Extension:AbuseFilter

The AbuseFilter extension allows privileged users to set specific actions to be taken when actions by users, such as edits, match certain criteria.

(e.g. A filter could be created so that when a user removes more than 2000 characters, they are blocked.)

Requirements
There are no required dependencies for this extension, but it is reccomended you install ext-AntiSpoof>Special:MyLanguage/Extension:AntiSpoof|Extension:AntiSpoof to use string normalization features.

User rights
Once you installed the extension, you'll have to set up the user rights in  .

For example, the following sample configuration would allow sysops to do everything they want with AbuseFilter, and everyone to view the log and see public filter settings:

Filters marked as private can only be viewed by users with either the abusefilter-modify or abusefilter-view-private permission.

Creating and managing filters
Once the extension has been installed, filters can be created/tested/changed/deleted and the logs can be accessed from the Abuse filter management page Special:AbuseFilter.


 * RulesFormat>Extension:AbuseFilter/Rules format|Rules format - The basics of how to write a filter
 * Actions>Extension:AbuseFilter/Actions|Actions
 * Global>Extension:AbuseFilter/Global|Global Rules
 * Conditions>Extension:AbuseFilter/Conditions|Guide to optimizing condition limit usage
 * To import filters from Wikipedia: When you have installed the extension, go to w:Special:AbuseFilter, choose a filter (say w:Special:AbuseFilter/3), then click "Export this filter to another wiki", copy the text, go to "Special:AbuseFilter/import" on your wiki, paste the text.

API
AbuseFilter adds two API list modules, one for details of abuse filters ("abusefilters") and one for the abuse log, since it is separate from other MediaWiki logs ("abuselog"). It is not possible to create or modify abuse filters using the API.

list = abusefilters
List information about filters


 * Parameters
 * : The filter id to start enumerating from
 * : The filter id to stop enumerating at
 * : The direction in which to enumerate (older, newer)
 * : Show only filters which meet these criteria (enabled|!enabled|deleted|!deleted|private|!private)
 * : The maximum number of filters to list
 * : Which properties to get (id|description|pattern|actions|hits|comments|lasteditor|lastedittime|status|private)

When filters are private, some of the properties specified with  will be missing unless you have the appropriate user rights.


 * Examples

list = abuselog
List instances where actions triggered an abuse filter.


 * Parameters
 * : The timestamp to start enumerating from
 * : The timestamp to stop enumerating at
 * : The direction in which to enumerate (older, newer)
 * : Show only entries where the action was attempted by a given user or IP address.
 * : Show only entries where the action involved a given page.
 * : Show only entries that triggered a given filter ID
 * : The maximum number of entries to list
 * : Which properties to get (ids|user|title|action|result|timestamp|details)


 * Example

Possible errors

 * Some users might experience that creating new filters or modifying old filters fail and the user just gets redirected to the original page. If the Wiki is using SSL certificates, this error could possibly be because of the value, which might be using "http://" instead of "https://". An indication of this error will be, the browser giving https warning for Special:AbuseFilter pages. (Topic:T23dyyih0ofjada5)