Practical Stats, MediaWiki, and SPAM!
September 8th, 2013 by Frank LaBanca, Ed.D.

This semester, I am teaching a graduate class in quantitative and qualitative methods.   As these topics are often challenging and sometimes bring out the “math phobic” in teacher-practitioner/students, I think it is very important to create learning experiences that allow the student to construct knowledge and be actively engaged (hands-on/minds-on) in the process.  To that end, I am attempting to utilize student-centered practices and limit teacher-directed instruction.

As part of the process, I am leveraging blended learning strategies.

  • Utilizing a Learning Management System (Moodle) for course resources.
  • Using this blog for my reflexivity and student feedback
  • Creating an online repository (student created) resource for domain-specific knowledge using MediaWiki

MediaWiki is the online software platform that drives WikiPedia. It has a user-friendly interface, is attractive and (purportedly) allows the instructor to focus on the content, not the platform.  However, since MediaWiki is used for WikiPedia, I have discovered that it is subject to major hacking and spamming.  I had a similar problem in the past, which required me to take down the site, and I found over the past week, the same problem reemerging.

Prior to me even populating the site with the previous data, I found that there were over 245 unlinked pages created.  Stuff about your dog’s ears, the latest stocks to buy, online gaming in China, and quite a bit of Arabic typology.  I started manually deleting these pages, which was quite tedious, and then went into the back end to find out that there were now over 12,000 users on the wiki and the front page had been “viewed” over 36,000 times.  Clearly an act of sabotage!  Either that or my “Practical Stats” popularity has become world renowned in just a few days.

Acts of Problem Solving.  Not knowing what to do, I first decided that I needed to turn off the ability for the wiki to create new pages.  I found a tutorial, access the Local php file and edited.  No more new pages . . . (Of course, now I can’t create new pages either, so this is not a long-term solution).  Some students register in the meantime.  More thinking, several days – I better turn off the ability to log on to the system and create a new account – more tutorials, local php edited again.  Now we’re pretty much shut down.  But what about all these users?  “They” (the bot-generated addresses) can potentially get back in.   A guide page suggests accessing the MySQL database via cPanel, use phpMyAdmin and find the code lines and delete them.  What does that mean?

A bit of trial and error, and I find the code and have access to 30 lines of entries (users) at a time.  I start deleting – this is going to take hours.  I look at the code above that is calling the data and decide to edit it.  How about showing 100 instead of 30.  Try that, seems to work. Let’s move faster, try “all.”  Ut-oh I’ve generated an error in the database.  A bit of haggling and reconfiguring and fffewww, problem solved.  I find that I can call 1,000 lines of data, then 2,000, and finally 5,000 at a time.   Eventually everyone is OUT.  If you are a student reading this here, your account has been deleted too.

I also deleted the bogus pages too.  Now I have to get back to populating the data and figuring out how to set up accounts.  Warning to all:  if you are installing MediaWiki, PRESET the safety protocols.

»  Substance: WordPress   »  Style: Ahren Ahimsa