Manual:$wgRateLimits

From MediaWiki.org
Jump to: navigation, search

Other languages:
Deutsch • ‎English • ‎français • ‎日本語 • ‎polski • ‎русский
Rate limiter: $wgRateLimits
Simple rate limiter options to brake edit floods.
Introduced in version: 1.4.5
Removed in version: still in use
Allowed values:
Default value: see below
Other settings: Alphabetical | By function

Details[edit source]

This setting provides a simple rate limiter to brake floods of edits and other potentially destructive behavior, like sending out emails to other users. It sets a maximum number of actions allowed in the given number of seconds; after that, the violating client receives HTTP 500 error pages until the period elapses. To check if a rate limit has been exceeded, use the User::pingLimiter() function.

For example, to set a maximum of 4 edits per 60 seconds for "newbie" (i.e. non-autoconfirmed) users, add the following:

$wgRateLimits['edit']['newbie'] = array( 4, 60 );

Note Note: The ip limit applies to both unregistered and "newbie" users. The newbie limit applies by action and user, and the ip limit by action and IP. So if you have many newbies using the same IP address, they all aggregate in the same count for the ip limit. This might have wanted and unwanted effects. If you for example have a code sprint with a huge number of (legitimate) new users, they might hit the IP limit rather quickly, which might be unwanted. On the other hand, spammers who use several different accounts from the same IP address will hit it as well, which will be wanted.

$wgMainCacheTypeManual:$wgMainCacheType must be set to a value other than CACHE_NONE for this setting to work.

Default value[edit source]

$wgRateLimits = array(
  // Page edits
  'edit' => array(
    'ip' => array( 8, 60 ),
    'newbie' => array( 8, 60 ),
  ),
  // Page moves
  'move' => array(
    'newbie' => array( 2, 120 ),
    'user' => array( 8, 60 ),
  ),
  // File uploads
  'upload' => array(
    'ip' => array( 8, 60 ),
    'newbie' => array( 8, 60 ),
  ),
  // Page rollbacks
  'rollback' => array(
    'user' => array( 10, 60 ),
    'newbie' => array( 5, 120 )
  ),
  // Triggering password resets emails
  'mailpassword' => array(
    'ip' => array( 5, 3600 ),
  ),
  // Emailing other users using MediaWiki
  'emailuser' => array(
    'ip' => array( 5, 86400 ),
    'newbie' => array( 5, 86400 ),
    'user' => array( 20, 86400 ),
  ),
  // Purging pages
  'purge' => array(
    'ip' => array( 30, 60 ),
    'user' => array( 30, 60 ),
  ),
  // Purges of link tables
  'linkpurge' => array(
    'ip' => array( 30, 60 ),
    'user' => array( 30, 60 ),
  ),
  // Files rendered via thumb.php or thumb_handler.php
  'renderfile' => array(
    'ip' => array( 700, 30 ),
    'user' => array( 700, 30 ),
  ),
  // Same as above but for non-standard thumbnails
  'renderfile-nonstandard' => array(
    'ip' => array( 70, 30 ),
    'user' => array( 70, 30 ),
  ),
  // Stashing edits into cache before save
  'stashedit' => array(
    'ip' => array( 30, 60 ),
    'newbie' => array( 30, 60 ),
  ),
  // Adding or removing change tags
  'changetag' => array(
    'ip' => array( 8, 60 ),
    'newbie' => array( 8, 60 ),
  ),
);

Extensions can provide additional keys for $wgRateLimit. E.g. Extension:ConfirmEditExtension:ConfirmEdit provides a "badcaptcha" key, which allows to throttle users based on the number of wrong answers they have given to a captcha. An example might be:

$wgRateLimits['badcaptcha']['newbie'] = array( 100, 86400 );

This will allow newbie users not more than 100 wrong answers per day (86400 seconds).

Version differences[edit source]

  • The 'mailpassword' array was added in MediaWiki 1.7.0.
  • The 'emailuser' array was added in MediaWiki 1.10.0.
  • The 'linkpurge' array was added in MediaWiki 1.22.0.
  • The 'renderfile' array was added in MediaWiki 1.22.0.

See also[edit source]