Wiki Spam Without Style

Wiki spam is when users or bots append unwanted links and URLs into established or abandoned wiki-based websites. Though most wiki software like MediaWiki automatically adds the attribute/value rel="nofollow" to a tags, spammers still flood your content in an effort to peddle there wares.

Most wiki spam uses CSS to hide their content from the average user. They wrap their content with a div tag that uses inline CSS tricks to keep their content from displaying. But when you take a look at the change log or attempt to edit the content, you’ll see their attempts at deception.

The most common way I’ve seen spammers hide their content is to use CSS overflow and height as follows:

<div style="overflow: auto; height: 1px;">spam content here</div>

This ends up working out pretty well for them. Thanks to the cascading CSS rules, their inline styles override any global CSS counter measures I might try to implement. But I’m not without my own bag of tricks.

wgShowIPinHeader

# prevent information on IP addresses from being added
$wgShowIPinHeader = false;

Adding this line to your localsettings.php file will remove the IP address and related Talk links from the top of MediaWiki pages.

wgGroupPermissions

# prevent anonymous users from being able to edit while allowing users
$wgGroupPermissions['*']['createaccount'] = true;
$wgGroupPermissions['*']['read'] = true;
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['user']['edit'] = true;

Adding these lines to your localsettings.php file will keep anonoymous users from making changes. Users will at least have to create an account before adding wiki spam to your site.

wgSpamRegex

# prevent the hidden CSS trick
$wgSpamRegex = "/\<.*style.*((display|position|overflow|visibility|height)\s* :|font-size\s*:\s*\.?\d+).*>/i";

Adding this line to your localsettings.php file will stop most of the hidden CSS tricks. When a user attempts to include text that matches the above string, the edit will fail and MediaWiki will return a message like this:

The following text is what triggered our spam filter:
<div style="overflow:auto; height:1px;">spam content here</div>.

To learn more about how to stop wiki spam, consider visiting chongqed.org.