Extension:AbuseFilter

From MediaWiki.org
(Redirected from Extension:Abuse filter)
Jump to: navigation, search

Other languages:
català • ‎Deutsch • ‎English • ‎British English • ‎español • ‎suomi • ‎français • ‎עברית • ‎italiano • ‎日本語 • ‎한국어 • ‎polski • ‎português • ‎português do Brasil • ‎русский • ‎中文
MediaWiki extensions manual
Crystal Clear action run.png
AbuseFilter

Release status: stable

Implementation User activity, Special page, API
Description Allows specific behavior-based restrictions to be placed on wiki activity
Author(s) Andrew Garrett,
River Tarnell,
Victor Vasiliev,
Marius Hoch
MediaWiki 1.19+
PHP 5.3.4+ recommended
Database changes Yes
Tables abuse_filter
abuse_filter_action
abuse_filter_history
abuse_filter_log
License GNU General Public License 2.0 or later
Download
Parameters

$wgAbuseFilterAvailableActions
$wgAbuseFilterConditionLimit
$wgAbuseFilterEmergencyDisableThreshold
$wgAbuseFilterEmergencyDisableCount
$wgAbuseFilterEmergencyDisableAge
$wgAbuseFilterParserClass
$wgAbuseFilterStyleVersion
$wgAbuseFilterRestrictedActions
$wgAbuseFilterUDPPrefix
$wgAbuseFilterUDPAddress
$wgAbuseFilterUDPPort
$wgAbuseFilterCentralDB
$wgAbuseFilterIsCentral
$wgAbuseFilterBlockDuration

Added rights

abusefilter-view
abusefilter-modify
abusefilter-modify-restricted
abusefilter-log
abusefilter-log-detail
abusefilter-private
abusefilter-revert
abusefilter-view-private
abusefilter-hidden-log
abusefilter-hide-log

Hooks used
EditFilterMerged

GetAutoPromoteGroups
AbortMove
AbortNewAccount
ArticleDelete
LoadExtensionSchemaUpdates
RecentChange_save
ListDefinedTags
ContributionsToolLinks
UploadVerification
MakeGlobalVariablesScript
EditFilterMergedContent
AbortAutoAccount
APIEditBeforeSave
ArticleSaveComplete
UnitTestsList

Translate the AbuseFilter extension if it is available at translatewiki.net

Check usage and version matrix; code metrics

Issues:

Open tasks · Report a bug

The AbuseFilter extension allows privileged users to set specific controls on actions by users, such as edits, and create automated reactions for certain behaviors.

Requirements

It's not needed to install any dependencies for this extension, but you still might want to install Extension:AntiSpoof to use string normalization features.

Installation

  • Download and place the file(s) in a directory called AbuseFilter in your extensions/ folder.
  • Add the following code at the bottom of your LocalSettings.php:
require_once "$IP/extensions/AbuseFilter/AbuseFilter.php";
  • Run the update script which will automatically create the necessary database tables that this extension needs.
  • Done! Navigate to "Special:Version" on your wiki to verify that the extension is successfully installed.

User rights

Once you installed the extension, you'll have to set up the user rights in LocalSettings.php.

Right Description
abusefilter-modify Modify abuse filters
abusefilter-view View abuse filters
abusefilter-log View the abuse log
abusefilter-log-detail View detailed abuse log entries
abusefilter-private View private data in the abuse log
abusefilter-modify-restricted Modify abuse filters with restricted actions
abusefilter-revert Revert all changes by a given abuse filter
abusefilter-view-private View abuse filters marked as private
abusefilter-log-private View log entries of abuse filters marked as private
abusefilter-hide-log Hide entries in the abuse log
abusefilter-hidden-log View hidden abuse log entries

For example, the following sample configuration would allow sysops to do everything they want with AbuseFilter, and everyone to view the log and see public filter settings:

$wgGroupPermissions['sysop']['abusefilter-modify'] = true;
$wgGroupPermissions['*']['abusefilter-log-detail'] = true;
$wgGroupPermissions['*']['abusefilter-view'] = true;
$wgGroupPermissions['*']['abusefilter-log'] = true;
$wgGroupPermissions['sysop']['abusefilter-private'] = true;
$wgGroupPermissions['sysop']['abusefilter-modify-restricted'] = true;
$wgGroupPermissions['sysop']['abusefilter-revert'] = true;
Filters marked as private can only be viewed by users with either the abusefilter-modify or abusefilter-view-private permission.

Documentation and management

Once the extension has been installed, filters can be created/tested/changed/deleted and the logs can be accessed from the Abuse filter management page Special:AbuseFilter.

Configuration

Variable name Default value Description
$wgAbuseFilterAvailableActions array( 'flag', 'throttle', 'warn', 'disallow', 'blockautopromote', 'block', 'degroup', 'tag' ) The possible actions that can be taken by abuse filters.

Additional possible actions: 'rangeblock'

$wgAbuseFilterConditionLimit 1000 The maximum number of 'conditions' that can be used each time the filters are run against a change. (More complex filters require more 'conditions').
$wgAbuseFilterValidGroups 'default' The list of "groups" filters can be divided into. By default there is only one group.
$wgAbuseFilterEmergencyDisableThreshold 0.05 Disable a filter if it matched more than 2 edits, constituting more than 5 % of the actions which were checked against the filter's group in the "observed" period (at most one day), unless the filter has been changed in the last 86400 seconds (one day)
$wgAbuseFilterEmergencyDisableCount 2
$wgAbuseFilterEmergencyDisableAge 86400
$wgAbuseFilterParserClass 'AbuseFilterParser' Name of AbuseFilter's parser class.
$wgAbuseFilterRestrictedActions array( 'block', 'degroup', 'blockautopromote', 'rangeblock' ) Users must have the "abusefilter-modify-restricted" user right as well as "abusefilter-modify" in order to create or modify filters which carry out these actions.
$wgAbuseFilterNotifications false Allows to configure the extension to send hit notifications to

Special:RecentChanges or UDP. Available options: rc, udp, rcandudp

$wgAbuseFilterNotificationsPrivate false Enable notifications for private filters.
$wgAbuseFilterCentralDB null Name of a database where global abuse filters will be stored in (only supported in the latest, development version).
$wgAbuseFilterIsCentral false Set this variable to true for the wiki where global AbuseFilters are stored in (only supported in the latest, development version).
$wgAbuseFilterDisallowGlobalLocalBlocks false Disallow Centralised filters from taking actions that locally block, remove from groups, or revoke permissions.
$wgAbuseFilterBlockDuration 'indefinite' Duration of blocks made by AbuseFilter
$wgAbuseFilterAnonBlockDuration null Duration of blocks made by AbuseFilter on users who are not logged in. The value of $wgAbuseFilterBlockDuration will be used if this is not set.
$wgAbuseFilterCustomActionsHandlers array() Callback functions for custom actions.
$wgAbuseFilterValidGroups array('default') Valid "filter groups" – used for applying edit filters to certain types of actions
$wgAbuseFilterDefaultWarningMessage array( 'default' => 'abusefilter-warning' ) Default warning messages, per filter group
$wgAbuseFilterLogIPMaxAge 3 * 30 * 24 * 3600 Age used as cutoff when purging old IP log data. Defaults to 3 months. Used by maintenance script purgeOldLogIPData.php.

API

AbuseFilter adds two API list modules, one for details of abuse filters ("abusefilters") and one for the abuse log, since it is separate from other MediaWiki logs ("abuselog"). It is not possible to create or modify abuse filters using the API.

list = abusefilters

List information about filters

Parameters
  • abfstartid: The filter id to start enumerating from
  • abfendid: The filter id to stop enumerating at
  • abfdir: The direction in which to enumerate (older, newer)
  • abfshow: Show only filters which meet these criteria (enabled|!enabled|deleted|!deleted|private|!private)
  • abflimit: The maximum number of filters to list
  • abfprop: Which properties to get (id|description|pattern|actions|hits|comments|lasteditor|lastedittime|status|private)

When filters are private, some of the properties specified with abfprop will be missing unless you have the appropriate user rights.

Examples

List non-private abuse filters

list = abuselog

List instances where actions triggered an abuse filter.

Parameters
  • aflstart: The timestamp to start enumerating from
  • aflend: The timestamp to stop enumerating at
  • afldir: The direction in which to enumerate (older, newer)
  • afluser: Show only entries where the action was attempted by a given user or IP address.
  • afltitle: Show only entries where the action involved a given page.
  • aflfilter: Show only entries that triggered a given filter ID
  • afllimit: The maximum number of entries to list
  • aflprop: Which properties to get (ids|user|title|action|result|timestamp|details)
Example

List instances where the abuse filter was triggered in response to actions from the user "SineBot"

See also