So, I got this page started as a preventive measure. Most of these ideas have already been used in the past, and are probably second nature to more experienced Wikitravellers. But I wanted to make sure we had an explanation of the ideas, and also a failsafe mechanism in place in case SoftSecurity fails us at some point.
I realize that other wikis, like Wikipedia, employ hard security measures like user bans more often than we do (that is, not at all -- yet). I'd like to continue to rely on friendly, open corrections as long as possible. We don't have enough contributors to start making enemies out of potential ones -- however slight the potential may be.
As usual, comments welcome. --Evan 01:43, 6 Feb 2004 (EST)
I'm wondering if by mentioning the fork option, if we're not making it more legitimate/likely. Eric Raymond argues that there is a great social pressure against forking open source projects, and so it is very rare. I'm not sure how well "open source psychology" transfers to a Wiki though. So I'm wondering if we shouldn't mention it at all? I know this reasoning is kind of flaky, but I thought I'd bring it up anyway. The other side of this is that maybe by pretending that certain issues don't exist (by not mentioning them) then we would jeopardize the strength of the Wikitravel community. --Dawnview 00:34, 9 Feb 2004 (EST)
I agree that forking is probably is a last resort, and finding some kind of accommodation is probably the best way to deal with policy problems. But personally I think it's worse to have catastrophic policy battles than to have forks. I'd rather see groups of editors go different ways based on policy differences than have all the editors just give up on Wikitravel in disgust at political infighting.
As to whether the pressure not to fork carries over to Wiki: I think some, but not as much as you'd think. There's a lot of examples of forks in wikis, like Wikinfo and Enciclopedia Libre from Wikipedia, or CommunityWiki and FermentWiki from MeatballWiki (although there's dispute whether these last cases are "true" forks).
As to whether or not to mention it: well, the main reason I set up this page was to discuss when and how we implement user bans (a feature of the MediaWiki software). It's something I never want us to have to do, but I'd rather we were ready for it when the time came than trying to scramble and come up with some procedure in the middle of a divisive period. I kinda feel the same way about forking: it's better to work out how we deal with it when it's not an issue than scramble to deal with it later. --Evan 01:52, 9 Feb 2004 (EST)
I notice that there is some (chinese) WikiSpam being posted. If you are not already aware of the site http://spammers.chongqed.org/ is documenting cases of WikiSpam so that the google pageranking of keywords is defeated. Rather than just deleting WikiSpam, persistant WikiSpam should be chongqed by being submitted and buried completely. Evan - good to see ROBOTS.TXT disallows search engines access to the page history. -- Huttite 06:48, 1 Oct 2004 (EDT)
As written, this policy puts all user-ban decisions in the hands of admins. That's contrary to the general spirit of policies here where we consider admin power to be merely a janitorial tool. I don't really have a better suggestion, but it's kinda odd. -- Colin 03:54, 5 Mar 2005 (EST)
This policy fails to adequately address childish but persistant vandalism. While the general procedure works, the step from "it's your problem to revert everything" to "full user ban" is too severe a jump. Wikipedia handles persistant vandals with warnings, and then a short 24 hour ban. The 24 hour ban just makes the vandal go away. Sure they can retry the next day, but that's not as annoying since they can be re-tempbanned. What is annoying is to follow a vandal around and fix the problems for no reason other that to preserve our reputation as "never banned nobody." Additionally, even if we have someone playing babysitter and following the vandal around, the recent changes page and all the history pages get so spammed as to be unusable. I propose the following:
1. Add more admins so that more of our users have single-click revert buttons to ease the task of revertion.
2. Allow 24-hour bans for a user who deliberately vandalize 10 or more pages within a 24 hour period, and who vandalizes 5 or more pages after being warned. By deliberately, I mean that they intend to cause damage, and are not merely users trying to help or even just someone trying to promote their site in extlinks.
Personally, I'm no longer interested in cleaning up after persistant vandals without more policy in my favor. This just increases the burden on others, which risks having them burn out too. -- Colin 15:20, 17 Mar 2005 (EST)
I made a patch against the version of Mediawiki which we run that allows an admin to revert everything that shows up on a given user contributions page. This allows restriction by time, so that contributions by an earlier user of the same IP would not be effected.
With this patch in place there is absolutely no reason whatever to block an entire group of users sitting behind a given IP for any length of time. Think about it: Blocking is what the vandal wants us to do. Heck this particular one spent most of his first (and longest) vandalism run asking me to block the IP, probably so that he could send a letter to the editor of his local student paper about what weeners we were for blocking the whole school. Well, I didn't do it. -- Mark 15:46, 17 Mar 2005 (EST)
I can already get the effect of your patch by going to the user contributions page, finding all (top) pages, and middle clicking the revert next to them. Don't get me wrong -- your patch is useful for undoing large scale foo (though I hope you limit the reversion so it doesn't kill contribs by previous users of the ip address). But the problem I'm trying to address is the continuing and ongoing vandalism which happens after you hit revert-all.
The script you wrote did handle the ongoing vandalism problem. But I have concerns with it: 1. your script was in effect no different from a user ban (except the reverts could be reverted if they were good contribs) 2. your script doesn't solve the messy-history problem and 3. if your script was distributed openly and used by vandals, we would have no choice but to do ip-blocks. -- Colin 16:00, 17 Mar 2005 (EST)
So after the recent User:OIdPine episode, should we add a case allowing blocks for deceptive user names? — Ravikiran 02:45, 26 July 2006 (EDT)
While I didn't think so when I first started editing here, I now tend to agree that blocks are counter-productive. I don't buy into the idea that a vandal will eventually become a useful contributor, but it does seem that anyone vandalizing the site gets bored and leaves when no one pays any attention to them. For example, if I immediately revert someone's vandalism they really are more likely to stick around, but when it goes unnoticed for a while they seem to wander off quickly. Given that, I'd say blocks aren't going to be productive - it's attention, and if anything encourages someone to be more creative in how they abuse the site.
Long story short, I don't think any policy that calls for blocks will be effective, and that even a deceptive user name isn't a worthwhile reason to block someone. -- Ryan 02:52, 26 July 2006 (EDT)
During today's reverting fun Colin asked if someone could start a discussion about handling trolls. Trolls are annoying and it's hard to ignore them, but I think it would be helpful if we could follow some of the advice outlined in WikiPedia:Wikipedia:What is a troll#Not feeding the trolls, particularly the section on "the value of slow reverts" - I don't think we need to leave offending content for more than a few minutes, but an immediate revert simply encourages further vandalism. The benefit of taking a "don't feed the trolls" approach is:
Someone who is trolling is looking for attention, and by immediately reverting any changes they make we are giving them something to do.
It doesn't really hurt us to have random gibberish displayed on a few articles for a while, and for important pages such the Main Page we can always add temporary protection to make sure that visitors to the site aren't confused.
I don't think it's worthwhile trying to enforce any kind of policy for handling trolls, but it might be good if we could discuss the best way to deal with them when they show up. -- Ryan 01:56, 6 February 2007 (EST)
I don't like the approach. I wonder if having your hard work reverted in seconds by a team of 20+ users is a bit of a downer and causes them to wander off. Anywho, if you look at User:Sapphire/Sandbox#IP/Vandals I've figured out the vandal's IP address and we could prevent it from creating more user names, which gives the vandal the power to move all these pages around. Otherwise send an email to the ISP asking for their help. -- Andrew H. (Sapphire) 13:28, 6 February 2007 (EST)
While I think most trolls quickly wander away after half an hour of being quickly reverted, I do think that some are not put off by that. Usually the pattern with an actual vandal (not just an unhappy editor) is that they fight the revert awhile, then they start attacking your talk page, then they give up. But not every vandal fits this profile. -- Colin 13:40, 6 February 2007 (EST)
Congrats on tracking down the IP address, Andrew; the only long-term solution to all this is to hit the idiots where they live. This said, I don't think it's particularly useful to try to get inside the heads of the people that do this vandalism. The real question is: what policy is best at meeting our goals? Given that none of us (except Evan and Maj) do this for a living, and we have other demands on our time (I just happened to be home sick today -- no big deal, thanks -- and wouldn't have been able to help parry the attack otherwise), it seems to me that we just have to do what we can, when we can. Simply adding some of the pages most frequently targeted by "real" troublemakers -- Talk:Main Page, etc. -- to our watchlists should let us catch the more serious vandalism when it occurs, without trying to implement a policy that doesn't meet the goal, won't necessarily work, and is incompatible with the way most of us do things here. -- Bill-on-the-Hill 13:42, 6 February 2007 (EST)
In response to Andrew, bear in mind that whether it's on a wiki or on the local street corner, someone causing vandalism is generally doing so solely to get some sort of response from the people whose work is being vandalized. If there's no response, there's no payoff - it's more fun to play games when you're playing against someone. -- Ryan 15:24, 6 February 2007 (EST)
Well, here's a chance to do the experiment. Guess who's back. -- Bill-on-the-Hill 19:25, 6 February 2007 (EST)
Just registered to this specific wiki, I had never seen such huge scale of 'edit attack' on other wikis. I must say I do not understand why someone would sit in front of his computer to spend his time to do such thing repeatedly, life can be boring, the weather can be bad but how does someone arrives at such low life level?
Those who make unwanted edits come in all shapes and sizes I guess... Special:Contributions/184.108.40.206 / Special:Contributions/220.127.116.11 has been a particularly persistent case, checking in several times a day to add apparently bogus info. Given a few weeks I expect he/she will go away, but in the mean time we've got well over a hundred edit/reverts in the article history. I somehow doubt this will be the only time we see this kind of behavior, so does anyone have any suggestions on how best to handle it in the future? The options I can see are:
Try to engage the user. This user doesn't seem to care about policies or consensus, and based on the talk pages for this IP on Wikipedia I suspect discussion probably won't work.
Use the spam filter. This has been tried, and the user simply changed the edit text to find ways around the patterns being used.
Ban the user. Not a great precedent to set, and bans are easy to get around.
Protect the article. Again, not a great solution as it prevents others from making edits.
Use slow reverts, and simply wait this person out. Not a great solution as it makes a mess of the article history.
Ideas or comments? -- Ryan 22:54, 24 February 2007 (EST)
I'll considered comment removed. -- Sapphire • (Talk) • 00:19, 25 February 2007 (EST)
If you take that approach I'd recommend staying away from the Myer Centre, as I hear it can be dangerous... -- Ryan 23:17, 24 February 2007 (EST)
I'm concerned this contributor may actually be mentally ill. His persistence rules out being a troll. Being poisoned three times implies that the person went back to Myer Centre after being poisoned twice, which does not sound rational. So seriously, I think we need to go gently on this one -- either slow reverts or a temp ban to redirect his energies elsewhere. -- Colin 00:11, 25 February 2007 (EST)
When you say temp ban do you mean blocking the IP for a week or two or protecting the page? -- Sapphire • (Talk) • 00:15, 25 February 2007 (EST)
Have a look at the edit history on Wikipedia (here and here). Granted, it's a shared IP address, but the random edits to high school articles fits the pattern of a bored kid making stuff up. In any case, no matter what this particular user's story is, do we have any better options than slow reverts or a temp ban? What if we just leave the offending content on the article for a few days/weeks since someone will obviously remove it in the future? If the consensus is to use a temp ban I wouldn't be opposed, although I really don't think bans are effective, and often have the opposite effect of making successful and notable vandalism into a challenge for someone to pursue. -- Ryan 01:22, 25 February 2007 (EST)
I was drink spiked, so I stayed away from where I was drink spiked, I was then gassed, so I stayed away from where I was gassed, then I was food spiked, so I eventually stopped going to the centre since it is crime ridden. I was spiked twice with GHB and gassed with hydrogen sulfide. I consider it disgusting that there are cameras all around and security did nothing about these incidents! So I'd rather warn people to stay away then go through what I have!
I'm having trouble figuring out how to cough the word psycho on a keyboard, so forgive my bluntness... – cacahuatetalk 02:05, 30 March 2007 (EDT)
Why wonder how to cough it? I agree the people who spiked and gassed me ARE psychos! I cannot understand how this centre is allowed to operate while it is so crime ridden! If they cannot guarantee the safety of visitors it should be shut down permanently! Also, your wondering about my mental state of health? I'm wondering about why security thought it was okay to let someone be attacked three times, I was actually POISONED twice and gassed once. It is a huge place and was hoping it was just bad luck, three times confirmed it wasn't. I am definately not mentally ill.
Did you file a police report and if so what's the case number (or whatever it's called)? I'll send an email off to the Brisbane PD and check to see if your story can actually be collaborated. Then all this will be settled. -- Sapphire • (Talk) • 10:51, 1 April 2007 (EDT)
I told them but was not given any case numbers,
What happened to you after these alleged incidents? Be very specific, as if you were telling the Queensland Police. -- Sapphire • (Talk) • 21:22, 1 April 2007 (EDT)
Also, when did this occur? Specific dates, please. -- Sapphire • (Talk) • 21:32, 1 April 2007 (EDT)
I became nauseous, dizzy and sick. I also don't have dates of the incidents.
I searched through the Queensland Police Department's records and I can't find anything similar to the story you keep telling. There has only been one recorded incident of a poisoning at the ball, but the person who did the reported the poisoning was the same person who placed the poison in the food. She's been busted by the PD. I have to say, I'm not buying the story and will work with the others to revert your addition of the story, unless you come up with clear proof it happened. -- Sapphire • (Talk) • 00:46, 24 May 2007 (EDT)
I don't care if you buy it or not, also, who cares about someone being poisoned at a ball, I was poisoned in the myer centre. Clear proof it happened? Not needed, due to the negligence of the myer centre security staff testing wasn't carried out. It did occur and a complaint was made, that's all that matters. —The preceding unsigned comment was added by 18.104.22.168 (talk • contribs)
The following is listed as policy, but seems to be ignored by most admins, myself included:
However, if a script is badly-behaved -- due to programming error or malicious intent -- an administrator can and should put a user ban on the IP address and/or user account the script is using. Again, the administrator should note the ban on the user ban nominations page, and the same procedure applies as for other bans.
I don't see the value in listing every IP for every script that hits the site on the ban page. If someone wants to ban a user it should go through the normal process, but do we really need an additional level of bureaucracy when fifty articles get hit with links to sex-with-ponies.com and an admin blocks the offending IP? Can this sentence be removed? -- Ryan(talk) 01:21, 31 March 2007 (EDT)
Is it worthwhile to delete then immediately restore the last version of a page to avoid leaving the newly added spam in the article's history? I'm kind of for this idea, but if others are too, it would be nice to tweek the restore process a little to make it easier...
As of now you have to "check" all the boxes for the revisions you want to restore. If there's a lot of history, then that means a lot of clicking on each and every check box. So, can we somehow get them all to be checked by default, or add a "select all" button, so that we can then just "uncheck" the most recent (spam) edit, and thus quickly delete/restore pages? – cacahuatetalk 00:30, 24 May 2007 (EDT)
There's no need to delete the histories for pages that have been spammed because Robots.txt tells search engines not to look at the histories or older versions, which effectively prevents spam urls from being indexed by sites like Google.
I was going to tell you, especially since you had to restore over 500 (600?) versions of the "Europe" article, but I wasn't 100% sure you were trying to remove it from the history. -- Sapphire • (Talk) • 00:43, 24 May 2007 (EDT)
Oh, I guess I haven't paid enough attention, but I thought that was their whole point was so that it would up their google rating. Well good news if what you say is true. And yes, I was trying to get it out of the history... and stupidly I didn't actually check the history first, cause if I had I would have noticed that the last several edits were the same thing, so I only deleted the very last one, leaving several. Because sometimes I'm lame. So I guess I can't thing of another reason we would ever need to delete and restore. But if we do think of something, my request above would help a lot. I'm gonna stop talking now. ok. bye! – cacahuatetalk 02:44, 24 May 2007 (EDT)
I am uncomfortable with listing "challenges to policy" under "unwanted edits." It is my understanding that challenges to policy are beneficial to the sited and are very much "wanted edits," unless we are just feeling lazy. I do, however, think it should remain on the page under a different subheading—in order to indicate explicitly that these types of edits are welcome on Wikitravel. --PeterTalk 15:50, 28 June 2007 (EDT)
Perhaps a better way to describe that section is "Defiance of policy". Speaking for myself, I don't want someone who disagrees with an established policy making edits that defy it; I want them to first change that policy (if they can), so that their subsequent edits are in agreement with policy. - Todd VerBeek 20:35, 28 June 2007 (EDT)
I like that thought. I just tried to tweak the section to highlight the difference between defiance of and challenges to policy, but am not very confident I did a great job with it. --PeterTalk 21:29, 28 June 2007 (EDT)
Being one of frequent challengers of the policy, I believe the "policy on changing policies" should be more accessible and found more easily than it's now ("How to handle unwanted edits" is the last thing I would think of when I'm looking for how the policy is set up and changed). Things like "when I have something not fitting the current policy, should I discuss first, or make a practical precedent, or go ahead and change the policy itself first?" are very non-obvious now, and I would vote for having them explicitly defined, along with what's currently described in "Defiance of policy" section. --DenisYurkin 08:03, 1 July 2007 (EDT)
I'm not sure advertising is necessary. The way it usually works is that a new user makes an edit X, it's rolled back, the user complains, and he's told that edit X goes against policy Y and he should raise the issue on Y's talk page. Jpatokal 13:20, 12 July 2007 (EDT)
Making something implicit to be described explicitly in a place we can easy refer to is not necessary to advertise it ;-) --DenisYurkin 02:48, 13 July 2007 (EDT)
handling repeated adding of agencies and extlinks
We frequently revert adding of agencies and extlinks; as WT grows, more and more people revert. I think it's time to prepare a template that anyone can use on user's talk page to address anonymous or registered contributor who insists on adding his agency or extlink. Who can share your examples of such messages so we compile them in something anyone can use instantly? --DenisYurkin 16:20, 23 September 2007 (EDT)
I just added a short bit about temp bans not requiring the nominations process, which have evolved into a general practice here, and I think there is consensus behind this. I defined them as less than a day, and only for extremely high-volume vandalism, and only for the express purpose of creating space to clean them up. Please revise as you see fit! --PeterTalk 17:01, 11 April 2008 (EDT)
I suggest a two day discretionary admin block (which seems to be the norm) rather than one day.--Wandering 20:18, 11 April 2008 (EDT)
Also, it's not clear if the short term one-day discretionary block should be recorded in the Wikitravel:user ban nominations page (or some other page). I suppose all bans should be recorded somewhere for review and as a record but the text does not say where.--Wandering 20:27, 11 April 2008 (EDT)
I wonder if there's any objection if in future I choose to revert edits that remove useful content and give no explanation for removal (neither in Summary nor in Talk). I don't ask for policy to make that a rule yet--but after my experiment I would like to propose such a policy for everyone who patrol edits.
We had a case with MarinaK whom for many days many of us asked to stop vandalizing articles, while she was keeping removing content (with good intentions, but with both good and bad results). I spent two or three weeks of free time to revert MarinaK's edits I considered destructive, and I don't want to be that passive the next time I face [massive] content removal from a new (or other) user.
Are there any objections? --DenisYurkin 15:36, 21 September 2008 (EDT)
I'm not going to object your personal actions, but I don't think it would be a good idea for this to be policy, not because I think it's good form to remove content without explaining yourself, but rather because there's quite a lot of (mostly anonymous) users that remove individual listings, probably validly, without explaining themselves. Simply reverting without attempting to either determine whether the removals are valid or discussing with the user might be seen as unfriendly. I think any policy around unexplained removals needs to handle the fact that there are a rather large number of unexplained deletions, the majority of which are in fact likely valid. JYolkowski 18:06, 21 September 2008 (EDT)
I'm not certain that we need to write this into the policy, but no harm in registering my support for reverting unexplained content deletions. Sometimes users are removing closed businesses, but without so much as a edit summary, this can be very hard to verify. The majority of times I have tried to verify these types of edits, I've actually called the deleted listing and they were still open—unexplained content removal is very often deletion of rival businesses or just accidental deletion. I think reverts are fair in these instances, since making a lot of phone calls just to check recentchanges isn't at all practical. --PeterTalk 21:35, 21 September 2008 (EDT)
The policy is and should be that you should use your judgement as to whether or not it's in good faith, that's basically the whole idea behind recentchanges patrolling. I tend to revert unexplained deletions, because I'd rather have a closed restaurant sit in the article a bit longer until it gets removed with a description. Putting a note on the talk page sometimes works too, see Talk:Dharamsala – cacahuatetalk 00:01, 22 September 2008 (EDT)
Users who are trolling for attention are best ignored, and if they make disruptive edits those should be reverted (preferably using slow reverts). This policy page spells out the reasoning.
There have been some temp blocks that we might be able to avoid by simply not engaging with the user in question - while trolling for attention may be a justified reason for a temp ban it would be nice if we could handle it without resorting to user bans. -- Ryan • (talk) • 14:43, 7 December 2008 (EST)
I think I'd agree, but the big problem we have been having is in people responding to trolling, which makes slow reverts impossible without removing others' responses. Regarding page creation vandalism, I don't think we'll ever quite avoid confusion with people who haven't seen it before. --PeterTalk 14:55, 7 December 2008 (EST)
I agree with Ryan, and I would define a disruptive edit as something entirely unrelated to Wikitravel or its goals. --Inas 17:27, 7 December 2008 (EST)
Hmm, we may be diverging then. I've always considered it appropriate to remove comments that are off-topic, ranting, and thereby disruptive to the discussion at hand. Especially in the case that this type of disruption isn't in response to, say, a difference over text in one article, but rather is being done at high volume site wide. --PeterTalk 18:07, 7 December 2008 (EST)
Doesn't sound like much a divergence to me. I'm yet to see an example of off-topic ranting that is related to the Wikitravel goals, and I think its unlikely. The desired outcome is to avoid sideshows from the main game, and deprive them of oxygen. Would obviously be nice if this could be done with a combination of policy, patience, and strategic reversions (but possibly a little idealistic) --Inas 19:12, 7 December 2008 (EST)
OK, I sat back and started thinking about this, and I think we've been moving down a dangerous slippery slope lately, out of sheer frustration - and we should probably take a step back and breathe.
temp blocks shouldn't be more than 2 hours, without prior discussion for each individual case (spam bots etc. are of course exempted)
temp protections shouldn't be more than 2 hours either, but we seem to have a problem as noone seems to know how to do this for less than a day.
User should always be given a reason on his or her talk page, no matter how repetitive and tedious this gets.
And a question - I much prefer slow reverts, but is there any way we could discourage regular users to respond to a given users comments, which is what's making slow reverts hard?
Please remember, we're on the same platform as Wikipedia, so there is a huge number of users familiar with how wiki'ing works, it would be a sin to discourage those users, just to save time and energy. --Stefan (sertmann)Talk 22:23, 9 December 2008 (EST)
I disagree that we should have set limits on temp blocks and protections. Different situations do call for different time limits—sometimes there's a move vandal that you know will wait out 2 hours, but will lose interest with a day-long block. I think admins have in the past done a good job using these temporary tools at their discretion.
More to the point though, we do have the occasional case (I'm thinking of two, in total) that is better dealt with by a practice outside of our usual operating procedures. And they are the two that we are discussing in this thread. In the first case, our page creation vandal, we do have a practice that diverges from our usual practices. We know who he is, we recognize him right away, and we treat his contributions differently from others. When just about anyone on Wikitravel creates a stubby little page for some uninteresting destination, we try and add breadcrumbs and an outline, in order to integrate it with our worldwide guide. But it would be a waste of time and energy to do that for this one specific person, so we've devised a practice just for him.
In EE's case, we have someone who simply will not allow himself to be guided by the usual social constraints of advice, criticism, requests to stop, etc. That's not different from all sorts of vandals and trolls we've dealt with over the years. But what is different is the scale of this problem—while awake, he edits constantly and never tires of it, presumably because his motivation is very different from the usual bored vandal/troll. The best way I've figured out how to deal with this (and I don't see any reason to extend this practice beyond this one user) is to leave his productive edits alone, revert any disruptive or irrelevant edits, and temp block/protect (as appropriate) when he edit wars. I've been escalating the block durations for two reasons: 1) to try and drive the point home that it's not ok for him to edit war, and 2) in the hope that a longer break from his non-stop editing might chill him out a bit. --PeterTalk 23:18, 9 December 2008 (EST).
Well I do get your points, but my main worry is mainly in how other (new) users interpret this behaviour, WT haven't, at least to me, looked like a very welcoming and tolerant place as of late, which I know in a mild but weird paradox, is partly due to the noise EE has generated, but it's still nagging me. Anyway, I've set up some very concrete guidelines on his talk page - let's see if he can adhere to those. And I still think we should at least maintain a one day limit on bans with prior discussion. --Stefan (sertmann)Talk 23:38, 9 December 2008 (EST)
Point taken. I assume you mean "maintain a one day limit on bans without prior discussion"? If so, that seems like a reasonable guideline to me, although I'd like to let the current ban run its course. I'm also in agreement that it would be good to leave an explanatory message on the user's talk page immediately after instituting a block. Oh and regarding <1 day protection durations, you can just enter an end time like "0400," or specify "3 hours." --PeterTalk 23:56, 9 December 2008 (EST)
I understand we're just trying make a travel guide, and there is nothing more distracting than having to deal with irrelevancies. However, we have to take the good with the bead, and I feel as part of Fair Process, there should be a place where people can argue their own case. Irrelevant edits scattered widely should be reverted, but there should be at least one legitimate place where, excluding abuse, people can present their case. --Inas 22:50, 9 December 2008 (EST)
Fair enough. This, in the history of the site, has only been a problem in one case, but in any rate I'd say the user's own userspace would be the last refuge of a scoundrel's plea. --PeterTalk 23:18, 9 December 2008 (EST)
Fine, talk page is refuge, unless there are any personal attacks, I'll leave it alone. --Stefan (sertmann)Talk 23:38, 9 December 2008 (EST)
Hey, I would just like to say sorry for the disruptions. I agree with Stefans words. Really, this could have been stopped had someone talked to me. But sorry and thank you for the idea Sertmann. edmontonenthusiast [ee].T.A.L.K. 23:09, 10 December 2008 (EST).
Given that some admins have disagreed over temp blocks, I think we should also discuss reversions, since we've also been pushed to revert a bit further than we normally have in the past. I'm in favor of keeping a hard line on this, with very difficult users. We've been reverting any comments that are in any way disruptive, contain personal attacks, in any way resemble trolling, or that are about things other than writing a travel guide. User's talk pages won't be policed other than for personal attacks and vandalism. Naturally we don't enjoy removing conversations and have a habit of not doing so. But excessive trolling and repeated disruptive comments are distracting, and I'd like to know that there's consensus among admins if we need to continue it – cacahuatetalk 14:47, 10 January 2009 (EST)
My preference with talk pages is that if a user edits his/her own talk page, and that edit is not spam, blatant advertising, or something truly vile such as pornography or hate speech, then we leave the edit alone. When someone edits any talk page other than their own then common sense rules apply as regards trolling and spam. With respect to three of the cases you cited - "personal attacks", "in any way disruptive" and "things other than writing a travel guide" - these should not be reverted unless an effort has previously been made to educate a user about why some comments are inappropriate. Reversion is in effect a repudiation of someone's views, and we should always err on the side of open discussion. -- Ryan • (talk) • 15:46, 10 January 2009 (EST)
I agree with Ryan's wording. I'd also like to err on the side of education rather than policing comments, which, unless blatant trolling/vandalism, should only be done as a last resort. --PeterTalk 20:25, 10 January 2009 (EST)
There are very few instances on wikitravel when it is justifiable to play the person, and not the ball. Allowing the user page as a haven for agressive language directed at an individual is a slippery slope. When is the abuse serious enough to warrant reversion? When is it defamatory or slander? In my opinion comments like are currently on User:Jo page may be considered defamatory.
Why play the game of determining whether the abuse is sufficiently severe? What is the justification in a travel guide of allowing personal abuse of individuals of any kind? How does it get us any closer to our goals?
I would like to suggest that we clarify the policy on abuse. Have a go at any policy, set of behaviours, or actions that you like. Aggressive language directed at an individual is contrary to our goals and our community and should be removed. --Inas 21:47, 11 January 2009 (EST)
I'd prefer to avoid policing user pages at all except in extreme resorts (porn, hate speech, spam). If a user page is insulting or even abusive towards other users I think we only need to get involved if the "victim" of the abuse wants something done. If Colin felt strongly enough about what Jo wrote then I think it might be worth discussing, but otherwise I don't think we want to be in the business of policing user pages. -- Ryan • (talk) • 21:53, 11 January 2009 (EST)
I enjoy writing travel articles for wikitravel, and I realise that there is some admin effort to be put into the site, to keep it running. I don't think this admin effort should be left to others, and I'm happy to do my share. However, I understand that performing this admin effort sometimes treads on peoples toes. Vandals in the past have posted personal and obscene remarks about me on their home pages while I have been patiently reverting their edits. I have reverted those changes also, but also others have been kind enough to do this for me on occasion. I would like to feel that if someone was using their home page for personal attacks, as a result of the work that I was doing to help wikitravel in good faith, that I would have the support of the community in removing those attacks. Do I? --Inas 22:20, 11 January 2009 (EST)
There is a difference between vandalism, which we always revert, and insults by strong-willed editors. I've been called all manner of things in my time here by people, some of whom have made excellent contributions to the site - it can be unpleasant, but it's a reality of having so many different personalities working together that some people will be less diplomatic than others. I've been struggling over how to put something into policy that avoids turning editors into censors of rude and strongly-worded comments, and I'm not coming up with a good solution. I really, really feel that Wikitravel works best when we are focusing on what SHOULD be written, and that we do poorly when we try to decide what SHOULD NOT be written. In this case, I think that unless we're talking about hate speech, porn, or spam, if someone wants to be rude or insulting we are better off ignoring it or dealing with it on a case-by-case basis (and only when necessary) instead of putting ourselves in a position where a statement like "I think you're being an ass" (which is inappropriate but common) devolves into an edit war. -- Ryan • (talk) • 22:31, 11 January 2009 (EST)
I think we disagree. We have many many policies on what should not be written. There is a poor irony that we even have policies against negative reviews of establishments in articles. I'm not suggesting mass policing of user pages. I just think that we need a stake in the ground. Personal attacks are not tolerated on wikitravel. Play the policy, the action, and not the person. If you make a personal attack it is liable to be removed. Doesn't mean with need to seek them out, but it puts the person trying to do the right thing on solid ground, with demonstrated support of the community. --Inas 22:44, 11 January 2009 (EST)
For what it's worth, if a vandal starts calling you names on your homepage, that means you have already won. It's the last stage in frustration for a vandal who is about to leave. -- Colin 18:18, 16 January 2009 (EST)
It's pretty much a truth that if you affect someone else on the internet -- for example, by editing someone's contributions -- you will often be on the receiving end of criticism and occasional harsh language. I don't see any way of fixing that, and I'm sure it costs us people who would otherwise be editors. My best suggestion is first to ignore it. If an editor is up to it, remember to Assume Good Faith while being criticized: try to see if there is a point within the vitriol and consider how or whether to address the genuine issue. I find that the skills I've learned on the Net have really helped me avoid taking things personally in real life. So it's a painful route to becoming a better person. -- Colin 18:18, 16 January 2009 (EST)
To quote: "User bans are an extreme last resort for us. They are embarassing, because they are an admission that our community is not strong, patient, and professional enough to deal with unwanted edits using the simple freedom built into the Wiki way."
First of all, I would submit that bans are part of the Wiki way. There's a reason MediaWiki includes the option, and it's because sometimes it's the most efficient way to deal with egregious vandalism. We may not like to have to resort to them, but sometimes they are necessary.
When necessary, though, the policy states that we must put the ban up for a vote in every case. This seems to contradict the part of the policy that says "What you should not do It is best to never acknowledge an act of vandalism ...". I suggest that in certain cases, it is far better to just block an obvious troll and be done with him or her than to initiate a discussion and allow him or her to see that he or she's successfully pulled us away from our work to discuss him or her.
Of course, if the case is anything but clear-cut, it should be discussed. But in those clear-cut cases, mandating a discussion accomplishes little except letting the vandal waste our time.
I think permanent bans are usually unnecessary, except in the case of user or bot impersonation... several of those on the permanent list right now were administrator impersonators, and I think should remain in effect. I don't think we should permanent ban or even block solely for obscene usernames, at least not before a consensus is built to do so... but most of them are established to troll and vandalize anyway, and will usually be blocked for those reasons instead – cacahuatetalk 14:23, 14 April 2009 (EDT)
I do think the policy is pretty clear as written, although it might be useful to make it more clear that Wikitravel policy does not distinguish between the terms "ban" and "block," since this has been a point of confusion in the past as well. As a general rule, I think any use of hard tools like protections/blocks that are unnecessary/ineffective should be avoided—Wikitravel is considerably more open than most wikis, and that's both a founding philosophy and rather a point of pride. Temp blocks for move vandalism, or other very high volume and rapid vandalism is useful just to slow it down and create room to clean up, but I don't think that a block of more than one day is ever necessary for this. Permanent bans are ineffective, since users can just change their ips, or register new accounts.
The permanent bans we do use are those that prevent the use of an unacceptable user name. Thus far that has only been applied to impersonating usernames, but I would like to see that widened. There is one user account in particular at special:ipblocklist that seems to me unacceptable, both for profanity and for cyberbullying. I'd definitely like to allow permanent blocks for cyberbullying names. Profanity is a trickier issue (where do you draw the line?), and potentially a slippery slope. Although cultural slurs might be a good place to start. This is a more important issue on Wikitravel than most other wikis, since we attribute contributors visibly at the bottom of each article. --PeterTalk 16:36, 14 April 2009 (EDT)
Forgot to respond to the point about ban nominations going against our goal of not drawing attention to trolling/vandalism—that is a good point, but I think we can mitigate that problem by hyperlinking to the user's contributions, and not printing the actual name on the ban nomination page. That wouldn't always be appropriate, but for usernames that are designed to agitate, I think that would be useful. --PeterTalk 16:45, 14 April 2009 (EDT)
I agree that we could widen the scope of unacceptable usernames. LtPowers 22:03, 14 April 2009 (EDT)
I think we should distinguish between bans and blocks, especially now that they're entering into our consciousness a bit more now... blocks are more short term, bans are permanent or long term, right? I don't have a real problem with starting a username policy, but as Peter said it's hard to know where to draw the line, and becomes another thing to police. So far it hasn't been an issue since all of the offensive ones created have been used for vandalism and trolling – cacahuatetalk 17:41, 15 April 2009 (EDT)
I think that it would just muddle things to use these as separate terms. There is but one sysop function, and we can distinguish between short term and long term by just specifying the length of time (the basic relevant terms being "≤1 day," ">1 day," and "infinite").
I think the issue is preventing really unacceptable usernames, like the one referred to above, from showing up at the bottom of articles. This problem doesn't arise if we properly revert the edits, but if there are intervening edits then we don't have the ability to remove them by hand (aside from painstaking page restorations). --PeterTalk 19:12, 15 April 2009 (EDT)
Drawing the line as a matter of policy would be very difficult, but doing it via nomination/discussion is much less so. I'm going to go forward and unblock the rest of the permanent bans that don't meet our policy standards, but I will leave the most offensive one blocked, and will put it up on the nominations page. --PeterTalk 19:12, 15 April 2009 (EDT)
Cacahuate, the distinction between "block" and "ban" (on Wikipedia, at least) is that a block is a technical measure, usually used to implement or enforce a ban, which is a consensus opinion that a particular user shouldn't be contributing to the wiki. Thus, a user could be banned but not blocked if that technical measure was overlooked or seen as unnecessary, and a user could be blocked but not banned if the block was performed without consensus or as a strictly temporary measure. Note that a ban needn't be indefinite; EE's one-month break was clearly a ban (and it was one that was almost implemented without a block being used) despite it being of limited duration.
Using that terminology, then, it is "banning" that the Wikitravel community abhors, maintaining the "block" as a necessary technical measure for limited other applications.
Two more infinite blocks were instated this month for page move vandalism.... are we going to fix policy or unblock them? – cacahuatetalk 20:25, 18 May 2009 (EDT)
I agree with LtPowers that we should widen the scope of unacceptable usernames. I think a vandal drawing us into a ban nomination and seconding process for an obscene username created to vandalise is giving them a victory of sorts. Since this isn't particular to wikitravel, I think we should just steal the wikipedia policy on usernames. Blocked on sight by admin, or when alerted to an admin, and then if anyone at all disagrees - they can be nominated and discussed. --Inas 21:38, 18 May 2009 (EDT)
In fairness too, the blocks are of the same person, who already has been nominated, with support. I support Ian's proposal, provided it is limited to obviously obscene usernames. Otherwise I think we can just stick to temp bans for page move vandalism (since vandals can just create new accounts). --PeterTalk 21:50, 18 May 2009 (EDT)
In my opinion, the problem with the page move vandal (Willy on Wheels?) isn't his usernames, it's his actions. It's the same guy, we know him on sight, he's never contributed anything useful, and he's been blocked umpty-ump times before, so we can block him again as soon as he starts misbehaving again.
Now, we might someday need an obscene names policy if we start getting factual, comprehensive and incredibly useful edits from a User:Anal Cunt... but until then, this is a hypothetical problem. Jpatokal 22:38, 18 May 2009 (EDT)
(provided no one mistakenly edits a vandalized page before the vandalism is reverted.) --PeterTalk 23:01, 18 May 2009 (EDT)
Sorry, I don't understand what you're getting at? AFAIK Mediawiki doesn't have a mechanism to prefilter obscene names, and any such blacklist would be trivial to circumvent anyway -- one of the aforementioned usernamed already used "çunt" with a ç. And if the username gets into the history, there's not much that can be done about that either... Jpatokal 23:12, 18 May 2009 (EDT)
Now I'm confused too—I think this discussion is just about the leeway we have in blocking users with obscene usernames, not anything about blacklisting them. And yeah, keeping them out of the article history is impossible, but it's nice to keep them off the article itself. --PeterTalk 23:16, 18 May 2009 (EDT)
We have current issue where admins have been indefinitely blocking users who have been indulging in vandalism, and who have created obscene user names. This was raised by cacahuate as a breach of current policy. We are simply trying to legitimise the action, and avoid the situation where a vandal can create obscene user names and have fun watching us list them in order to have a block of longer than 24 hours. Lets change the policy to allow an indefinite block on obscene usernames, that legitimises the current practice, does no harm to wikitravel. If anyone wishes to object to a block, they can do so, and use the current process. --Inas 23:30, 18 May 2009 (EDT)
Again, I object to a blanket ban on "obscene" usernames. However, I'm perfectly fine with an indefinite ban on all manifestations of "the page move vandal", who changes usernames often, but can be identified easily because he repeatedly moves pages to silly titles. Jpatokal 23:44, 18 May 2009 (EDT)
I can't see how that can be framed into a policy. The creation of these obscene usernames is a form of vandalism in itself. I'm sure the vandals consider it to be. IMO trying to frame a policy based on "the move page vandal", is considerably more arbitrary and subject to scope creep, and is far more likely to result in bans, than an obscene username bans you are trying to avoid. Anyway, I'd be interested to see what others have to say.. --Inas 23:53, 18 May 2009 (EDT)
Mr. Guillaime brought up the idea of using range blocks  to combat vandalbots running across a specific subnet. They wouldn't be hard to enable, but they're a really heavy-duty tool, so I thought some discussion would be in order. --PeterTalk 15:17, 20 April 2009 (EDT)
I think it's a good idea, Wikipedia admins all have this tool no? --Stefan (sertmann)Talk 15:25, 20 April 2009 (EDT)
Yes, sysops on all Wikimedia wikis have it. --PeterTalk 15:49, 20 April 2009 (EDT)
No more comments? The point of having this tool would be to stop vandalbots that change ips rapidly and hit large numbers of pages. We had a problem with this type of vandalism recently, and this tool would be the only effective way of halting it that I know of. Were a vandalbot of this nature simply let loose with no time constraints, that would be a problem that we could not really solve with the tools we currently have.
If we do introduce it, I think we should have a very strict policy governing its use—I would propose no range bans lasting more than two hours without a ban nomination, and that the tool should only be used in extreme situations (as described above). --PeterTalk 00:27, 24 April 2009 (EDT)
I can't think of any reason not to. LtPowers 11:08, 24 April 2009 (EDT)
Alright, I'll rfc this just to make sure that people aren't missing it (have administrators forgotten to watchlist this page?). If no one objects, I'll put in a tech request at the beginning of May. --PeterTalk 16:34, 26 April 2009 (EDT)
Provided usage is limited (no more than 2-24 hours without a nomination) I'm fine with this. I'd suggest we specify that usage of this tool should be rare, but if it's limited to sysops that shouldn't be a problem. -- Ryan • (talk) • 15:13, 30 April 2009 (EDT)
And provided that account creation is not disabled. These bots that you are referring to don't seem to create accounts. --Inas 19:13, 30 April 2009 (EDT)
OK, I'm actually a bit surprised at just how much support there is for this mechanism. It is kind of nice to see a new consensus formed—we haven't had many of those lately... Anyway, I'm filing a tech request that will probably go ignored. If the tech team never gets back to us, I'd recommend someone other than me pesters them to do it, since I no longer have a very good relationship with them. --PeterTalk 20:07, 2 May 2009 (EDT)
Now that range blocks have been activated, we need a clear policy to govern their use. The first bit should simply be: Unless you are well-versed in the proper usage of these blocks, do not use them. That includes me—the technical details of range block implementation is a bit over my head, so I have no intention of risking them.
Beyond that, some basic rules should include length (short!) and how wide a range would be acceptable. I would say an initial limit of one hour would make sense. The second part is not something I would know. --PeterTalk 18:40, 24 August 2011 (EDT)
Range blocks are an exceedingly powerful and potentially dangerous tool that can be used to combat particularly tech-savvy vandals by blocking an entire range of IP addresses from which they are attacking the site. Details of their usage can be found at . While this is a tool that hopefully will not need to be used the following guidelines are in place should such a block be required:
Unless you are well-versed in the proper usage of these blocks, do not use them.
A range block is a last resort. Do not implement a range block unless blocking individual IP addresses becomes impractical.
A range block should be implemented for the shortest time period possible to stop any vandalism. In general, the larger the range of addresses being blocked, the shorter the block should be. Like most short-term blocks, a block of 1-2 hours is generally a good start, with increasing time periods allowable for repeat offenders.
The ability to move pages should be confined to administrators, like the delete button and the rollback button. Page moves are a popular target for spree vandalism, and there's no purpose served by having it open to everyone — it's not like the task of moving pages is so frequent and onerous that the entire site needs to pitch in. At very least, it should be restricted to users who have reached X number of edits or months as a registered user. Gorilla Jones 00:09, 19 May 2009 (EDT)
Restricting moves to administrators seems a bit too strict to me, as non-administrators make a lot of good use of the tool, and I'd hate to see more tasks fall within the sysop-only category. (I'd really like to see the "auto-delete on move reverts" feature implemented, but our tech team is near-worthless.) I definitely would, however, support restricting moves to 30-day users, as we do for patrolled edits. (Sadly, this again would necessitate support from our tech support, which is not supportive.) --PeterTalk 00:19, 19 May 2009 (EDT)
I tend to agree with Peter here. I don't think the inability to move pages is going to be a huge deterrent to new users, but there's no need to keep all non-admins from using the tool. LtPowers 08:50, 19 May 2009 (EDT)
But then why don't we hand the 'delete' button to the entire user base as well? Some non-administrators would make good use of the delete button, and we'd get the occasional vandalism spree with it, which would be time intensive to clean up...exactly like the 'move' button. At very least, restricting access to long-established users is a common sense decision. Gorilla Jones 18:35, 19 May 2009 (EDT)
Well, if we allow both moves and deletes, a lot more damage can be done than with just one or the other. That might have something to do with it. LtPowers 18:45, 19 May 2009 (EDT)
I'm with Gorilla Jones here. I think the/we admins are usually very responsive (atleast for these types of things), so if we make a non bureaucratic move request page without votes and all that Jazz, and direct any discussions to the respective talk pages, I can't see a request go unnoticed for more than a few hours. But I'd also much prefer limiting it to 30-day users if that would be possible --Stefan (sertmann)Talk 18:56, 19 May 2009 (EDT)
If I understand the mediawiki config correctly, we must already have a group setup for 30 day users (to enable them to patrol) and we must already have group for sysops. Therefore the complexity in restricting moves to 30 day users and to sysops would be identical. So, if the preference is for 30-day users, then why not do that? --Inas 19:42, 19 May 2009 (EDT)
On Wikipedia this stuff I don't think is allowed for non users, so if we keep it to only registered users, or perhaps ones that have been here for a month, like that patrolling. That would be good. The same can be done for creating articles. But thats a different topic. edmontonenthusiast [ee].T.A.L.K. 19:59, 19 May 2009 (EDT).
I wonder how we differentiate "add the business I own and leave a negative feedback for the competitor's" from genuine contributoions of travellers "I didn't like this, but found an alternative".
Right now I'm about  and , but I face similar question one or two times per month. --DenisYurkin 04:53, 4 July 2009 (EDT)
I feel like I've seen more of these sort of suspicious edits lately. The only thing to do, I think, is to just undo the negative comments per Wikitravel:Avoid negative reviews. If there is a real problem with the place, and it's not just slander from a competitor, then hopefully the contributor will bring it up on the talk page? --PeterTalk 14:16, 4 July 2009 (EDT)
Thanks Peter, I followed your advice. Any objections to adding something like this to the policy? Where we should stick it? And not sure I understood how exactly this advice is related to Wikitravel:Avoid negative reviews. Could you explain please? --DenisYurkin 15:20, 4 July 2009 (EDT)
A review that says something negative about a location is a negative review. Your example clearly adds a negative twist to the listing. I think it fits.
While all edits are welcome, those from anonymous users are naturally up for greater scrutiny. Users with usernames can build trust in the community, which I think is important when considering when to keep or remove negative reviews, and when they are in question, it can be brought up on the user's Talk Page. It's a benefit of having an account. ChubbyWimbus 15:33, 4 July 2009 (EDT)
This might not be the right place to ask this question and if there is a patrolling discussion page anywhere please direct me there. I suspect not, but is there way to mark more than one edit at a time of the same article as patrolled? Eg, when an anon user makes 15 good edits in short time, can they all be marked as patrolled in one hit? --Burmesedays 12:05, 1 December 2009 (EST)
If you go to "Preferences" then "Recent Changes" there is an "Enhanced Recent Changes" option. Selecting that will show recent changes grouped by article. You can then click on the "X changes" link to see all changes to the article and mark them all patrolled at once if appropriate. -- Ryan • (talk) • 12:07, 1 December 2009 (EST)
Thanks Ryan and thanks Peter for the link to Wikitravel:Recent changes patrol. That was so easy.... I was trying to do it from the history screen for the page. Thanks again. --Burmesedays 20:44, 1 December 2009 (EST)
Is there any way we would ever allow this user to edit? The very username results in a perception of bias, even if the user was making otherwise acceptable edits (which it isn't). LtPowers 09:33, 13 October 2011 (EDT)
We've been pretty liberal with user names in the past - the first page of Special:Listusers has some pretty extreme examples - so if you're proposing a permanent block I would instead suggest just using the standard rules for vandals and use blocks of increasing length. Current policy is that only doppelgangers and spambots should be permanently blocked without a nomination. -- Ryan • (talk) • 10:23, 13 October 2011 (EDT)
I don't see the point of escalating blocks in this case, because no edit it ever makes could ever possibly be acceptable. LtPowers 17:10, 13 October 2011 (EDT)
Policy for blocking multiple vandal accounts
At Wikitravel:User ban nominations#22.214.171.124/18 I stated that I had permanently blocked several accounts created by a high-volume vandal, and it was noted that the policy I cited as justification isn't completely applicable. I can't possibly imagine why it would be a good idea to allow a known vandal to have more than one registered account - while I hate to acknowledge a troll, for the purposes of discussion see the following for this particular user's history (also see recent changes on shared from 12-April, and Special:Logs/delete for the past two weeks):
When multiple registered accounts have been created by a single user for the purposes of vandalism, those accounts are subject to permanent blocking without the need for a nomination. If the user later demonstrates a desire to contribute constructively they can request that one of the accounts be unblocked. The reason for this policy is that a user account has rights and abilities that an anonymous account does not (auto-patrolled edits, the ability to move a page, ability to upload files, etc), and a known malicious user with access to numerous accounts thus has the potential to damage the site in ways that an anonymous user cannot. Please note that if a vandal is using a single account then that account is subject to the normal rules with respect to blocks and nominations.
Not at all wanting to stop any policy which allows us to discourage vandals, but does this mean that a user with a single account or anon has to go through the normal increasing block/nomination process, but one who creates two accounts that we suspect are linked that they can both be blocked indefinitely without nomination? --Inas 00:15, 17 April 2012 (EDT)
That's a good point, although I'm having trouble putting into words an appropriate guideline that would allow permanently blocking a dozen sock puppets of someone who is causing significant distraction, but which also makes it clear that if a few individuals in a school computer class decides to write "I like poop" in a couple of articles that we don't come down hard on them. What about something like "While individuals who deface a handful of pages can be annoying, such edits should be handled with simple reverts. However, some individuals may return repeatedly to deface dozens or even hundreds of pages. In such cases, if the user in question creates multiple accounts..." ? -- Ryan • (talk) • 00:48, 17 April 2012 (EDT)
That looks like good phrasing to me. Ikan Kekek 03:19, 17 April 2012 (EDT)
First, I wanted to point out our very obscure "non-policy" on Wikitravel:Sock puppets. Second, can we return to the problem of identifying them—are there tools for identifying sock puppets that we don't have (but which are available to admins on other wikis)? --PeterTalk 22:15, 17 April 2012 (EDT)
I submit that a fork of an existing wiki is demonstrably detrimental to that wiki. The only benefit to discussing a fork is the potential benefit to the new project, and none to the existing one. I propose the following policy, which is conspicuously and detrimentally absent from Wikitravel:
Discussions of forking the content of this Project are inappropriate and detrimental to Wikitravel. Anyone wishing to participate in such discussions is welcome to do so offline or elsewhere; but Wikitravel is under no obligation to provide a forum for self-destructive behavior. Discussions of forking Wikitravel content are not to take place on Wikitravel.--IBobi 21:39, 2 July 2012 (EDT)
I think this wording is too harsh, and the suggested policy too far reaching, leading to outright censorship. That has been the tack that IB has taken in the past to deal with criticism from the communities they have "run," and it has only led to terrible press for them of the sort that have encouraged the fork you don't want to talk about. I have no problem with a softer policy that requests that discussions regarding forks happen off this site, but to try and scrub out all mentions of their existence would be wrong. --PeterTalk 21:27, 2 July 2012 (EDT)
Can you suggest an alternate wording that is not so harsh? Everything but the last line?--IBobi 21:39, 2 July 2012 (EDT)
I'm uncomfortable with this proposal. While I think discussion of forking was inappropriate on Wikitravel in the past and at present (note: inappropriate, not something that should have been disallowed), I'm concerned that the current policy proposal was made with the goal of silencing a discussion, which reeks of censorship. The proper response to a fork proposal is to state why it's a bad idea, not to delete the discussion, and this was indeed the approach taken in the past - see for example one of the site's co-founders response at User talk:Hansm/Commercialisation FAQ. Beyond that, the Wikitravel:Don't tout guideline should be sufficient if any such discussion turns promotional. -- Ryan • (talk) • 22:03, 2 July 2012 (EDT)
I'm not convinced a policy is needed. For better or for worse, wikis are meant for open discussion and a project fork is noted as a viable (if undesired) option on the policy part of this page. As long as a discussion regarding a fork respects our normal guidelines for edits, I think a discussion about a fork is well within scope of the Pub or a Talk page. As Ryan said above, the best response to a fork proposal is to state why it's a bad idea, not to delete it. -Shaund 23:03, 2 July 2012 (EDT)
I'm against a flat-out ban too. If you ban that, pretty soon you'll be censoring talk about spoons, knives, sporks, tongs, and chopsticks too. In all seriousness though, a policy is not needed and would be counterproductive,making IB look even more like the bad guy for deleting it without even trying to get to the bottom of it and figure out why the community finds it necessary and/or offer solutions/counter arguments. That said, I don't think you'll see a lot of touting about it here. We just wanted to warn folks, that's all. texugo 23:59, 2 July 2012 (EDT)
+1 to all of the above. jpatokal 00:16, 3 July 2012 (EDT)
A fork is disruptive, yes, but it's creative disruption in many cases. And in any case, if a fork does take place, contributors to the site have a right to know about it. The "Right to Fork" is an inherent concept in the open source community, of which Wikitravel is a part. Some choice quotations from that link: "What's unique to free software projects in this perspective is the lack of physical property, so the only sacrifice is the loss of connection with the members left behind. Managing such projects to avoid forks requires more openess and tolerance, since the loss implied by a fork is smaller."; "Others recognize that a fork is mostly acrimonious in cases where there has been at least a perceived failure of leadership." LtPowers 09:58, 3 July 2012 (EDT)
I believe that under normal circumstances, in a healthy wiki community, a mere pointer to a discussion about a potential fork is not the same as touting. A potential fork is of such direct interest to a community, that the people involved have a right to know something is going on. I would always be against any policy preventing the mentioning of relevant plans elsewhere. I can however see how in-depth discussion on the how's and when's of a fork can be considered bad faith or bad taste at least. Therefore, I wouldn't have a problem with such deeper discussions being discouraged or even banned at the original site, but I don't think it's simply a case of hard policy. A wiki community has a high level of self-regulation, as in fact was shown immediately by Peter's request to not discuss in the Pub, or on WT in general. For the record, I too thought the plain removal of comments there by an IB employee was a mistake, making it painfully clear once more that IB struggles with how a wiki community works.
The problem is not that pointer to a discussion elsewhere. If this were a blooming project with a happy community, that pointer would arouse more opposition and arguments against, than anything else. Then, the community of the Wikimedia Projects would also be more hesitant to take steps which can indeed be destructive to the community here. The real problem is, this is not a blooming project nor a happy community, and an overwhelming majority of active members believe the goals of the project (the content!) are better off elsewhere. Visitor numbers are not the same as community. Not at all, in fact. Now, with all this in mind, I oppose to a full-out ban of fork-discussions and do not feel a speedy draft of any policy is useful at this very moment. The process this proposal wishes to silence is already far to advanced to be influenced by a ban of relevant comments here on Wikitravel, anyway. Justme 18:11, 3 July 2012 (EDT)
I'm not sure what's going on, but recently several pages that are obviously spambot creations have shown up as credited to non-spambot users. I'm also seeing entries in the user creation log where a non-spambot user "creates" a spambot account - for example . I'm guessing a bot is exploiting a security hole somewhere in the current Mediawiki version to allow impersonating other users, but until this gets resolved admins should be careful about permanently blocking spambot users since the "user" credited as creating spam pages may not actually have created the page. -- Ryan • (talk) • 18:59, 14 July 2012 (EDT)
This could potentially be an exploit for , which was fixed in Mediawiki 1.17.2 - the site is currently running 1.17.0. -- Ryan • (talk) • 19:20, 14 July 2012 (EDT)
Good call. I'd consider this an emergency situation that requires an immediate patch. LtPowers 21:25, 14 July 2012 (EDT)
UPDATE -- tech is testing the patch today and tomorrow. Hope to implement this week.--IBobitalkemail 14:16, 18 July 2012 (EDT)
I'm logged in with Chrome right now for the first time since the upgrade. The first time I tried it, I got the same "session hijack" warning that AHeneen reported. I immediately hit logout (I appeared to be logged in as a spambot) and re-logged in without problem. LtPowers 14:46, 18 July 2012 (EDT)
I have increasing troubles to delete spambot created pages. Even if i delete and block, they stay in the recentchanges page. If i try to delete them again, then it shows me that i have already deleted it. I use Firefox and cleaning up is really nasty at the moment. Jc8136 16:08, 18 July 2012 (EDT)
This is an awful problem to have lived with for a week. It's messing up our contributors' contributions histories, which will be real lasting damage, and it's very hard to patrol edits when trusted accounts are being hijacked by bots. --PeterTalk 00:52, 20 July 2012 (EDT)
Understood, everyone. We've been testing the patch internally on staging servers all week, and it is expected to resolve the spambot issue as well as the deletion error.
We are reluctant to make this update today because it is before the weekend, and it is a very large change. When implemented it will also require the cache to reload, which will cause the site to be slow for a few hours as pages are recached. Again, we will implement on Monday 7/23/2012. Thank you for your patience and contributions in getting this handled.--IBobitalkemail 16:10, 20 July 2012 (EDT)
This is now causing serious collateral damage to real users, per this account -- accidentally blocked because the system mixed up their valid login with a blocked spambot. Until this is fixed, I'm going to have to stop blocking spambots entirely to avoid such damage and recommend that other administrators do the same, which is only marginally the best of two terrible solutions. A fix is urgently needed. -- D. Guillaime 12:25, 24 July 2012 (EDT)
It looks like the upgrade to 1.17.5 happened some time this morning, so it would be good to watch and see if the incorrect attribution problem re-occurs. If a couple of days go by without seeing the issue again then it's probably safe to say that this has been resolved. -- Ryan • (talk) • 13:18, 24 July 2012 (EDT)
Yes indeed. We're hoping the spambot issue is resolved now, though there does seem to be an indication that the deletion intermittent error is still happening. We'll keep watching. Thank you,--IBobitalkemail 14:15, 24 July 2012 (EDT)
While the amount of spambots is significantly reduced today and my deletions were successful i just come across one deletion that didn't work. Jani deleted  and it was still in recent changes as not deleted. It's the only missed deletion today, so it might be worth to check. Jc8136 09:37, 25 July 2012 (EDT)
I tried to block User:Sifang65tl to it took two trials to finally delete the spam. I don't know if someone else has this issue today? Jc8136 11:28, 25 July 2012 (EDT)
I've been afraid to block anyone for what seems like a couple weeks now, since I just don't know what's going to happen. Looking back on it, though, I probably should have blocked myself when my account was, presumably, compromised. --PeterTalk 14:06, 25 July 2012 (EDT)
It's definitely still happening; yesterday I successfully made deletions on several spambot accounts that had been persistently resisting deletion by other mods (Ryan), but came across one that I was not able to delete after 4 tries Towandaorob; I just tried again and still cannot delete it.
Our techs are investigating a misconnection between the WT database and mySQL as a possible culprit, and I'll keep you updated on progress.--IBobitalkemail 14:09, 25 July 2012 (EDT)
I'm fairly confident no accounts have actually been compromised by the session hijacking (and at any rate, I think admins can unblock themselves so it's questionable how effective a block would be anyway). LtPowers 14:55, 25 July 2012 (EDT)
No accounts have been compromised, it's true. The issue is one where new accounts could be spawned off of existing ones. I concur, blocking our own accounts is probably not effective, as the bots will just use other existing accounts. Now, if ALL accounts were blocked, I would be curious to see what would happen; but that's a long way to go for curiosity ;)--IBobitalkemail 15:25, 25 July 2012 (EDT)
Shaund and i tried to delete [] but it was not possible to delete that newly created spam. Can someone else try to delete it? Jc8136 03:11, 26 July 2012 (EDT)
It appears that the 1.17.5 patch did not have the intended effect of stopping spambots from spawning new accounts. We will continue to investigate a solution.--IBobitalkemail 18:43, 30 July 2012 (EDT)
IBobi: How is your plan to solve this issue? Any strategy? The contamination of the spambot attacks requires a lot of capacity that is lost for other aims. Jc8136 07:54, 31 July 2012 (EDT)
The immediate response, as suggested above, was to patch the site with 1.17.5, which we did. All software updates are resource intensive, and in this case it did not resolve the issue, so tech is looking further at this. I will post an update as soon as I have one.--IBobitalkemail 14:20, 31 July 2012 (EDT)
Yesterday the cache was totally cleared; this slowed the site but also propagated all new changes from the 1.17.5 patch; please report if the spambot issue persists today.--IBobitalkemail 18:25, 31 July 2012 (EDT)
I'm getting a lot of complaints from innocent users whose accounts are getting caught up in spambot blocks. I'm not sure whether we need to change all recent spambot blocks by unchecking "Automatically block the last IP address used by this user, and any subsequent IP addresses they try to edit from," which I am afraid would threaten the integrity of the site but might not prevent innocent users from being blocked. Have a look at this exchange in my user talk page: Ikan Kekek 16:16, 3 August 2012 (EDT)
This problem is severe and grave enough that I think we should stop blocking spambots. --PeterTalk 17:13, 3 August 2012 (EDT)
And there goes the site. I mean, maybe you're right, and we can refrain from blocking spambots for the short term, but allowing spambots to run rampant will kill this site pretty quickly. Ikan Kekek 19:34, 3 August 2012 (EDT)
I don't think there's any evidence that spam edits are still being incorrectly credited to non-spambot users, so I think it's safe to block spambots if you uncheck the "Automatically block the last IP address used by this user, and any subsequent IP addresses they try to edit from" box. -- Ryan • (talk) • 21:52, 3 August 2012 (EDT)
Should "Block anonymous users only" be checked or not? I was thinking not, because the spambots I've been blocking have been registered users. Ikan Kekek 23:43, 3 August 2012 (EDT)
It looks like 10-20% of all edits are being assigned to the same internal IP address (Special:Contributions/10.17.32.138), so I'm not sure what the right thing to do is. Until that gets sorted I'm going to start leaving all of the checkboxes unchecked when blocking a user. -- Ryan • (talk) • 12:27, 4 August 2012 (EDT)
The original issue, spambots impersonating real users, may still be a problem - see , which occurred today and show a very old, non-spambot account, creating a spambot account. -- Ryan • (talk) • 18:08, 6 August 2012 (EDT)
Thought I ought to point out one thing, already mentioned on Ikan Kekek's talk page. A cursory glance down the "Recent changes" file reveals that spambots are not being blocked at all. How can new users spawn new users, typically inside an hour? The three most recent examples that I can see are JewelWalden8 and MayaLunsford8 at 02:59 and 03:48, and PearlKelly2 and BirthaVaughn8 at 00:37 and 01:09, and Biber and User:GIZ RED SINGBEBAS at 01:45 and 02:11. All times taken from whatever clock my PC and Wikitravel account have decided to use. Jnich99 01:43, 6 August 2012 (EDT)
I have added a bug report here Spambots and added it to Top Bugs; please make any additional reports on this issue in its bug report page. If you can help flesh out the description of the bug or its behavior, please add them to the page.--IBobitalkemail 19:28, 6 August 2012 (EDT)
How is this vandal that I blocked able to still make edits, as an unregistered user, to a page that I protected from edits by unregistered users? See User talk:126.96.36.199Ikan Kekek 21:27, 29 April 2012 (EDT)
A blocked user can still edit his talk page with the current Mediawiki version. Similarly, it doesn't appear that protecting a page has any effect unless the page exists - you can create a page with a note indicating why it will be protected and then protect it, and things should work as expected. -- Ryan • (talk) • 22:00, 29 April 2012 (EDT)