Sputnik offers you many options for fighting Spam. You can decide how permissive or strict you want to be.
The default is to allow all users to edit any pages except for those that are central to the functioning on your wiki (such as "sputnik/config", "sputnik/templates", etc.) This is a good option for an intranet wiki or a site that has little exprosure. If it's visible out there on the Internet, however, it will likely eventually attract link spammers. We do offer some protection in the form of post tokens and honeypots. This will stop some spammers, but it won't stop all. If you are getting too much spam, you can consider the options described below.
Captcha works really well to stop spammers, but it annoys legitimate visitors a bit.
You can change your wiki to only allow logged in users to edit all (or some) pages. You can do this by editing the "permissions" section in "@Root" node. Just change the following lines:
That's it. People can no longer edit your wiki without logging in.
Ok, but spammers can create accounts too! One solution for this is to require email activation:
- Set REQUIRE_EMAIL_ACTIVATION to true
- Configure STMP parameters (SMTP_SERVER, SMTP_SERVER_PORT, SMTP_USER, SMTP_PASSWORD)
You will need an SMTP server for this. On Linux you can install postfix for this.
A different authentication method
You can use other authentication methods. See Authentication. You can be sneaky and just not let new users register.