Open main menu

Rozšíření:AbuseFilter

This page is a translated version of the page Extension:AbuseFilter and the translation is 18% complete.
Outdated translations are marked like this.
Other languages:
Deutsch • ‎English • ‎Türkçe • ‎català • ‎dansk • ‎español • ‎français • ‎galego • ‎magyar • ‎polski • ‎português • ‎português do Brasil • ‎română • ‎sicilianu • ‎čeština • ‎български • ‎русский • ‎עברית • ‎سنڌي • ‎فارسی • ‎हिन्दी • ‎中文 • ‎日本語 • ‎粵語 • ‎한국어
Základní informace k tomuto rozšíření MediaWiki
OOjs UI icon advanced.svg
AbuseFilter
Stav rozšíření: produkční
AbuseFilter-Management.png
Zavádí User activity , Special page , API
Popis Allows specific behavior-based restrictions to be placed on wiki activity
Napsal(i)
Compatibility policy release branches
MediaWiki 1.33+
PHP 5.4+ recommended
Změny v databázi dělá
Tabulky abuse_filter
abuse_filter_action
abuse_filter_history
abuse_filter_log
Licence GNU General Public License 2.0 or later
Zdrojový kód
  • $wgAbuseFilterActions
  • $wgAbuseFilterConditionLimit
  • $wgAbuseFilterEmergencyDisableThreshold
  • $wgAbuseFilterEmergencyDisableCount
  • $wgAbuseFilterEmergencyDisableAge
  • $wgAbuseFilterParserClass
  • $wgAbuseFilterRestrictions
  • $wgAbuseFilterNotifications
  • $wgAbuseFilterNotificationsPrivate
  • $wgAbuseFilterCentralDB
  • $wgAbuseFilterIsCentral
  • $wgAbuseFilterDisallowGlobalLocalBlocks
  • $wgAbuseFilterBlockDuration
  • $wgAbuseFilterAnonBlockDuration
  • $wgAbuseFilterCustomActionsHandler
  • $wgAbuseFilterValidGroups
  • $wgAbuseFilterDefaultWarningMessage
  • $wgAbuseFilterIPMaxAge
  • $wgAbuseFilterProfileActionsCap
  • $wgAbuseFilterLogPrivateDetailsAccess
  • $wgAbuseFilterPrivateDetailsForceReason
  • abusefilter-view
  • abusefilter-log
  • abusefilter-log-detail
  • abusefilter-revert
  • abusefilter-privatedetails
  • abusefilter-privatedetails-log
  • abusefilter-view-private
  • abusefilter-log-private
  • abusefilter-hidden-log
  • abusefilter-hide-log
  • abusefilter-modify
  • abusefilter-modify-restricted
  • abusefilter-modify-global
Přeložte rozšíření AbuseFilter, jsou-li dostupné jeho lokalizační zprávy na webu translatewiki.net
Podívejte se kdo a v jaké verzi toto rozšíření používá.
Issues Open tasks · Report a bug

Rozšíření AbuseFilter umožňuje uživatelům s rozšířenými právy nastavovat specifickou kontrolu akcí uživatelů, jakou jsou editace a vytváření automatických reakcí na určité chování.

For example, a filter could be created to prevent anonymous users from adding external links, or to block a user who removes more than 2000 characters.

Instalace

  • Stáhněte soubor/y a vložte do adresáře pojmenovaného AbuseFilter ve vaší složce extensions/.
  • Pro doinstalování PHP balíků, na kterých rozšíření závisí, použijte Composer. Ten musíte spustit v adresáři rozšíření s těmito parametry composer install --no-dev. (Vyskytnou-li se nějaké komplikace, podívejte se na T173141.)
  • Na konec vašeho souboru LocalSettings.php přidejte řádek s následujícím kódem:
    wfLoadExtension( 'AbuseFilter' );
    
  • Spusťte aktualizační skript, který automaticky provede všechny nezbytné databázové změny, jaké rozšíření vyžaduje.
  • Configure as required.
  •   Hotovo – Přejděte na stránku Special:Version vaší wiki, a zkontrolujte, zda bylo rozšíření úspěšně nainstalováno.

Pro ty co používají MediaWiki 1.26 a starší:

Výše uvedené instrukce se týkají instalace přes wfLoadExtension(), což je novější způsob instalace rozšíření. Pokud potřebujete toto rozšíření nainstalovat na starší verzi (MediaWiki 1.26 či starší), musíte místo wfLoadExtension( 'AbuseFilter' ); použít:

require_once "$IP/extensions/AbuseFilter/AbuseFilter.php";

Konfigurace

Uživatelská práva

Jakmile jste naistalovali rozšíření, musíte nastavit uživatelská práva v "LocalSettings.php".

Right Description
abusefilter-modify Upravování filtrů zneužití
abusefilter-view Prohlížení filtrů zneužití
abusefilter-log Prohlížení protokolu zneužití
abusefilter-log-detail Prohlížení podrobností v protokolu zneužití
abusefilter-privatedetails Prohlížení tajných údajů v protokolu zneužití
abusefilter-modify-restricted Upravování filtrů zneužití s omezenými opatřeními
abusefilter-modify-global Vytváření a editace globálních filtrů zneužití
abusefilter-revert Revertování všech změn provedených vybraným filtrem zneužití
abusefilter-view-private Prohlížení filtrů zneužití označených jako tajné
abusefilter-log-private Prohlížení protokolovacích záznamů filtrů zneužití označených jako tajné
abusefilter-hide-log Skrývání záznamů v protokolu zneužití
abusefilter-hidden-log Prohlížení skrytých záznamů v protokolu zneužití
abusefilter-privatedetails-log Prohlížení záznamů přístupu k soukromým detailům filtrů zneužití

Kupříkladu, následující ukázka konfigurace umožní administrátorům dělat s AbuseFilterem vše co chtějí, a všichni uživatelé uvidí záznamy a nastavení filtru.

$wgGroupPermissions['sysop']['abusefilter-modify'] = true;
$wgGroupPermissions['*']['abusefilter-log-detail'] = true;
$wgGroupPermissions['*']['abusefilter-view'] = true;
$wgGroupPermissions['*']['abusefilter-log'] = true;
$wgGroupPermissions['sysop']['abusefilter-privatedetails'] = true;
$wgGroupPermissions['sysop']['abusefilter-modify-restricted'] = true;
$wgGroupPermissions['sysop']['abusefilter-revert'] = true;
Filtery označené jako soukromé, uvidí pouze uživatelé s právy „abusefilter-modify“ a „abusefilter-view-private“.

Parameters

Proměnné jméno Základní hodnota Popis
$wgAbuseFilterActions
[
    'throttle' => true,
    'warn' => true,
    'disallow' => true,
    'blockautopromote' => true,
    'block' => true,
    'rangeblock' => false,
    'degroup' => true,
    'tag' => true
]
Akce, které mohou být provedeny filtry zneužití. When adding a new action, check if it is restricted in $wgAbuseFilterRestrictions and, if it is, don't forget to add the abusefilter-modify-restricted right to the appropriate user groups.
$wgAbuseFilterConditionLimit
1000
The maximum number of 'conditions' that can be used each time the filters are run against a change. (More complex filters require more 'conditions').
$wgAbuseFilterValidGroups
[
    'default'
]
The list of "groups" filters can be divided into. By default there is only one group. Other extensions may add other groups.
$wgAbuseFilterEmergencyDisableThreshold
[
    'default' => 0.05
]
Disable a filter if it matched more than 2 edits, constituting more than 5 % of the actions which were checked against the filter's group in the "observed" period (at most one day), unless the filter has been changed in the last 86400 seconds (one day). See emergency throttling.
$wgAbuseFilterEmergencyDisableCount
[
    'default' => 2
]
$wgAbuseFilterEmergencyDisableAge
[
    'default' => 86400
]
$wgAbuseFilterParserClass
'AbuseFilterParser'
Name of AbuseFilter's parser class.
$wgAbuseFilterRestrictions
[
    'block' => true,
    'degroup' => true,
    'blockautopromote' => true,
    'rangeblock' => true
]
Users must have the "abusefilter-modify-restricted" user right as well as "abusefilter-modify" in order to create or modify filters which carry out these actions.
$wgAbuseFilterNotifications
false
Allows to configure the extension to send hit notifications to Special:RecentChanges or UDP. Available options: rc, udp, rcandudp
$wgAbuseFilterNotificationsPrivate
false
Zapnout upozornění u soukromých filtrů.
$wgAbuseFilterCentralDB
null
Name of a database where global abuse filters will be stored in (only supported in the latest, development version).
$wgAbuseFilterIsCentral
false
Set this variable to true for the wiki where global AbuseFilters are stored in (only supported in the latest, development version).
$wgAbuseFilterDisallowGlobalLocalBlocks
false
Disallow Centralised filters from taking actions that locally block, remove from groups, or revoke permissions.
$wgAbuseFilterBlockDuration
'indefinite'
Délka trvání zablokování, provedených Filterem zneužití.
as of 1.31.0-wmf.25 block durations may be specified for every single filter and will override this variable. This variable is only used when enabling the block in order to preselect a default duration.
$wgAbuseFilterAnonBlockDuration
null
Duration of blocks made by AbuseFilter on users who are not logged in. The value of $wgAbuseFilterBlockDuration will be used if this is not set.
as of 1.31.0-wmf.25 block durations may be specified for every single filter and will override this variable. This variable is only used when enabling the block in order to preselect a default duration.
$wgAbuseFilterCustomActionsHandlers
[ ]
Callback functions for custom actions.
$wgAbuseFilterDefaultWarningMessage
[
    'default' => 'abusefilter-warning'
]
Default warning messages, per filter group
$wgAbuseFilterLogIPMaxAge
3 * 30 * 24 * 3600
Age used as cutoff when purging old IP log data. Defaults to 3 months. Used by maintenance script purgeOldLogIPData.php.
$wgAbuseFilterProfileActionsCap
10000
Number of action that determines when to reset profiling stats.
$wgAbuseFilterLogPrivateDetailsAccess
false
Whether accessing private information from a filter log entry is logged.
$wgAbuseFilterPrivateDetailsForceReason
false
Whether users are forced to provide a reason for accessing private information from a filter log entry.

Emergency throttling

AbuseFilter comes with a feature that automatically throttles (disable) filters that have been edited recently and match a certain theresold of the latest actions.

This is done to prevent harmful edits on the filters to block every user that performs an action on the wiki or similar.

The condition to disable the filter depend on those variables:

  • $wgAbuseFilterEmergencyDisableThreshold - Percent of matches over the total amount of actions in the observed period.
  • $wgAbuseFilterEmergencyDisableCount - Count of matches of the filter in the observed period.
  • $wgAbuseFilterEmergencyDisableAge - Age of the filter to take it into account. If the last edit of the filter is older than this number of seconds, the filter won't be throttled, unless it's already throttled.
  • $wgAbuseFilterProfileActionsCap - Maximum number of recent actions to count against the threshold. Note that each action increments a counter, and once this counter reaches this configured value, this counter and the number of recent actions that matches all filters are reset to 0.

Throttled filters can be identified in the list of filters (Special:AbuseFilter) with the state Enabled, throttled. Throttling happens silently, and there's no way to see when a filter got throttled.

When a filter gets throttled, it doesn't perform any dangerous action (the ones specified in $wgAbuseFilterRestrictions), and only "safe" actions are allowed. Throttled filters don't get enabled automatically. To disable the throttling, you need to edit the filter. Note that you need to actually change something from the filter: changing somethin from the filter's notes is sufficient.

Note that editing the filter updates its age, and can cause it to be disabled if it reaches again the conditions to be throttled in a short period since the last edit, leading to a unusable filter if your wiki has more abuse edits than legitimate ones. Filters can also get randomly throttled if the action count reaches $wgAbuseFilterProfileActionsCap, causing all filter matches count to reset to 0, and then someone repeatedly makes a filter to hit.

Creating and managing filters

Jakmile bylo rozšíření nainstalováno, filtry mohou být zakládány/testováný/měněny/mazány a záznamy mohou být spřístupněny z ovládací stránky Special:AbuseFilter.

API

AbuseFilter adds two API list modules, one for details of abuse filters ("abusefilters") and one for the abuse log, since it is separate from other MediaWiki logs ("abuselog"). It is not possible to create or modify abuse filters using the API.

list = abusefilters

List information about filters

Parameters
  • abfstartid - The filter id to start enumerating from
  • abfendid - The filter id to stop enumerating at
  • abfdir - The direction in which to enumerate (older, newer)
  • abfshow - Show only filters which meet these criteria (enabled|!enabled|deleted|!deleted|private|!private)
  • abflimit - The maximum number of filters to list
  • abfprop - Which properties to get (id|description|pattern|actions|hits|comments|lasteditor|lastedittime|status|private)

When filters are private, some of the properties specified with abfprop will be missing unless you have the appropriate user rights.

Příklady

List non-private abuse filters

list = abuselog

List instances where actions triggered an abuse filter.

Parameters
  • aflstart - The timestamp to start enumerating from
  • aflend - The timestamp to stop enumerating at
  • afldir - The direction in which to enumerate (older, newer)
  • afluser - Show only entries where the action was attempted by a given user or IP address.
  • afltitle - Show only entries where the action involved a given page.
  • aflfilter - Show only entries that triggered a given filter ID
  • afllimit - The maximum number of entries to list
  • aflprop - Which properties to get (ids|user|title|action|result|timestamp|details)
Příklad

List instances where the abuse filter was triggered in response to actions from the user "SineBot"

Possible errors

  • Some users might experience that creating new filters or modifying old filters fail and the user just gets redirected to the original page. If the Wiki is using SSL certificates, this error could possibly be because of the $wgServer value, which might be using "http://" instead of "https://". An indication of this error will be, the browser giving https warning for Special:AbuseFilter pages. (Topic:T23dyyih0ofjada5)

Související odkazy