Wikipedia:Bots/Requests for approval/FA Template Protection Bot

Operator: Chris

Automatic or Manually Assisted: Auto

Programming Language(s): PHP using Cobi's classes

Function Summary: Adds all the templates on today's and tommorow's fa to Wikipedia:Main Page/Protection which is cascade protected

Edit period(s) (e.g. Continuous, daily, one time run): on the hour

Already has a bot flag (Y/N): N

Function Details: The bot works like so:

1. Parses the name of today's fa from here (with some error checking)
2. Get's all the templates on the fa and removes those listed here
3. Formats the templates into a nice list
4. Places the formated text on Wikipedia:Main Page/Protection

The bot will only run if User:Chris G/FABot Run is set to "Run" (cases insenstive)

Since this is a request for an admin bot I have transcluded this brfa onto WP:AN so we can have wider community input. Per disscusion at WP:BN and the Adminbot rfc I am testing to see if this brfa alone can gather enough consensus for a 'crat to be willing to +sysop the bot. Also I would like to make it clear that I am and have been for some time running this bot on my main account. The bot's source code can been seen here --Chris 04:42, 16 August 2008 (UTC)[reply]

From an management side of things it's editing a protected page, big stinking deal, it's almost an instaapprove. It's the community acceptance of a +sysop flagged bot which will raise hell.

Can't exactly trial it without the flag... its a community acceptance thing, on a personal note, I have no problems with it -- Tawker (talk) 05:01, 16 August 2008 (UTC)[reply]

We could do something like have it mark it's edits with a unique flag (or link to this BRFA) in the edit summary, and, have Chris run it under his account, I can easily filter those edits via an SQL query, and, list them on a subpage of here for review. SQL^{Query me!} 05:13, 16 August 2008 (UTC)[reply]

On a sidenote, why not put the images used in it on the protection page as well? SQL^{Query me!} 05:15, 16 August 2008 (UTC)[reply]

Because then we'd have to rename the bot :P. If there aren't any objections to protecting images as well it should be a fairly trivial change to the code to get it done --Chris 05:34, 16 August 2008 (UTC)[reply]

Would the bot remove the templates from the protected page the following day? WODUP 06:11, 16 August 2008 (UTC)[reply]

Yes, it removes the old templates and adds the new ones --Chris 06:13, 16 August 2008 (UTC)[reply]

I figured as much, so far, to me, this sounds good. SQL^{Query me!} 06:23, 16 August 2008 (UTC)[reply]

Okay, sounds good. :) WODUP 06:25, 16 August 2008 (UTC)[reply]

I've updated the source so that it adds images as well --Chris 06:42, 16 August 2008 (UTC)[reply]

• It sounds pretty non-controversial to me. How difficult would it be to monitor new templates that get added to the main page subjects as the day goes on? This is another popular vandal vector; add a template that makes sense, and then vandalize it. –xeno (talk) 07:18, 16 August 2008 (UTC)[reply]
  • I could make the bot run every 1/2 hour or even every 10 minutes, that way the edits won't be caught up in the history making it easy to revert --Chris 09:04, 16 August 2008 (UTC)[reply]
    • If it runs but doesn't find anything is there any cost? (server, bandwidth - i dunno) Viridae^Talk 13:26, 16 August 2008 (UTC)[reply]
      • Every action has a cost, but it's minimal... it's basically loading a page or two (the same way you and I would) a few times, which isn't really a big deal. —Giggy 13:48, 16 August 2008 (UTC)[reply]
        • I like the idea - I like the idea more when it is run more often. Viridae^Talk 14:18, 16 August 2008 (UTC)[reply]

• If it really is going to do images, it may be best to rename it, just to avoid any confusion. Other than that, sounds like a great idea, IMO. - Rjd0060 (talk) 14:59, 16 August 2008 (UTC)[reply]
  • I don't know if I'm allowed to comment, but it sounds like a good idea. I'd be willing to support in the RfA. A rename does seem in order though...... Dendodge .. Talk^Contribs 15:58, 16 August 2008 (UTC)[reply]
• I'd support it, based on RedirectCleanupBot, adminbots run on admin accounts, and the fact that this bot could be very useful. And the fact that the worst that could happen is that we have to clean up several templates and/or articles. Nwwaew (Talk Page) (Contribs) (E-mail me) 16:48, 16 August 2008 (UTC)[reply]

Question: Will this have to go through RfA like User:RedirectCleanupBot did? I can't seem to find any consensus on WP:BN. NuclearWarfare ^{contact me}_{My work} 19:40, 16 August 2008 (UTC)[reply]

Copying Iridescent's post from WT:RFA to this BRFA. WODUP 22:43, 16 August 2008 (UTC)[reply]

Support, but a beansy thought that someone will need to watch for; presumably if it's run every 10 minutes, a vandal can vandalize a template, add it to the article after vandalizing, and the bot would then lock the template into the vandalized state. Not a major problem but it will happen. Also, will it unprotect all the templates once the article's delisted, or only those that were unprotected to start with?

— iridescent 16:00, 16 August 2008 (UTC), Wikipedia talk:Requests for adminship#Heads Up

Well I thought of that too -= but presumably they can do that already, and while the vandalism will show either way, it is easier to track which edit caused it (as against adding a useful template and then vandalising - which is a bit more difficult) Viridae^Talk 22:58, 16 August 2008 (UTC)[reply]

To really deal with Xenocidic's concern it would have to constantly monitor recentchanges via IRC, even checking 5 minutes is more than enough time for someone to add a template and vandalize it. I don't think that feature will really be helpful, though that is a concern that should be dealt with, not sure how though. Mr.Z-man 23:17, 16 August 2008 (UTC)[reply]

The sort of timed attack Iridescent describes is a major concern, and it's not just in the realm of WP:BEANS, but one that's already been attempted at least twice to defeat my own FA protection adminbot. The number of possible attack vectors are increased here since we're dealing an almost unlimited number of templates that could be vandalized, or even new ones created for the purposes of mischief. Chris, you might be able to pick up the solution here. :) east718 // talk // email // 23:43, 16 August 2008 (UTC)[reply]

That method isnt going to go away - it can happen already and it isnt going to be made worse by this bot. As it stands, vandalism to the FAOTD by this method (adding a template that is already vandalised) is easiyer to deal with than adding an innocuous template then vandalising it. Having the runs more often pretty much gets rid of the latter problem and nothing will top the former except protection/eyes on the page. Viridae^Talk 06:41, 17 August 2008 (UTC)[reply]

OK, we're not thinking on the same plane here. I don't care if somebody adds a template to the article later and vandalizes it; that is expected. The real problem is that the robot might lock a template in a vandalized state if a vandal throws it onto the article just before a check cycle. The optimal solution (that's obvious to me at least) is to just not protect a template if it's been recently edited and to report it for human review somewhere. I happen to prefer throwing up the !admin flag in #wikipedia-en-admins, Chris may opt for something else. east718 // talk // email // 01:44, 18 August 2008 (UTC)[reply]

I don't think the timing problem can be solved. No matter what time it is set to run, unless it is set to run continuously, there will be a break where mischief can occur. Since we started this in July, vandalism during the break has only happened once. In that case someone added a template that should have been in the article already and then vandalized it. In response we lowered the duration been protections. Since then I don't recall anymore problems. As for images, we had a discussion about them when we first created the page and decided not to add them unless they became a target. So far they have not. We were primarily concerned with fair use images, but we also asked what protection of an image would really do, and decided not much. Having worked on the protection page and tweaking with Chris, the bot has my support. KnightLago (talk) 15:25, 17 August 2008 (UTC)[reply]

• On the timing problem: Featured articles should be fairly stable. They shouldn't receive major template overhauls right before they go on the main page. If this attack vector is an issue, only lock down templates which existed in the article when scheduled, or some days before it goes on the main page, and make the period vary between checks so the lockdown schedule isn't predictable. Gimmetrow 04:37, 18 August 2008 (UTC)[reply]

I recommend this bot goes to RFA, I say this as the programmer of the original redirect cleanup bot. (check the rename logs for my old username). As far as operation, the idea that east said above is a worthwhile one. If you are doing checks every 10 minutes, then check to see if the template has recently been edited (in last 10 minutes), and if it has, bring the template up for human review somewhere. Have it say something in #wikipedia-en or the like, or post somewhere where people don't mind watching. The only real way out of this is to monitor on IRC. —— nixeagle 03:36, 18 August 2008 (UTC)[reply]

The proposed policy is to not go to RfA per the adminbots RFC. BJ^Talk 03:40, 18 August 2008 (UTC)[reply]

Ok, sorry about the lateness of my reply but I've been having a few computer problems. A few points have been raised that I would like to answer:

1. RFA - at this point in time I have no plans to run this bot through an rfa
2. Images - KnightLago has made some vaild points so unless image vandalsim picks up the bot will not protect images
3. Templates - I think Nixeagle has made a good sugestion about checking when the template was last edited and will work on implmenting it. Gimmetrow also made a nice suggestion about varing the running time but unfortunately the bot runs on a crontab which is hard to randomise --Chris 08:36, 18 August 2008 (UTC)[reply]