Abuse filter configuration

1. Abuse Filter Configuration

Abuse filtering is a critical component of maintaining a healthy and productive wiki environment. It allows administrators to automatically detect and prevent disruptive behavior, such as vandalism, spam, and personal attacks. This article provides a comprehensive guide to configuring and managing the abuse filter in MediaWiki 1.40, aimed at beginners but containing detail relevant to more experienced users.

Understanding the Abuse Filter

The Abuse Filter is a powerful system built into MediaWiki that uses a set of rules to analyze edits *before* they are saved. These rules can identify patterns of text, user behavior, or edit properties that are indicative of malicious activity. When a rule is triggered, the filter can take several actions, ranging from warning the user to completely blocking the edit.

The filter operates based on conditions. Each condition is a piece of logic that checks for something specific in an edit. These conditions are grouped together into rules, and each rule defines the actions to take if its conditions are met. Effective abuse filtering requires a balance between catching harmful edits and avoiding false positives – incorrectly flagging legitimate edits as abusive.

Accessing the Abuse Filter Interface

To access the Abuse Filter configuration interface, you must be a member of the ‘abusefilter’ user group. This group is typically reserved for experienced administrators and trusted users. Administrators can assign users to this group through the Special:UserRights page.

Once you have the necessary permissions, you can access the interface through the following link: Special:AbuseFilter. This page serves as the central hub for managing all aspects of the abuse filter.

Key Components of the Abuse Filter Interface

The Abuse Filter interface is divided into several sections:

Rules: This section lists all existing rules, allowing you to view, edit, disable, or delete them.
Expressions: This section allows you to create and manage reusable regular expressions and functions that can be used in your rules. These are crucial for creating complex and efficient filters. Understanding regular expressions is vital.
Variables: This allows you to define custom variables based on user or edit properties for use in your rules.
Logs: This section displays a log of all edits that have triggered the abuse filter, providing valuable insights into its performance and helping to identify potential false positives or gaps in coverage. Monitoring these logs is essential.
Configuration: This section allows you to configure global settings for the abuse filter, such as the default actions to take when a rule is triggered.

Creating a New Rule

To create a new rule, navigate to the “Rules” section and click the “Add new rule” button. This will open a form with several fields:

Name: A descriptive name for the rule. This should clearly indicate the type of abuse the rule is designed to detect.
Description: A more detailed explanation of the rule’s purpose.
Enabled: A checkbox to enable or disable the rule.
Conditions: This is where you define the logic that will trigger the rule. You can add multiple conditions, and they will be combined using logical operators (AND, OR). Conditions are built using expressions.
Actions: This section defines what happens when the rule is triggered. Available actions include:

   *   Disruptive: Tag the edit as disruptive, requiring review by a moderator.
   *   Block: Block the user. You can specify the block duration and reason.
   *   Shadow: Hide the edit from public view.
   *   Tag: Tag the edit with a custom tag.
   *   Throttle: Limit the user’s editing rate.
   *   Warn: Display a warning message to the user.
   *   Captcha: Require the user to complete a CAPTCHA before submitting the edit.

Severity: A level indicating the seriousness of the abuse being detected. Higher severity levels typically trigger more severe actions.
Comments: Any additional notes or information about the rule.

Understanding Conditions and Expressions

The heart of the abuse filter lies in its conditions and the expressions used to define them. Conditions are built using a variety of expressions, including:

String matching: Checks if a specific string is present in the edit. This is useful for detecting common insults or spam keywords.
Regular expression matching: Uses regular expressions to match more complex patterns. This is essential for detecting variations of abusive terms or URLs.
Variable comparison: Compares the value of a variable to a specific value or range.
Function calls: Calls built-in or custom functions to perform more complex calculations or checks.

Here are a few examples of conditions:

Simple string match: `$text contains 'badword'` – This condition will trigger if the edit text contains the word "badword".
Regular expression match: `$text matches '/http:\/\/.*\.ru/'` – This condition will trigger if the edit text contains a URL ending in ".ru". This can help prevent spam links.
Variable comparison: `$user.editcount < 5` – This condition will trigger if the user has made fewer than 5 edits. This can be used to flag potential sockpuppets.

Common Abuse Filtering Scenarios and Examples

Here are some common scenarios where abuse filtering can be effective, along with example rules:

Spam prevention: Detect and block edits containing spam links.

   *   **Condition:** `$text matches '/http:\/\/.*(bit\.ly|tinyurl\.com)/i'`
   *   **Action:** Block user for 1 week.

Vandalism detection: Detect and revert edits that replace content with gibberish or offensive language.

   *   **Condition:** `$text contains '!!!'` and `$text length > 10`
   *   **Action:** Tag as disruptive.

Personal attacks: Detect and warn users who engage in personal attacks.

   *   **Condition:** `$text contains 'you are stupid'` (case-insensitive)
   *   **Action:** Warn user.

Sockpuppetry detection: Identify new users who exhibit suspicious behavior, such as making a large number of edits in a short period of time.

   *   **Condition:** `$user.editcount < 5` and `$user.age < 600` (seconds)
   *   **Action:** Require CAPTCHA.

Promotion of harmful activities: Detect and prevent the promotion of illegal or dangerous activities.

   *   **Condition:** `$text contains 'how to make a bomb'`
   *   **Action:** Block user indefinitely.

Binary options related spam: Block edits advertising binary options schemes. These are often fraudulent.

   *   **Condition:** `$text contains 'binary options' or $text contains 'options trading'`
   *   **Action:** Block user for 24 hours.

Cryptocurrency related spam: Block edits advertising cryptocurrency schemes.

   *   **Condition:** `$text contains 'bitcoin' or $text contains 'ethereum'` and `$user.editcount < 3`
   *   **Action:** Tag as disruptive.

Phishing attempts: Detect and block edits containing phishing links.

   *   **Condition:** `$text matches '/login\.example\.com/'`
   *   **Action:** Shadow edit.

Detecting promotion of pyramid schemes: Detect and prevent promotion of pyramid schemes.

   *   **Condition:** `$text contains 'get rich quick'`
   *   **Action:** Warn user.

Detecting pump and dump schemes: Detect and prevent promotion of pump and dump schemes, often seen with penny stocks.

   *   **Condition:** `$text contains 'buy now' and $text contains 'guaranteed profit'`
   *   **Action:** Block user for 7 days.

Detecting use of misleading indicators: Flag edits discussing or promoting demonstrably false technical analysis indicators.

   *   **Condition:** `$text contains 'holy grail indicator'`
   *   **Action:** Tag as disruptive.

Detecting promotion of risky trading strategies: Flag edits advocating for extremely high-risk trading strategies without proper disclaimers.

   *   **Condition:** `$text contains 'martingale strategy' and $text contains 'guaranteed profit'`
   *   **Action:** Warn user.

Detecting promotion of high-frequency trading without risk disclosure: Flag edits promoting high-frequency trading without acknowledging the risks.

   *   **Condition:** `$text contains 'HFT' and not $text contains 'risk'`
   *   **Action:** Tag as disruptive.

Detecting misinformation about trading volume analysis: Flag edits spreading incorrect information about trading volume analysis.

   *   **Condition:** `$text contains 'volume is irrelevant'`
   *   **Action:** Warn user.

Detecting promotion of unrealistic returns: Flag edits promising unrealistic returns on investments.

   *   **Condition:** `$text contains '100% profit'`
   *   **Action:** Block user for 24 hours.

Testing and Refinement

After creating a new rule, it is crucial to test it thoroughly to ensure that it functions as expected and does not produce false positives. The “Logs” section of the Abuse Filter interface provides a valuable resource for testing and refinement. Analyze the edits that are being flagged by the rule and adjust the conditions as necessary.

You can also use the “Test rule” feature (available in some versions of MediaWiki) to simulate the rule’s behavior on a sample edit. This allows you to quickly identify potential issues before deploying the rule to a live environment.

Best Practices for Abuse Filtering

Start small: Begin with simple rules and gradually increase complexity as you gain experience.
Be specific: Avoid overly broad rules that are likely to generate false positives.
Use regular expressions effectively: Master the use of regular expressions to create precise and efficient filters.
Monitor the logs regularly: Pay close attention to the logs to identify false positives and gaps in coverage.
Collaborate with other administrators: Share your rules and insights with other administrators to improve the overall effectiveness of the abuse filter.
Keep rules updated: Abusers are constantly evolving their tactics, so it is important to keep your rules updated to address new threats.
Document your rules: Clearly document the purpose and logic of each rule to facilitate maintenance and collaboration.
Understand the limitations: The abuse filter is not a perfect solution, and it will inevitably miss some abusive edits. It is important to supplement the filter with human moderation.
Consider context: Remember that edits should be evaluated in context. A word or phrase that is offensive in one context may be harmless in another.

Resources

Start Trading Now

Register with IQ Option (Minimum deposit $10) Open an account with Pocket Option (Minimum deposit $5)

Join Our Community

Subscribe to our Telegram channel @strategybin to get: ✓ Daily trading signals ✓ Exclusive strategy analysis ✓ Market trend alerts ✓ Educational materials for beginners