Manual:$wgRateLimits
User rights, access control and monitoring: $wgRateLimits | |
---|---|
Simple rate limiter options to brake edit floods. |
|
Introduced in version: | 1.4.5 |
Removed in version: | Still in use |
Allowed values: | Unspecified |
Default value: | see below |
Other settings: Alphabetical | By function |
Details
[edit]This setting provides a simple rate limiter to brake floods of edits and other potentially destructive behavior, like sending out emails to other users.
It sets a maximum number of actions allowed in the given number of seconds; after that, the violating client receives HTTP 429 error page or other error message until the period elapses.
Note that limits are generally counted per site, but some of the special limits are aggregated across all sites in a wiki farm, e.g. all Wikimedia wikis.
To check if a rate limit has been exceeded, use the User::pingLimiter()
function.
The general syntax is:
$wgRateLimits['<action>']['<usergroup>'] = [ <maximum number of action>, <timespan in second> ];
There are some special additional limits:
anon
- applies to unregistered users only, and applies by action and IP.user
- applies to registered users only, and applies by action and user.user-global
- (since 1.35) applies by action and registered user, counted across sites.newbie
- applies to unregistered, temporary and "newbie" users, and applies by action and user.ip
- applies to both unregistered and "newbie" users (i.e. users without theautoconfirmed
user right), and will limit total number of action from one IP regardless of specific users. This will be enforced in addition to other limits, and is counted across sites.subnet
- applies to both unregistered and "newbie" users, and will limit total number of action from the /24 (for IPv4) or /64 (for IPv6) range of IP. This will be enforced in addition to other limits, and is counted across sites.ip-all
- applies to all users other than those whose user-specific limit (see below) is more permissive, and will limit total number of action from one IP regardless of specific users. This will be enforced in addition to other limits, and is counted across sites.subnet-all
- applies to all users other than those whose user-specific limit is more permissive, and will limit total number of action from /24 or /64 range. This will be enforced in addition to other limits, and is counted across sites.
If there are multiple limit defined, the user-specific limit is defined as:
newbie
- if the user is a "newbie", or- The most permissive (i.e. with the highest action/timespan ratio) of
user
limit and all applicable user group limits of the user, or anon
- for unregistered users.
All user groups defined in $wgAutopromote (for example, autoconfirmed
) will not be checked unless you explicitly assigned the user group to a specific user.
For example, to set a maximum of 4 edits per 60 seconds for "newbie" (i.e. non-autoconfirmed) users, add the following:
$wgRateLimits['edit']['newbie'] = [ 4, 60 ];
ip
limit. This might have wanted and unwanted effects. If you for example have a code sprint with a huge number of (legitimate) new users, they might hit the IP limit rather quickly, which might be unwanted. On the other hand, spammers who use several different accounts from the same IP address will hit it as well, which will be wanted.By setting $wgRateLimits['anAction']['&can-bypass'] = false;
the limitations for a specific action can be marked as not skippable. If that is set, neither the noratelimit user right nor the $wgRateLimitsExcludedIPs setting have any effect for that action.
Extensions can provide additional keys for $wgRateLimit. E.g. Extension:ConfirmEdit provides a "badcaptcha" key, which allows to throttle users based on the number of wrong answers they have given to a captcha. An example might be:
$wgRateLimits['badcaptcha']['newbie'] = [ 100, 86400 ];
This will allow newbie users not more than 100 wrong answers per day (86400 seconds).
Rate limit message
[edit]After reaching the rate limit, either of two things will happen. For purges, the purge dialogue will disappear. For edits or rollbacks, editors will see the following message:
Action throttled
[edit]As an anti-abuse measure, you are limited from performing this action too many times in a short space of time, and you have exceeded this limit. Please try again in a few minutes.
This message can be modified by editing MediaWiki:Actionthrottled and MediaWiki:Actionthrottledtext.
Default value
[edit]MediaWiki version: | ≥ 1.41 |
$wgRateLimits = [
// Page edits
'edit' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
'user' => [ 90, 60 ],
],
// Page moves
'move' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
// File uploads
'upload' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// Page rollbacks
'rollback' => [
'user' => [ 10, 60 ],
'newbie' => [ 5, 120 ]
],
// Triggering password resets emails
'mailpassword' => [
'ip' => [ 5, 3600 ],
],
// Emailing other users using MediaWiki
'sendemail' => [
'ip' => [ 5, 86400 ],
'newbie' => [ 5, 86400 ],
'user' => [ 20, 86400 ],
],
'changeemail' => [
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
],
// since 1.33 - rate limit email confirmations
'confirmemail' => [
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
],
// Purging pages
'purge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// Purges of link tables
'linkpurge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// Files rendered via thumb.php or thumb_handler.php
'renderfile' => [
'ip' => [ 700, 30 ],
'user' => [ 700, 30 ],
],
// Same as above but for non-standard thumbnails
'renderfile-nonstandard' => [
'ip' => [ 70, 30 ],
'user' => [ 70, 30 ],
],
// Stashing edits into cache before save
'stashedit' => [
'ip' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
],
// Stash base HTML for VE edits
'stashbasehtml' => [
'ip' => [ 5, 60 ],
'newbie' => [ 5, 60 ],
],
// Adding or removing change tags
'changetags' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// Changing the content model of a page
'editcontentmodel' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
];
MediaWiki versions: | 1.39 – 1.40 Gerrit change 805091 |
$wgRateLimits = [
// Page edits
'edit' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
'user' => [ 90, 60 ],
],
// Page moves
'move' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
// File uploads
'upload' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// Page rollbacks
'rollback' => [
'user' => [ 10, 60 ],
'newbie' => [ 5, 120 ]
],
// Triggering password resets emails
'mailpassword' => [
'ip' => [ 5, 3600 ],
],
// Emailing other users using MediaWiki
'emailuser' => [
'ip' => [ 5, 86400 ],
'newbie' => [ 5, 86400 ],
'user' => [ 20, 86400 ],
],
'changeemail' => [
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
],
// since 1.33 - rate limit email confirmations
'confirmemail' => [
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
],
// Purging pages
'purge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// Purges of link tables
'linkpurge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// Files rendered via thumb.php or thumb_handler.php
'renderfile' => [
'ip' => [ 700, 30 ],
'user' => [ 700, 30 ],
],
// Same as above but for non-standard thumbnails
'renderfile-nonstandard' => [
'ip' => [ 70, 30 ],
'user' => [ 70, 30 ],
],
// Stashing edits into cache before save
'stashedit' => [
'ip' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
],
// Stash base HTML for VE edits
'stashbasehtml' => [
'ip' => [ 5, 60 ],
'newbie' => [ 5, 60 ],
],
// Adding or removing change tags
'changetag' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// Changing the content model of a page
'editcontentmodel' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
];
MediaWiki versions: | 1.34 – 1.38 |
$wgRateLimits = [
// Page edits
'edit' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
'user' => [ 90, 60 ],
],
// Page moves
'move' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
// File uploads
'upload' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// Page rollbacks
'rollback' => [
'user' => [ 10, 60 ],
'newbie' => [ 5, 120 ]
],
// Triggering password resets emails
'mailpassword' => [
'ip' => [ 5, 3600 ],
],
// Emailing other users using MediaWiki
'emailuser' => [
'ip' => [ 5, 86400 ],
'newbie' => [ 5, 86400 ],
'user' => [ 20, 86400 ],
],
'changeemail' => [
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
],
// since 1.33 - rate limit email confirmations
'confirmemail' => [
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
],
// Purging pages
'purge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// Purges of link tables
'linkpurge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// Files rendered via thumb.php or thumb_handler.php
'renderfile' => [
'ip' => [ 700, 30 ],
'user' => [ 700, 30 ],
],
// Same as above but for non-standard thumbnails
'renderfile-nonstandard' => [
'ip' => [ 70, 30 ],
'user' => [ 70, 30 ],
],
// Stashing edits into cache before save
'stashedit' => [
'ip' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
],
// Adding or removing change tags
'changetag' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// Changing the content model of a page
'editcontentmodel' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
];
Extended content | ||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
$wgRateLimits = [
// Page edits
'edit' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
'user' => [ 90, 60 ],
],
// Page moves
'move' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
// File uploads
'upload' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// Page rollbacks
'rollback' => [
'user' => [ 10, 60 ],
'newbie' => [ 5, 120 ]
],
// Triggering password resets emails
'mailpassword' => [
'ip' => [ 5, 3600 ],
],
// Emailing other users using MediaWiki
'emailuser' => [
'ip' => [ 5, 86400 ],
'newbie' => [ 5, 86400 ],
'user' => [ 20, 86400 ],
],
'changeemail' => [
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
],
// Purging pages
'purge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// Purges of link tables
'linkpurge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// Files rendered via thumb.php or thumb_handler.php
'renderfile' => [
'ip' => [ 700, 30 ],
'user' => [ 700, 30 ],
],
// Same as above but for non-standard thumbnails
'renderfile-nonstandard' => [
'ip' => [ 70, 30 ],
'user' => [ 70, 30 ],
],
// Stashing edits into cache before save
'stashedit' => [
'ip' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
],
// Adding or removing change tags
'changetag' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// Changing the content model of a page
'editcontentmodel' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
];
$wgRateLimits = [
// Page edits
'edit' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
'user' => [ 90, 60 ],
],
// Page moves
'move' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
// File uploads
'upload' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// Page rollbacks
'rollback' => [
'user' => [ 10, 60 ],
'newbie' => [ 5, 120 ]
],
// Triggering password resets emails
'mailpassword' => [
'ip' => [ 5, 3600 ],
],
// Emailing other users using MediaWiki
'emailuser' => [
'ip' => [ 5, 86400 ],
'newbie' => [ 5, 86400 ],
'user' => [ 20, 86400 ],
],
// Purging pages
'purge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// Purges of link tables
'linkpurge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// Files rendered via thumb.php or thumb_handler.php
'renderfile' => [
'ip' => [ 700, 30 ],
'user' => [ 700, 30 ],
],
// Same as above but for non-standard thumbnails
'renderfile-nonstandard' => [
'ip' => [ 70, 30 ],
'user' => [ 70, 30 ],
],
// Stashing edits into cache before save
'stashedit' => [
'ip' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
],
// Adding or removing change tags
'changetag' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// Changing the content model of a page
'editcontentmodel' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
];
$wgRateLimits = [
// Page edits
'edit' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// Page moves
'move' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
// File uploads
'upload' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// Page rollbacks
'rollback' => [
'user' => [ 10, 60 ],
'newbie' => [ 5, 120 ]
],
// Triggering password resets emails
'mailpassword' => [
'ip' => [ 5, 3600 ],
],
// Emailing other users using MediaWiki
'emailuser' => [
'ip' => [ 5, 86400 ],
'newbie' => [ 5, 86400 ],
'user' => [ 20, 86400 ],
],
// Purging pages
'purge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// Purges of link tables
'linkpurge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// Files rendered via thumb.php or thumb_handler.php
'renderfile' => [
'ip' => [ 700, 30 ],
'user' => [ 700, 30 ],
],
// Same as above but for non-standard thumbnails
'renderfile-nonstandard' => [
'ip' => [ 70, 30 ],
'user' => [ 70, 30 ],
],
// Stashing edits into cache before save
'stashedit' => [
'ip' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
],
// Adding or removing change tags
'changetag' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// Changing the content model of a page
'editcontentmodel' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
];
$wgRateLimits = [
// Page edits
'edit' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
'user' => [ 90, 60 ],
],
// Page moves
'move' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
// File uploads
'upload' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// Page rollbacks
'rollback' => [
'user' => [ 10, 60 ],
'newbie' => [ 5, 120 ]
],
// Triggering password resets emails
'mailpassword' => [
'ip' => [ 5, 3600 ],
],
// Emailing other users using MediaWiki
'emailuser' => [
'ip' => [ 5, 86400 ],
'newbie' => [ 5, 86400 ],
'user' => [ 20, 86400 ],
],
'changeemail' => [
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
],
// Purging pages
'purge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// Purges of link tables
'linkpurge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// Files rendered via thumb.php or thumb_handler.php
'renderfile' => [
'ip' => [ 700, 30 ],
'user' => [ 700, 30 ],
],
// Same as above but for non-standard thumbnails
'renderfile-nonstandard' => [
'ip' => [ 70, 30 ],
'user' => [ 70, 30 ],
],
// Stashing edits into cache before save
'stashedit' => [
'ip' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
],
// Adding or removing change tags
'changetag' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
];
$wgRateLimits = array(
'edit' => array(
'anon' => null, // for any and all anonymous edits (aggregate)
'user' => null, // for each logged-in user
'newbie' => null, // for each recent (autoconfirmed) account; overrides 'user'
'ip' => null, // for each anon and recent account
'subnet' => null, // ... within a /24 subnet in IPv4 or /64 in IPv6
),
'upload' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'move' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'mailpassword' => array( // triggering password resets emails
'anon' => null,
),
'emailuser' => array( // emailing other users using MediaWiki
'user' => null,
),
'linkpurge' => array( // purges of link tables
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'renderfile' => array( // files rendered via thumb.php or thumb_handler.php
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'renderfile-nonstandard' => array( // same as above but for non-standard thumbnails
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'stashedit' => array( // stashing edits into cache before save
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'changetag' => array( // adding or removing change tags
'user' => null,
'newbie' => null,
),
);
$wgRateLimits = array(
'edit' => array(
'anon' => null, // for any and all anonymous edits (aggregate)
'user' => null, // for each logged-in user
'newbie' => null, // for each recent (autoconfirmed) account; overrides 'user'
'ip' => null, // for each anon and recent account
'subnet' => null, // ... within a /24 subnet in IPv4 or /64 in IPv6
),
'upload' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'move' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'mailpassword' => array( // triggering password resets emails
'anon' => null,
),
'emailuser' => array( // emailing other users using MediaWiki
'user' => null,
),
'linkpurge' => array( // purges of link tables
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'renderfile' => array( // files rendered via thumb.php or thumb_handler.php
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'renderfile-nonstandard' => array( // same as above but for non-standard thumbnails
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
);
$wgRateLimits = array(
'edit' => array(
'anon' => null, // for any and all anonymous edits (aggregate)
'user' => null, // for each logged-in user
'newbie' => null, // for each recent (autoconfirmed) account; overrides 'user'
'ip' => null, // for each anon and recent account
'subnet' => null, // ... within a /24 subnet in IPv4 or /64 in IPv6
),
'upload' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'move' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'mailpassword' => array( // triggering password resets emails
'anon' => null,
),
'emailuser' => array( // emailing other users using MediaWiki
'user' => null,
),
'linkpurge' => array( // purges of link tables
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'renderfile' => array( // files rendered via thumb.php or thumb_handler.php
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
);
$wgRateLimits = array(
'edit' => array(
'anon' => null, // for any and all anonymous edits (aggregate)
'user' => null, // for each logged-in user
'newbie' => null, // for each recent (autoconfirmed) account; overrides 'user'
'ip' => null, // for each anon and recent account
'subnet' => null, // ... within a /24 subnet in IPv4 or /64 in IPv6
),
'move' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'mailpassword' => array( // triggering password resets emails
'anon' => null,
),
'emailuser' => array( // emailing other users using MediaWiki
'user' => null,
),
'linkpurge' => array( // purges of link tables
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'renderfile' => array( // files rendered via thumb.php or thumb_handler.php
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
);
$wgRateLimits = array(
'edit' => array(
'anon' => null, // for any and all anonymous edits (aggregate)
'user' => null, // for each logged-in user
'newbie' => null, // for each recent (autoconfirmed) account; overrides 'user'
'ip' => null, // for each anon and recent account
'subnet' => null, // ... with final octet removed
),
'move' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'mailpassword' => array(
'anon' => null,
),
'emailuser' => array(
'user' => null,
),
);
$wgRateLimits = array(
'edit' => array(
'anon' => null, // for any and all anonymous edits (aggregate)
'user' => null, // for each logged-in user
'newbie' => null, // for each recent account; overrides 'user'
'ip' => null, // for each anon and recent account
'subnet' => null, // ... with final octet removed
),
'move' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'mailpassword' => array(
'anon' => NULL,
),
);
|
MediaWiki versions: | 1.4 – 1.6 |
$wgRateLimits = array(
'edit' => array(
'anon' => null, // for any and all anonymous edits (aggregate)
'user' => null, // for each logged-in user
'newbie' => null, // for each recent account; overrides 'user'
'ip' => null, // for each anon and recent account
'subnet' => null, // ... with final octet removed
),
'move' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
);
Version differences
[edit]- The 'mailpassword' array was added in MediaWiki 1.7.0.
- The 'emailuser' array was added in MediaWiki 1.10.0.
- The 'linkpurge' array was added in MediaWiki 1.22.0.
- The 'renderfile' array was added in MediaWiki 1.22.0.