Black List Plugin
This is a simple utility to keep black sheep away from a public TWiki site. The site can be protected against excessive page access (e.g. by bad robots) and suspicious activities of users, such as multiple registrations or rapid topic updates indicating
Wiki:WikiSpam.
The Plugin monitors activities by IP address and uses three IP address lists to protect the TWiki site:
- WHITELIST: Manually maintained list of users who should never get on the BANLIST
- BLACKLIST: Manually maintained list of malicious users
- BANLIST: Automatically updated list of users with suspicious activities
Users on the BLACKLIST and BANLIST will have every page access delayed by one minute and will get an error message.
To fight Wiki-spam, the Plugin can also add a
rel="nofollow" parameter to external URLs. Search engines will not follow links that have this parameter, taking away the incentive to add spam to TWiki.
Plugin Settings
Plugin settings are stored as preferences variables. To reference a plugin setting write
%<plugin>_<setting>%, i.e.
%INTERWIKIPLUGIN_SHORTDESCRIPTION%
- One line description, is shown in the TextFormattingRules topic:
- Set SHORTDESCRIPTION = Utility to keep malicious users away from a public TWiki site
- Debug plugin: (See output in
data/debug.txt)
- WHITELIST: Comma delimited list of IP addresses; possible to use partial addresses ending in a dot
- Set WHITELIST = 127.0.0.1, 81.2.94., 206.49.179.8
- BLACKLIST: Comma delimited list of IP addresses; possible to use partial addresses ending in a dot
- Set BLACKLIST = 203.88.152., 203.88.155., 219.65.75., 222.183., 221.237., 218.87.222., 128.172.144.78, 128.180.121.221, 129.176.151.21, 129.46.51.199, 131.114.31.60, 145.28.70.253, 146.145.122.154, 146.50.1.121, 192.112.251.48, 192.18.42.11, 193.113.57.167, 193.138.110.138, 193.204.86.247, 194.255.110.3, 195.140.123.22, 195.208.147.114, 195.246.29.34, 195.27.215.89, 196.201.87.240, 198.232.129.38, 201.12.164.3, 202.131.163.229, 202.176.134.38, 202.41.121.132, 202.71.139.225, 203.134.87.155, 203.197.175.229, 203.59.106.100, 203.88.152., 203.88.155., 204.194.26.114, 204.60.124.22, 205.194.74.10, 207.37.254.250, 209.237.238.157, 210.213.12.154, 210.214.190.45, 212.142.33.102, 212.59.0.197, 213.140.6.111, 213.148.226.206, 213.150.180.130, 213.255.201.11, 216.139.181.138, 216.55.159.187, 217.225.75.104, 219.65.75., 220.139.14.96, 221.148.44.112, 221.217.48.121, 221.237.3.67, 221.237.5.169, 221.24.74.7, 222.47.183.35, 222.50.120.148, 222.64.144.87, 24.132.230.78, 24.236.73., 24.42.104.137, 38.144.36.19, 4.79.40.175, 58.8.0.251, 59.135.90.49, 61.149.245.150, 61.229.228.111, 61.229.231.60, 62.159.114.18, 62.163.12.101, 62.163.17.232, 62.163.37.188, 62.193.226.62, 62.193.235.107, 62.193.235.94, 62.193.236.130, 62.193.236.152, 62.193.238.104, 62.194.17.165, 62.194.7.249, 62.194.7.3, 62.218.146.85, 62.23.185.226, 63.241.61.8, 63.88.59.92, 63.96.171.26, 65.214.36.186, 65.214.38.210, 65.98.67.74, 66.163.170.185, 66.163.170.193, 66.194.55.242, 66.238.40.2, 66.92.68.227, 67.101.9.164, 67.15.130.23, 67.39.183.193, 68.130.216.242, 68.130.216.81, 69.93.108.202, 70.85.45.132, 70.92.154.224, 80.132.214.37, 80.146.121.129, 80.146.126.46, 80.180.69.245, 80.58.33.235, 80.58.4.111, 81.192.30.2, 81.196.22.25, 81.207.249.182, 82.255.5.216, 82.81.70.84, 83.76.180.170, 83.88.197.205, 84.28.56.169, 222.65.202.53, 200.207.217., 201.21.0., 85.202.125., 83.69.125.7
- BANLIST configuration, comma delimited list of: Points for registration, points for each save and upload, points for view raw, points for other actions like view, threshold to add to BANLIST, measured over time (in seconds)
- Set BANLISTCONFIG = 20, 5, 1, 20, 120, 300
- Your current score: 2 for IP address 38.107.179.231
- Message for users on BLACKLIST and BANLIST:
- Set BLACKLISTMESSAGE = You are black listed at the Open-org web site due to excessive access or suspicious activities. Please contact site administrator webmaster@socialtools.net if you got on the list by mistake. Black listed IP addresses will be submitted to major blacklist databases.
- Add a
rel="nofollow" parameter to external URLs. Use this is to fight Wiki-spam. Search engines will not follow the link if a URL has a nofollow parameter, such as <a href="http://spammer.com/" rel="nofollow">. Specify topic age in hours for which the nofollow parameter should appear (set it to a value that gives you enough time to remove spam); set it to -1 to add the nofollow parameter unconditionally to external URLs; or 0 to disable: (-1, 0, 1...N)
- Log access of users on BLACKLIST and BANLIST: (1 or 0)
Plugin Installation Instructions
Note: You do not need to install anything on the browser to use this plugin. The following instructions are for the administrator who installs the plugin on the server where TWiki is running.
- Download the ZIP file from the Plugin web (see below)
- Unzip
BlackListPlugin.zip in your twiki installation directory. Content:
| File: | Description: |
|---|
data/TWiki/BlackListPlugin.txt | Plugin topic |
data/TWiki/BlackListPlugin.txt,v | Plugin topic repository |
lib/TWiki/Plugins/BlackListPlugin.pm | Plugin Perl module |
- Test if the installation was successful:
- Using above form, add the IP address of one of your workstations to the BANLIST
- Access TWiki from that workstation
- if you look at a TWiki topic (with the view script) you should see the BLACKLISTMESSAGE (defined above) after a one minute timeout
- else, you should get an 500 Internal Server Error for other scripts
- On a different workstation, remove the IP address of the test workstation from the BANLIST
Known Issues
- The BANLIST does not work until you add and remove an IP address using above form
Plugin Info
Related Topics: TWikiPreferences,
TWikiPlugins,
Google blacklist directory
--
TWiki:Main/PeterThoeny - 22 Jan 2005
to top