Topic on Extension talk:AbuseFilter

Can't create new filter

6 comments 12:56, 27 June 2020 3 years ago
6
Summary by EscoBye

$wgServer was set to HTTP, should be HTTPS.

EscoBye (talkcontribs)

Hello, I installed the AbuseFilter extensions and have the following configurations:


wfLoadExtension( 'AbuseFilter' );

$wgGroupPermissions['sysop']['abusefilter-modify'] = true;

$wgGroupPermissions['*']['abusefilter-log-detail'] = true;

$wgGroupPermissions['*']['abusefilter-view'] = true;

$wgGroupPermissions['*']['abusefilter-log'] = true;

$wgGroupPermissions['sysop']['abusefilter-privatedetails'] = true;

$wgGroupPermissions['sysop']['abusefilter-modify-restricted'] = true;

$wgGroupPermissions['sysop']['abusefilter-revert'] = true;


I ran update.php without any issues and can access Special:AbuseFilter but when I try to create and save a new filte the page simply refreshes and the filter is not saved. I tried adding 3 different filters and the filter list is still empty. I am logged in with a bureaucrat/admin account. Does someone know why this is happening?

12:22, 27 June 2020 3 years ago
Daimona Eaytoy (talkcontribs)

I've never heard of this bug. What version of MW are you running, and what version of AbuseFilter? Knowing the PHP version and the DBMS may help, too.

As an aside, note that "abusefilter-privatedetails" allows viewing the IP address of registered people who triggered an AbuseFilter -- I'm unsure if it's intentional to allow sysops to do that.

12:27, 27 June 2020 3 years ago
EscoBye (talkcontribs)

I forgot to include the versions in my first post but here they are:

MW: 1.34.2

PHP: 7.4.7

MySQL: 8.0.20

AbuseFilter: 3c2035d, probably REL1_34?

12:34, 27 June 2020 3 years ago
Daimona Eaytoy (talkcontribs)

Yeah, they seem fine, and everything should be supported. To clarify, could you please provide detailed steps for your attempt? Also, is there anything logged either in the JS console, or in the MW logs (see Manual:How to debug)?

12:40, 27 June 2020 3 years ago
EscoBye (talkcontribs)

I just noticed that I get the following warning: Mixed Content: The page at 'https://domain/w/Special:AbuseFilter/new' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://domain/w/Special:AbuseFilter/new'. This endpoint should be made available over a secure connection.

The subitted form probably never goes through since it's submitted over HTTP, any idea how to make the form submit over HTTPS?


Here are the steps:

  1. Starting at https://domain/w/Special:AbuseFilter/new
  2. Description: Prevent gibberish usernames
  3. Conditions: action == "createaccount" & accountname rlike "^[A-Za-z0-9]{10,}$" & accountname rlike "^[A-Z][a-z]{5,}(?:[A-Z].*[0-9]|[0-9].*[A-Z])"
  4. Hide details of this filter from public view checked
  5. Prevent the user from performing the action in question checked
12:50, 27 June 2020 3 years ago
EscoBye (talkcontribs)

I managed to solve the issue, the $wgServer was set to HTTP by mistake, I forgot to edit it when enabling SSL. Thanks for the help Daimona!

12:56, 27 June 2020 3 years ago
Retrieved from "https://www.mediawiki.org/wiki/Topic:Vp2gfdu51ngxexgg"