MediaWiki talk:Usernameblacklist: Difference between revisions

Latest revision as of 05:53, 20 October 2013

Does anyone know jack about regular expressions?--Gage 18:30, 5 April 2007 (BST)

Hello. An asterisk means "zero or more of the previous character" in a regular expression. "3*page" would block any user who wanted the string "page" in their name, which you presumably weren't intending. Wikipedia knows about regular expressions, I don't know of any better beginner guides offhand.

I doubt this is going to be useful for anything other than blocking the numerical-username spambots, though - human vandals can just try other names until they hit one that's valid (or read this page to see what characters they need to insert to skirt the restriction). --Kevan 18:37, 5 April 2007 (BST)

Here and here is some information on regular expression in PHP, which should be what mediawiki uses. Also, check wikipedia's Usernameblacklist for pointers on constructing these. The (?i: ) pattern is very important, as it enables case-insensitive matching (I believe). --Brizth 19:03, 5 April 2007 (BST)

Yay Brizth! I was getting Xoid's help with it, and it is 4am his time. I'm totally clueless to tell you the truth :)--Gage 19:16, 5 April 2007 (BST)

Just tell me what you want to blacklist and I'll see what I can do. The second one that's currently on the page should block all names that have only numbers. The first should block all threepage variants. --Brizth 19:25, 5 April 2007 (BST)

(?i:jimbo wales)? You're kidding right?--Vista 19:49, 5 April 2007 (BST)

Copypasta! :D--Gage 19:49, 5 April 2007 (BST)

Don't forget Gold Blade! --^T 03:01, 6 April 2007 (BST)

Testing

For anyone that wants to test a regular expression to make sure you got it right, head to regextester.com, click the button to selected Preg as the dialect (which is what the wiki uses), enter your expression in the first text field, and click the button for enabling the g flag. Then, in the larger text area, enter the list of all the usernames you want to catch (as well as a few you don't want to catch), with each one on a separate line. Ideally, you should see the Result section filled with all the names you didn't want to catch and none of the ones you did want to catch. For more information about the regular expression syntax, either look up a tutorial for PCRE or PREG syntax, or else consult the link provided above if you want some dry reference material. —Aich on— 16:47, 6 September 2012 (BST)

You

As we're doing this, can we throw in uggs? When they turn up, my god are they annoying. --I'm not the Ross UDWiki needs, I'm the Ross it deserves. 09:16, 8 September 2012 (BST)

Can you point me to some examples of the usernames they use? The more, the better. —Aich on— 07:33, 9 September 2012 (BST)

They normally contain the word uggs. Is that something you can specifically block?--I'm not the Ross UDWiki needs, I'm the Ross it deserves. 13:43, 10 September 2012 (BST)

It is, but I'm trying to make the rules as specific as possible, that way we don't accidentally block people with the screen name of "chugg king" or "ugglly bastard" or something. —Aich on— 16:16, 10 September 2012 (BST)

I hear you, uggs as a part probably isnt that common, will run back and have a look. Generally I believe they all begin uggs then random gobbledygook. --I'm not the Ross UDWiki needs, I'm the Ross it deserves. 16:36, 10 September 2012 (BST)

I doubt it's common either, but it's broad enough that I don't want to risk it if possible. If they're all-caps or something, let me know, since we can use that. Linking me to them would be great if you could find, say, 3-5 examples. —Aich on— 16:47, 10 September 2012 (BST)

Roger. --I'm not the Ross UDWiki needs, I'm the Ross it deserves. 16:50, 10 September 2012 (BST)

Suggested blacklists

In this, # = numeral, $ = letter.

J#i#a$o$ ([1] [2] [3])
Hanmei#$ ([4] [5] [6] [7])

(I may add more to this list later.) Bob Moncrief ^EBD•W! 13:33, 10 September 2012 (BST)

Added. —Aich on— 16:35, 10 September 2012 (BST)

So I've been trying to look through for more patterns, and it seems that a lot of them consist of seven or eight randomly-generated letters followed by three randomly-generated numbers. Not sure if that's too broad a category to include on the blacklist. Bob Moncrief ^EBD•W! 14:53, 18 September 2012 (BST)

Yeah, I've noticed that as well, but as you said, I tend to be of the opinion that it's too broad to reasonably use. I had a rule in there with something along those lines, but I removed it a few days back since I ended up not liking it as much as I thought about it more. —Aich on— 16:17, 18 September 2012 (BST)

8 Random Letters, 3 numbers, seem the current pattern. --I'm not the Ross UDWiki needs, I'm the Ross it deserves. 10:25, 20 September 2012 (BST)

Yes...but that's also a very generic pattern that a number of potential usernames could fall under, which is why I ended up pulling it out. For instance, just looking at the Active Users List, if we had disallowed names that started with 7-8 letters or numbers and ended in 3 numbers from the start, we would have prevented 123chess456, Gumball135, Nobody2011, and Rolando2424 from registering. And if we had limited it to just ones that started with 7-8 letters, as opposed to anything, we'd have still prevented the registration of the users with the italicized names. I'm uncomfortable blocking that, though if enough people want it and understand the concerns, then I'll still do it. —Aich on— 16:09, 20 September 2012 (BST)

Current spambot patterns blocked

Expanding on Bob's example above (#=digit, $=letter, ?=either), here are the current patterns I've blocked, hopefully in a more human-readable format for people that want to follow along. All of them are case-insensitive but MUST start with this pattern unless otherwise noted.

$$$$$$###
$#?????##$ (the ? can be 5-7 long)
$#$#$# (does not need to start with it, the $# pattern must be repeated a minimum of 3 times to get caught)
Ds$d#dsad
Fghtrlk$$#d
Gf$$$$$$
Hanmei#$
Jiaoii##
J#i#a$o$
Jd#ds$df#fj
Jersey##$## (the second ## can be 0-2 long)
Jjoggie#ii##
K????### (the ? can be 4-5 long)
L$$$####$
Linder$#
Lucyer$#
Moncler##### (the # can be 1-5 long)
Nike#$u$$
Q????ho$##
Qiao????## (the ? can be 4-7 long)
Sd$#fkdd#$d
Tid$#ds$fjd
Toppot##$##
Uier ##gfi#
Whiaterqu##$
Y$we???seo (the $ can be 1-2 long)
Youn$$##
Z###$$$###
Zinken### (the # can be 0-3 long)

I've also made notes where some of the patterns have a range of possibilities (e.g. rather than exactly 5 ? needing to show up, it will catch a range of 5-7 ?). —Aich on— 17:11, 10 September 2012 (BST)

Replacing the Qing one with the Qi one that is just a small bit more inclusive so that it can catch some new variations showing up. —Aich on— 16:16, 11 September 2012 (BST)

Added Zinken since it's shown up a few times now. —Aich on— 03:23, 22 October 2012 (BST)

Added Moncler since a bot advertising the brand has come by a few times now. —Aich on— 05:02, 12 November 2012 (UTC)

Added the ones suggested below. —Aich on— 15:34, 21 November 2012 (UTC)

Added the Y...seo pattern since it's cropping up a bit. —Aich on— 19:50, 27 November 2012 (UTC)

Added the Jersey and Toppot ones that have been popping up often. —Aich on— 21:30, 10 January 2013 (UTC)

Added Youn, as per Bob's description below. —Aich on— 19:46, 30 January 2013 (UTC)

Added $$$$$$### and Gf$$$$$$ since we're getting hit by them. —Aich on— 06:53, 20 October 2013 (BST)

I still think we should (continue to) IP block China. It'd be easier if we get Kevan involved, seeing as our IP rangeblocks are pretty lame. ᚱᛁᚹᛖᚾᚨᚾᛏ 13:42, 11 September 2012 (BST)

I'm no longer disagreeing with you on that front. I'm just using this as an additional tool. —Aich on— 15:48, 11 September 2012 (BST)

I wonder if governments would stoop to using spambots to encourage wiki admin's to block countries whose governments didn't want their citizens to access their information, so the governments don't have to block it themselves, from their end? Machiavelli, you bitch! -- boxy 09:05, 12 November 2012 (BST)

Lol. Even so, wikis generally only block write access, not read access, and read access is typically what's more dangerous for these sorts of governments, since they want to avoid the dissemination of information. —Aich on— 14:24, 12 November 2012 (UTC)

Pattern suggestion

I found a quite specific pattern, with 7 users created in the past 9 days. Not that big a deal, but every little bit helps:

Jd#ds$df#fj

The ones I spotted in the last 1000 created users:

And another one:

Ds$d#dsad

And a smaller one:

Sdc#fkdd#$d

PB&J 14:51, 21 November 2012 (UTC)

Thanks, I'll add them in just a sec. —Aich on— 15:27, 21 November 2012 (UTC)

The last one apparently was a bit inaccurate:

Sd$#fkdd#$d

I knew it the moment I saw Sdk2fkdd4md pop up today. PB&J 16:32, 22 November 2012 (UTC)

Changed. —Aich on— 18:40, 22 November 2012 (UTC)

And one more:

Nike#$u$$

I know the first # is a 2 everywhere here, but I think anything starting with "Nike# " would be a safe bet to block...

PB&J 20:53, 22 November 2012 (UTC)

Done. —Aich on— 19:57, 23 November 2012 (UTC)

Poof, straight from the Recent Changes page:

Fghtrlk$$#d

Tid$#ds$fjd

PB&J 20:22, 23 November 2012 (UTC)

Added. —Aich on— 05:38, 24 November 2012 (UTC)

Youn$$## - These ones seem to have not yet contributed, but there's a set of them [8] Bob Moncrief ^EBD•W! 15:27, 30 January 2013 (UTC)

Added. —Aich on— 19:46, 30 January 2013 (UTC)

MediaWiki talk:Usernameblacklist: Difference between revisions

Latest revision as of 05:53, 20 October 2013

Contents

Testing

You

Suggested blacklists

Current spambot patterns blocked

Pattern suggestion

Navigation menu

Page actions

Page actions

Personal tools

General

Search

Resources

Wiki

Toolbox