[00:09:58] <Archimedes1560[m>	 Not really unsafe considering that's how wikis work in general lol
[00:10:06] <Archimedes1560[m>	 Older users are used to it and newer users just don't use talk pages
[00:14:16] <qomp>	 it's unsafe without a ton of additional security
[00:14:21] <qomp>	 Or does the base install revert vandalism
[00:42:59] <Archimedes1560[m>	 Users revert vandalism 🙃 
[00:42:59] <Archimedes1560[m>	 And there is edit history
[00:51:30] <qomp>	 so no
[00:51:47] <Izno>	 As I said before, the default and design of wikis is that people can do things themselves
[00:55:49] <qomp>	 Sure, but there's options to alter thta
[00:55:53] <qomp>	 Which is what I'm trying to figure out
[00:56:02] <qomp>	 I kind of don't need to know 50 ways of how not to do it
[00:58:13] <Archimedes1560[m>	 The thing is that there isn't really a way to allow only particular kind of edits
[00:58:13] <Archimedes1560[m>	 You would either need to create a new way to submit them or make an interface
[01:04:26] <qomp>	 So far I've been able to create a user group that only allows that group to create pages
[01:04:30] <qomp>	 or edit pages
[01:04:47] <qomp>	 Now I need a way to stop users from being able to delete entire Discussion pages but still be able to comment
[01:04:50] <qomp>	 It's about 80% there
[01:05:00] <qomp>	 The only remaining thing I need to be able to remove is users being able to edit source of the discussion page
[01:20:06] <Lehran0605[m]>	 Partial blocks for specific pages. Extension:AbuseFilter for things that fit definable patterns.
[01:21:02] <Lehran0605[m]>	 But the better idea is to just live with it. Most users are respectful of not editing what others say short of fixing typos. If they do something dumb, warn or block them
[01:22:27] <Lehran0605[m]>	 Chances are those people won’t be good editors elsewhere either
[01:31:44] <qomp>	 The real chances are that a bunch of dipshits will flock and deface
[01:31:47] <qomp>	 That's the reality 
[02:53:17] <Dinoguy10003726[>	 you're trying to do something MediaWiki isn't designed for; you might want to set up a forum install and direct discussion there instead
[03:34:47] <qomp>	 nah
[03:34:54] <qomp>	 It does exactly what we need it to
[03:35:04] <qomp>	 We just want to restrict users from defacing it or ruining finished pages
[03:39:43] <qomp>	 But make comments on discussion pages without deleting the entire thing if they decided to
[03:39:49] <qomp>	 Pretty simple really, not simple to implement annoyingly
[03:54:14] <Izno[m]>	 If it were simple, it might already have been implemented 😉
[03:59:03] <qomp>	 there's already ways of doing it, I just don't fully understand it
[03:59:05] <qomp>	 hence asking here
[03:59:19] <qomp>	 But so far I've just been told 10 reasons not to even try 
[04:00:55] <Izno>	 which usually means either what you're doing is really just not worth it/not a good idea, or there isn't something "easy" that will get you what you want.
[04:01:00] <qomp>	 ok
[04:01:58] <qomp>	 Any idea why this https://www.mediawiki.org/wiki/Extension:StopForumSpam
[04:01:59] <qomp>	 causes this
[04:02:05] <qomp>	 [Y84GnkZTL0p-0If_PNUiRgAAzzY] 2023-01-23 04:01:35: Fatal exception of type "Error"
[05:29:02] <Dinoguy10003726[>	 even if you figured out how to prevent people from blanking pages, they could still do stuff like using CSS to force a full-window display of whatever they wanted (Wikipedia templates have occasionally been vandalized in this way)
[05:30:08] <Dinoguy10003726[>	 anyways, unless you know for a fact that your wiki would be an immediate and major target for this type of shenanigans (e.g. if you're trying to run some chan or booru thing), you're worrying way too much about this hypothetical
[05:31:13] <Dinoguy10003726[>	 honestly you'll probably have more instances of undirected spambot talk page creations than you ever will with users intentionally blanking or vandalizing talk pages
[06:06:43] <qomp>	 How do you make visual editor paste copied text with hyperlinks
[06:06:50] <qomp>	 instead of dropping the hyperlinks and making it all plaintext
[06:20:22] <qomp>	 i had to use like 3 converters
[08:38:27] <qomp>	 what's the best antispam/security extensions?
[08:38:51] <qomp>	 ConfirmEdit just breaks the entire site
[08:43:54] <qomp>	 never mind i just fixed it 
[08:44:03] <qomp>	 ok so if something breaks i just try to fix it for hours then ask here and it works instantly
[08:44:05] <qomp>	 kool
[08:48:41] <Vulpix>	 that happens more often than you can imagine :D
[09:45:15] <qomp>	 ok so I have the confirmedit installed
[09:45:23] <qomp>	 i use visual editor which breaks most of the captcha options
[09:45:50] <qomp>	 im using wfLoadExtensions([ 'ConfirmEdit', 'ConfirmEdit/QuestyCaptcha' ]);
[09:45:55] <qomp>	 the question appears when you try to post on discussion page
[09:46:01] <qomp>	 you enter the answer, hit submit
[09:46:02] <qomp>	 and nothing happens
[09:48:06] <qomp>	 what do
[10:00:09] <Vulpix>	 nothing happens means the form isn't submitted, you're returned to the same edit form...?
[10:02:36] <qomply>	 yes
[10:02:44] <qomply>	 the form isn't submitted
[10:02:46] <qomply>	 but the answer is correct
[10:02:52] <qomply>	 it just goes back to the same page
[10:02:54] <qomply>	 do you want to test?
[10:03:24] <qomply>	 https://tinyurl.com/5bjpabfd
[10:03:32] <qomply>	 I have everything setup as it should be
[10:03:44] <qomply>	 It isn't throwing any kind of error though it just doesn't enter the comment
[10:08:02] <qomply>	 ok
[10:08:05] <qomply>	 i think i figured it out
[10:08:33] <qomply>	 it was a missing '
[10:08:35] <qomply>	 ffs
[10:11:13] <qomply>	 i got dc'd in case someone spoke. but yes it was a missing character
[10:11:44] <qomply>	 In normal fashoin i figured it out right at the end and after talking in here
[10:18:37] <Vulpix>	 :)
[10:19:27] <qomply>	 none of the decent captchas work with visual editor
[10:24:13] <Vulpix>	 Interesting. Captcha works on Wikipedia Visual Editor at least. I'm not sure if the one they use can qualify as decent, though
[10:26:42] <qomply>	 Most of the options listed on the ConfirmEdit page say they dont work with VE
[10:26:49] <qomply>	 or they're something stupid like 1+1
[10:27:01] <qomply>	 i assume wikipedia coded in a captcha another way
[10:27:20] <qomply>	 but they have a lot of other security also, which i do not
[10:27:21] <qomply>	 yet
[10:39:54] <MatmaRex>	 they all work with VE, and we use ConfirmEdit's FancyCaptcha on Wikimedia wikis
[10:40:06] <MatmaRex>	 🤷‍♂️
[10:41:16] <qomp>	 The extension page states which ones do and dont work with VE
[10:41:27] <qomp>	 I tried the others already and they didn't work
[10:41:34] <Vulpix>	 !e ConfirmEdit
[10:41:34] <wm-bot>	 https://www.mediawiki.org/wiki/Extension:ConfirmEdit
[10:41:35] <qomp>	 Etymology: http://www.etymonline.com/index.php?allowed_in_frame=0&search=ConfirmEdit&searchmode=none
[10:42:17] <qomp>	 fancycaptcha looks a whole lot harder to install
[10:42:36] <Vulpix>	 the only mention to VisualEditor I see is "ReCaptcha will not work with the VisualEditor."
[10:42:56] <qomp>	 hcatpcha
[10:42:58] <qomp>	 recaptcha
[10:43:09] <qomp>	 basically any that aren't bot smashed already because its some lame math equation
[10:43:25] <qomp>	 which makes those options worthless as antibot/spam
[10:43:45] <qomp>	 (the ones that bots have already owned)
[10:44:15] <Vulpix>	 recaptcha has been largely bot owned already
[10:44:23] <Vulpix>	 QuestyCaptcha isn't
[12:03:24] <MatmaRex>	 i think ReCaptcha should work as well. i remember someone working on that recently
[14:08:59] <Prodigion3714[m]>	 Hcaptcha is also broken
[14:09:29] <Prodigion3714[m]>	 Any of my sites that use it are getting tons of bot accounts
[14:09:59] <Prodigion3714[m]>	 Those on questy are fine
[16:01:08] <bawolff>	 Our documentation for new developers is really terrible
[16:01:13] <bawolff>	 Like really terrible
[16:01:23] <bawolff>	 I'm actually shocked anyone makes it through
[17:53:25] <Archimedes1560[m>	 So literally none of the mainstream ones
[17:54:55] <Prodigion3714[m]>	 It's going to get even harder with ai these days. Even questy will be easily broken
[18:02:59] <Archimedes1560[m>	 As soon as it gets popular enough you will get "1000 captchas for 1$" service
[18:57:20] <atxatx4928[m]>	 hCaptcha works with VE since 1.35
[18:57:55] <atxatx4928[m]>	 But yes the hCaptcha on create account got bypassed a few years ago
[18:57:56] <atxatx4928[m]>	 I'm not entirely sure how
[19:05:02] <Reedy>	 Be useful to know why it's broken...
[19:51:29] <AntiComposite>	 at one point the most common hCaptcha bypasses were through the a11y system, don't know if they fixed that
[21:50:27] <atxatx4928[m]>	 Honestly no idea, we tried disabling create account in Action API but it didn't help, so I suppose it is going through the page
[21:51:09] <atxatx4928[m]>	 We just decided to fallback to Questy for now until there is a better alternative
[22:16:09] <Dinoguy10003726[>	 Questy's the only major antispam measure we've used on Yugipedia
[22:16:49] <Dinoguy10003726[>	 it's not perfect by any means but we've gotten less than one spam page/edit per month on average, across the whole 7-ish years the wiki's been running, with ~1 million pageviews a month
[22:44:20] <qomplyeet>	 Dinoguy10003726[ how complex are your questy Q's?
[22:44:28] <qomplyeet>	 I have 1 that only community members should know
[22:44:34] <qomplyeet>	 All the other captcha options are useless/don't work
[22:45:08] <Dinoguy10003726[>	 they aren't, it's an incredibly basic fact about Yu-Gi-Oh!
[22:45:13] <Dinoguy10003726[>	 and just a single question
[22:45:23] <moonmoon>	 and questy might be broken because of chatgpt at some point
[22:45:27] <Dinoguy10003726[>	 (though we have some others in reserve in case that one ever gets widely broken)
[22:45:54] <Dinoguy10003726[>	 if that happens, anti-spam will probably pretty much be dead anyways
[22:55:00] <qomplyeet>	 mine is a question like what is X short for? 
[22:55:14] <qomplyeet>	 Only community would know the rest since it's a basic ass prefix
[22:55:26] <qomplyeet>	 hopefully that'll stop bots
[22:56:00] <qomplyeet>	 now
[22:56:16] <qomplyeet>	 Still trying to figure out how to stop users from making/editing pages and editing source on discussion but they can make comments/topics on discussion
[22:56:19] <qomplyeet>	 Then I can launch
[22:56:32] <AntiComposite>	 questycaptcha works well as long as the generic mediawiki spambots don't have a reason to care about your wiki specifically
[23:10:57] <Dinoguy10003726[>	 this is impossible
[23:11:16] <Dinoguy10003726[>	 both are editing pages, you can't restrict one without the other because they're functionally the same action
[23:11:53] <Dinoguy10003726[>	 the closest you can get is restricting page creation, which I think you've already been instructed on
[23:13:13] <AntiComposite>	 if "stop users from making/editing pages" is one of your goals, MediaWiki may not be the best software for your use case
[23:14:23] <Dinoguy10003726[>	 I pointed out yesterday that what they really want is some forum software instead
[23:18:10] <Shaun>	 it should be doable if your discussion lives in a different namespace
[23:18:35] <AntiComposite>	 you can get MediaWiki to do almost anything. Whether you should is a different question
[23:21:04] <Shaun>	 oh I know.  I wear the scars of attempts at ACLs.  I stick to the namespace boundaries because preventing users editing the MediaWiki: namespace is a well-defined mechanism that's easily re-appropriated.  
[23:22:07] <qomplyeet>	 I've been trying to fathom the namespace guide
[23:22:16] <qomplyeet>	 I can also remove links to 'edit source' using css
[23:22:22] <qomplyeet>	 the average user won't try to circumvent it