Podręcznik:$wgRateLimits

From mediawiki.org
Jump to navigation Jump to search
This page is a translated version of the page Manual:$wgRateLimits and the translation is 7% complete.
Other languages:
English • ‎español • ‎français • ‎magyar • ‎polski • ‎русский • ‎中文 • ‎日本語
Rate limiter: $wgRateLimits
Simple rate limiter options to brake edit floods.
Wprowadzono w wersji:1.4.5
Usunięto w wersji:nadal w użyciu
Dozwolone wartości:nie określono
Domyślna wartość:see below

Szczegóły

This setting provides a simple rate limiter to brake floods of edits and other potentially destructive behavior, like sending out emails to other users. It sets a maximum number of actions allowed in the given number of seconds; after that, the violating client receives HTTP 429 error pages until the period elapses. Note that limits are generally counted per site, but some of the special limits are aggregated across all sites in a wiki farm, e.-g. all Wikimedia wikis. To check if a rate limit has been exceeded, use the User::pingLimiter() function.

The general syntax is:

$wgRateLimits['<action>']['<usergroup>'] = [ <maximum number of action>, <timespan in second> ];

There are some special additional limits:

  • anon - applies to unregistered users only, and applies by action and IP.
  • user - applies to registered users only, and applies by action and user.
  • user-global - (since 1.35) applies by action and registered user, counted across sites.
  • newbie - applies to both unregistered and "newbie" users, and applies by action and user.
  • ip - applies to both unregistered and "newbie" users (i.e. users without the autoconfirmed user right), and will limit total number of action from one IP regardless of specific users. This will be enforced in addition to other limits, and is counted across sites.
  • subnet - applies to both unregistered and "newbie" users, and will limit total number of action from the /24 (for IPv4) or /64 (for IPv6) range of IP. This will be enforced in addition to other limits, and is counted across sites
  • ip-all - applies to all users other than those whose user-specific limit (see below) is more permissive, and will limit total number of action from one IP regardless of specific users. This will be enforced in addition to other limits, and is counted across sites.
  • subnet-all - applies to all users other than those whose user-specific limit is more permissive, and will limit total number of action from /24 or /64 range. This will be enforced in addition to other limits, and is counted across sites.

If there are multiple limit defined, the user-specific limit is defined as:

  • newbie - if the user is a "newbie", or
  • The most permissive (i.e. with the highest action/timespan ratio) of user limit and all applicable user group limits of the user, or
  • anon - for unregistered users.

All user groups defined in $wgAutopromote (for example, autoconfirmed) will not be checked unless you explicitly assigned the user group to a specific user.

For example, to set a maximum of 4 edits per 60 seconds for "newbie" (i.e. non-autoconfirmed) users, add the following:

$wgRateLimits['edit']['newbie'] = [ 4, 60 ];
If you have many newbies using the same IP address, they all aggregate in the same count for the ip limit. This might have wanted and unwanted effects. If you for example have a code sprint with a huge number of (legitimate) new users, they might hit the IP limit rather quickly, which might be unwanted. On the other hand, spammers who use several different accounts from the same IP address will hit it as well, which will be wanted.

By setting $wgRateLimits['anAction']['&can-bypass'] = false; the limitations for a specific action can be marked as not skippable.

If that is set, neither the noratelimit user right nor the $wgRateLimitsExcludedIPs setting have any effect for that action.

$wgMainCacheType must be set to a value other than CACHE_NONE for rate limits to be enabled at all.

Extensions can provide additional keys for $wgRateLimit. E.g. Extension:ConfirmEdit provides a "badcaptcha" key, which allows to throttle users based on the number of wrong answers they have given to a captcha. An example might be:

$wgRateLimits['badcaptcha']['newbie'] = [ 100, 86400 ];

This will allow newbie users not more than 100 wrong answers per day (86400 seconds).

Domyślna wartość

Wersja MediaWiki:
1.34
$wgRateLimits = [
	// Page edits
	'edit' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
		'user' => [ 90, 60 ],
	],
	// Page moves
	'move' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
	// File uploads
	'upload' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Page rollbacks
	'rollback' => [
		'user' => [ 10, 60 ],
		'newbie' => [ 5, 120 ]
	],
	// Triggering password resets emails
	'mailpassword' => [
		'ip' => [ 5, 3600 ],
	],
	// Emailing other users using MediaWiki
	'emailuser' => [
		'ip' => [ 5, 86400 ],
		'newbie' => [ 5, 86400 ],
		'user' => [ 20, 86400 ],
	],
	'changeemail' => [
		'ip-all' => [ 10, 3600 ],
		'user' => [ 4, 86400 ]
	],
	// since 1.33 - rate limit email confirmations
	'confirmemail' => [
		'ip-all' => [ 10, 3600 ],
		'user' => [ 4, 86400 ]
	],
	// Purging pages
	'purge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Purges of link tables
	'linkpurge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Files rendered via thumb.php or thumb_handler.php
	'renderfile' => [
		'ip' => [ 700, 30 ],
		'user' => [ 700, 30 ],
	],
	// Same as above but for non-standard thumbnails
	'renderfile-nonstandard' => [
		'ip' => [ 70, 30 ],
		'user' => [ 70, 30 ],
	],
	// Stashing edits into cache before save
	'stashedit' => [
		'ip' => [ 30, 60 ],
		'newbie' => [ 30, 60 ],
	],
	// Adding or removing change tags
	'changetag' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Changing the content model of a page
	'editcontentmodel' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
];
Wersje MediaWiki:
1.30 – 1.33
$wgRateLimits = [
	// Page edits
	'edit' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
		'user' => [ 90, 60 ],
	],
	// Page moves
	'move' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
	// File uploads
	'upload' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Page rollbacks
	'rollback' => [
		'user' => [ 10, 60 ],
		'newbie' => [ 5, 120 ]
	],
	// Triggering password resets emails
	'mailpassword' => [
		'ip' => [ 5, 3600 ],
	],
	// Emailing other users using MediaWiki
	'emailuser' => [
		'ip' => [ 5, 86400 ],
		'newbie' => [ 5, 86400 ],
		'user' => [ 20, 86400 ],
	],
	'changeemail' => [
		'ip-all' => [ 10, 3600 ],
		'user' => [ 4, 86400 ]
	],
	// Purging pages
	'purge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Purges of link tables
	'linkpurge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Files rendered via thumb.php or thumb_handler.php
	'renderfile' => [
		'ip' => [ 700, 30 ],
		'user' => [ 700, 30 ],
	],
	// Same as above but for non-standard thumbnails
	'renderfile-nonstandard' => [
		'ip' => [ 70, 30 ],
		'user' => [ 70, 30 ],
	],
	// Stashing edits into cache before save
	'stashedit' => [
		'ip' => [ 30, 60 ],
		'newbie' => [ 30, 60 ],
	],
	// Adding or removing change tags
	'changetag' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Changing the content model of a page
	'editcontentmodel' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
];
Wersje MediaWiki:
1.4 – 1.6
$wgRateLimits = array(
	'edit' => array(
		'anon'   => null, // for any and all anonymous edits (aggregate)
		'user'   => null, // for each logged-in user
		'newbie' => null, // for each recent account; overrides 'user'
		'ip'     => null, // for each anon and recent account
		'subnet' => null, // ... with final octet removed
		),
	'move' => array(
		'user'   => null,
		'newbie' => null,
		'ip'     => null,
		'subnet' => null,
		),
	);

Version differences

  • The 'mailpassword' array was added in MediaWiki 1.7.0.
  • The 'emailuser' array was added in MediaWiki 1.10.0.
  • The 'linkpurge' array was added in MediaWiki 1.22.0.
  • The 'renderfile' array was added in MediaWiki 1.22.0.

Zobacz też