Manual:$wgRateLimits

Details
This setting provides a simple rate limiter to brake floods of edits and other potentially destructive behavior, like sending out emails to other users.

It sets a maximum number of actions allowed in the given number of seconds; after that, the violating client receives HTTP 429 error pages until the period elapses.

To check if a rate limit has been exceeded, use the User::pingLimiter function.

The general syntax is:

There are some special additional limits:


 * - applies to unregistered users only, and applies by action and IP.
 * - applies to registered users only, and applies by action and user.
 * - applies to both unregistered and "newbie" users, and applies by action and user.
 * - applies to both unregistered and "newbie" users (i.e. users without the  user right), and will limit total number of action from one IP regardless of specific users. This will be enforced in addition to other limits.
 * - applies to both unregistered and "newbie" users, and will limit total number of action from the /24 (for IPv4) or /64 (for IPv6) range of IP. This will be enforced in addition to other limits.
 * - applies to all users other than those whose user-specific limit (see below) is more permissive, and will limit total number of action from one IP regardless of specific users. This will be enforced in addition to other limits.
 * - applies to all users other than those whose user-specific limit is more permissive, and will limit total number of action from /24 or /64 range. This will be enforced in addition to other limits.

If there are multiple limit defined, the user-specific limit is defined as:


 * - if the user is a "newbie", or
 * The most permissive (i.e. with the highest action/timespan ratio) of  limit and all applicable user group limits of the user, or

All user groups defined in (for example,  ) will not be checked unless you explicitly assigned the user group to a specific user.

For example, to set a maximum of 4 edits per 60 seconds for "newbie" (i.e. non-man>Special:MyLanguage/Manual:Autoconfirmed users|autoconfirmed) users, add the following:

By setting  the limitations for a specific action can be marked as not skippable. If that is set, neither the noratelimit user right nor the setting have any effect for that action.

 must be set to a value other than CACHE_NONE for rate limits to be enabled at all.

Default value
Extensions can provide additional keys for $wgRateLimit.

E.g.  provides a "badcaptcha" key, which allows to throttle users based on the number of wrong answers they have given to a captcha. An example might be:

This will allow newbie users not more than 100 wrong answers per day (86400 seconds).

Version differences

 * The 'mailpassword' array was added in MediaWiki 1.7.0.


 * The 'emailuser' array was added in MediaWiki 1.10.0.


 * The 'linkpurge' array was added in MediaWiki 1.22.0.


 * The 'renderfile' array was added in MediaWiki 1.22.0.