Currently anonymous users can create new pages under the "User" namespace, which doesn't make any sense.
This is an approach used by spammers, also in installations with some filter in account creation: they just go an create "user pages"anonymously, pasting there their rubbish.
What is the right approach to fix this? [[mw:Manual:$wgNamespaceProtection]] prevent just any edits made by some user group to some namespace. But that might be too restrictive since there might be good reasons for an anonymous users to edit or comment an existing user page. Is there a way to prevent page creation only?
Version: unspecified
Severity: normal