Extension:CrowdSec

From mediawiki.org
MediaWiki extensions manual
CrowdSec
Release status: experimental
Implementation Page action
Description Bouncer Integration with CrowdSec for anti-spam.
Author(s) MPThLeetalk
MediaWiki 1.35+
License GNU General Public License 2.0 or later
Download

GitHub:

Note:
No localisation updates are
provided by translatewiki.net .

Parameters

  • $wgCrowdSecEnable
  • $wgCrowdSecAPIUrl
  • $wgCrowdSecAPIKey
  • $wgCrowdSecCache
  • $wgCrowdSecCacheTTL
  • $wgCrowdSecFallbackBan
  • $wgCrowdSecRestrictRead
  • $wgCrowdSecTreatTypesAsBan
  • $wgCrowdSecReportOnly
Added rights

  • crowdsec-bypass
Hooks used

This extension adds anti-spam integration with CrowdSec. As it's working as bouncer, It's mandatory to setup CrowdSec Agent too.

Installation[edit]

Configuration[edit]

Step 1: Setup CrowdSec Agent[edit]

Follow this documentation from CrowdSec. You may need to setup the collections, logs and more too.

Then, you need to get a bouncer api token. 

sudo cscli bouncers add mediawiki-bouncer

Remember the token key. It need to put on extension configuration.

It's highly recommended to register Central API for pull blocklist from remote. 

sudo cscli capi register

Step 2: Setup Extension[edit]

wfLoadExtension( 'CrowdSec' );
$wgCrowdSecAPIKey = ""; // put lapi key here.

This is basic configuration. More configuration is documented on README

AbuseFilter Integration[edit]

There's AbuseFilter integration. The variable crowdsec_blocked is representing...

  • false: LAPI Request was failed. or failed to get user ip.
  • 'ok': This user is ok to process.
  • 'ban': This user is reported for "ban" from LAPI.
  • ... and various (custom) types via CrowdSec. including 'captcha'

User rights[edit]

  • crowdsec-bypass - allows users to bypass crowdsec check.

See also[edit]

Retrieved from "https://www.mediawiki.org/w/index.php?title=Extension:CrowdSec&oldid=5866320"