Topic on Project:Support desk

Hide user IP address in anonymous editing

7 comments • 14:12, 21 August 2023 1 year ago

7

Summary by Biologically

Using Manual:Hooks/HtmlPageLinkRendererBegin - can be a solution.

Biologically (talkcontribs)

This may be a repeat question, but I read the answer to similar questions previously asked on Support desk and also read the MediaWiki manual - couldn't find the solution I was looking for.

Is there any method to hide the IP address of the users from everyone except the administrators (or if required hide from the administrators too) in a website running on MediaWiki software while still letting users participate anonymously?

Okay, so let me break it down -

I am talking about any website running on MediaWiki software - and not only the mediawiki.org website.
The anonymous editing is enabled - $wgGroupPermissions['*']['edit'] = true;
Usually the "Recent changes", edit history shows the IP address of the editor when not logged in. This is where the problem is.

Clearly, this is not what it means by anonymous editing, because the user have to give away the IP info publicly.

So, I was thinking if there is a way to show a fixed username to all editor who are participating while not logged in - e.g. showing "Anonymous editor" or "Not logged in user" in place of their IP address. While at the same time it may allow the system to log the IP address (so that the admin can view and if required block a particular IP address). The thing is just not to make the IP available publicly.

When I searched the previous threads the commonly suggested answers were -

Disable anonymous contribution
Delete the history altogether
The $wgShowIPinHeader solution - which is not available in recent MediaWiki releases.

Is there any way to do this?

Reply 07:38, 20 June 2018 6 years ago

Ciencia Al Poder (talkcontribs)

You may be able to do something by hooking HtmlPageLinkRendererBegin, when you detect the link is to an IP.

Reply 09:16, 21 June 2018 6 years ago

Mediabobedit (talkcontribs)

is there an update on a good way to remove ip addresses from appearing for anonymous users? The HtmlPageLinkRenderedBegin page doesn't explain how it is possible to do this.

Some medical wikis have users that are at threat from conspiracy theorists so it would be safer to allow them to edit anonymously without their ip addresses from showing up

Reply 21:39, 15 August 2023 1 year ago

Bawolff (talkcontribs)

Just to be clear this will hide it somewhat but not fully. If your users are facing threats of violence i would suggest going further than that or maybe just requiring people to create accounts.

Reply 02:15, 16 August 2023 1 year ago

Mediabobedit (talkcontribs)

I couldnt understand how to do it from that link as it doesn't have any instructions. Is there any page that explains it?

Reply 06:37, 20 August 2023 1 year ago

Bawolff (talkcontribs)

Add the following to LocalSettings.php.

$wgHooks['HtmlPageLinkRendererBegin'][] = function ( $linkRenderer, $target, &$text, &$extraAttribs, &$query, &$ret ) {
	if ( !defined( "MW_NO_SESSION" ) && RequestContext::getMain()->getUser()->isRegistered() ) {
		return;
	}
	if (
		( ( $target->getNamespace() === NS_USER ||
		$target->getNamespace() === NS_USER_TALK ) &&
		\Wikimedia\IPUtils::isValid( $target->getDBkey() ) ) || (
		$target->getNamespace() === NS_SPECIAL &&
		strpos( $target->getDBkey(), '/' ) !== false &&
		\Wikimedia\IPUtils::isValid( substr( $target->getDBkey(), strpos( $target->getDBkey(), '/' ) + 1 ) ) )
	) {
		// Does not redact links to subpages.
		$originalText = HTMLArmor::getHtml( $text );
		$originalText = str_replace( [ '<bdi>', '</bdi>' ], [ '', '' ], $originalText ); 
		if ( \Wikimedia\IPUtils::isValid( $originalText ) ) {
			$text = "Anonymous user";
		}
		$ret = HTMLArmor::getHtml( $text );
		return false;
	}
};

PLEASE NOTE: This only obfuscates in a couple places. The IP address will still be visible in a bunch of places, such as the API or if you hit the undo link in the edit summary. Probably a bunch more. Use with caution. You may want to look into IP masking project whenever that is finished.