I noticed last week that some excited, ambitious spam bot has been creating new users accounts and pages on our Scripto MediaWiki. I deleted about 16,000 pages last week, from approximately March of this year till now.
I updated MediaWiki to 1.40 and added an AbuseFilter rule - since all Scripto pages start with ., I made a rule that blocks anyone who tries to make a page that doesn’t start with . (excepting sysops).
However, a report from a user over the weekend pointed out that we can’t save transcriptions at all now. I’m not sure whether that rule is related, or whether it was some other panicked change I made that I’ve since forgotten about, but obviously, it’s problematic.
Are there any security recommendations you guys can make so that I can get rid of my (admittedly extremely aggressive) rule? Is there like a default security protocol to handle spam bots that I can implement?