AntiWikiSpamPlugin}{CheckRegistrations} |
Enable to check Registrations against the white and black lists. | (enabled) |
{Plugins}{AntiWikiSpamPlugin}{AutoUpdateSignatures} |
Enable to auto-download spam signatures. | (disabled) |
{Plugins}{AntiWikiSpamPlugin}{ANTISPAMREGEXLISTURL} |
URL containing the public list of regular expressions used to block spam. The default list is provided by MoinMoin. | http://arch.thinkmo.de/cgi-bin/spam-merge |
{Plugins}{AntiWikiSpamPlugin}{LOCALANTISPAMREGEXLISTTOPIC} |
A topic containing a list of local regular expressions. A sample topic is provided. | AntiWikiSpamLocalList |
{Plugins}{AntiWikiSpamPlugin}{GETLISTTIMEOUT} |
Maximum age of the public regular expression list in minutes. When age is exceeded, an updated list will be fetched | 60 |
{Plugins}{AntiWikiSpamPlugin}{BypassGroup} |
A Wiki group listing members who are permitted to save without any Spam checking. Note that members of the AdminGroup are always permitted to save. | AntiWikiSpamBypassGroup |
{Plugins}{AntiWikiSpamPlugin}{HitThreshold} |
Number of regex hits required to block the save. Set to -1 to simulate operation. | 1 |
{Plugins}{AntiWikiSpamPlugin}{RegistrationWhiteList} |
Name of topic containing regular expressions that permit registration by matching email domains. | AntiWikiSpamRegistrationWhiteList |
{Plugins}{AntiWikiSpamPlugin}{RegistrationBlackList} |
Name of topic containing regular expressions that deny registration by matching email domains. | AntiWikiSpamRegistrationBlackList |
You do not need to install anything in the browser to use this extension. The following instructions are for the administrator who installs the extension on the server.
Open configure, and open the "Extensions" section. Use "Find More Extensions" to get a list of available extensions. Select "Install".
If you have any problems, or if the extension isn't available inconfigure
, then you can still install manually from the command-line. See http://foswiki.org/Support/ManuallyInstallingExtensions for more help.
working/logs/error.log
)
To cause a true failure, remove the VIEW and CHANGE restrictions to the topic and edit it using a non-admin user.
Author(s): | Foswiki:Main.SvenDowideit - http://fosiki.com | ||||||
Copyright: | © 2005-2009 SvenDowideit @fosiki.com © 2012-2014 George Clark © 2012 Crawford Currie http://c-dot.co.uk |
||||||
License: | GPL 3 (Gnu General Public License) | ||||||
Version: | 1.8 | ||||||
Release: | 1.8 | ||||||
Change History: | |||||||
1.8 (28 Apr 2014) | Foswikitask:Item12874: Crash due to undefined array reference | ||||||
1.7 (25 Apr 2014) | Typo in documentation | ||||||
1.6 (25 Apr 2014) | Foswikitask:Item12349, Foswikitask:Item12629: Download of signatures brings down performance Foswikitask:Item12410, Foswikitask:Item12634: Attachment upload fails as checking them exceeds backend resources Foswikitask:Item12411: rest validates the CSRF signature even if validation disabled in core. Foswikitask:Item12699: Removing a user should also remove any cgisess files to kill current sessions. |
||||||
1.5 (31 Dec 2012) | Foswikitask:Item12296: BypassGroup doesn't work, also unit tests don't work on trunk. Foswikitask:Item12323: Fails to remove user topic on Foswiki 1.1.x |
||||||
1.4 (10 Aug 2012) | Foswikitask:Item11679: When removing a user, remove it from any groups. Foswikitask:Item12038: Allow checking to be disabled |
||||||
1.3.1 (19 Mar 2012) | Remove dialog would remove current user if entered user was not known to the Mapper. | ||||||
1.3 (14 Mar 2012) | Foswikitask:Item11644: add white/black lists for common spam sources (Foswiki:Main.CrawfordCurrie) Foswikitask:Item11646: add remove dialog Foswikitask:Item11593: Uninitialized variable |
||||||
1.2 (25 Apr 2011) | Foswikitask:Item1091 - add whitelist, Foswikitask:Item1580 - also process comments, Foswikitask:Item10680 - Improve local regex capability |
||||||
1.1 (4 Jan 2009) | updated for Foswiki v1.0 | ||||||
1.0 (22 Aug 2005) | Initial version | ||||||
Dependencies: |
|
||||||
Home page: | http://foswiki.org/bin/view/Extensions/AntiWikiSpamPlugin |