User:DWalden (WMF)/GlobalBlocking

GlobalBlocking allows administrators to block IP/IP ranges across all wikis.

Globally blocked IPs will not be allowed to perform certain actions on any wiki, such as editing and uploading files.

It adds the special pages:

• Special:GlobalBlock (block an IP or IP range)
• Special:GlobalUnblock (unblock an IP or IP range)
• Special:GlobalBlockList (lists all the IP/ranges currently globally blocked)
• Special:GlobalBlockWhitelist (disable a global block for an IP/range only on the current wiki)

It also has an API.

Usage doc: Extension:GlobalBlocking#Usage

It can be tested on beta if your user has administrator/sysop permissions.

See MediaWiki-Docker/Extension/GlobalBlocking.

Types of block:

• IP (IPv4 and IPv6)
• IP range (must be in "CIDR" notation, see Help:Range_blocks or Manual:IP_ranges)

Parameters when creating a block:

• "Globally block anonymous users only"
• "Also block the given IP address locally on this wiki" (creates a local database block)
• Expiry
• Reason (can include wikitext markup, templates, HTML(?), etc.)

Actions which are globally blocked (I don't think this is exhaustive):

• editing
• uploading
• moving pages
• deleting/undeleting pages
• Special:UserRights
• various extension actions

Other things:

• X-Forward-For

If you are on an IP which is globally blocked, you will be prevented from performing several actions (some are noted above).

When attempting to perform blocked actions, you will instead be shown a message informing you of the block. The message should be accurate (i.e. have the correct information about who blocked you, for how long, etc.) and provide helpful information for users who want to go about being unblocked (e.g. it should say who to contact, which IP address is being blocked, through which mechanism the block was created, the ID of the block, etc. so admins know which block is being referred to).

You should be able to perform other actions as usual (such as reading an article and I believe creating an account).

• Reason is not correctly stored in the database or is parsed incorrectly when shown to the user
  • Example bug showing a Reason being stored in the database incorrectly phab:T306431

• Combination testing, see block combinations matrix.

Add this to LocalSettings.php:

$wgCdnServersNoPurge = [ '172.0.0.1/8' ];
$wgUsePrivateIPs = true;

Install a browser extension which allows you to change your X-Forward-For header. For example, this one for Firefox or Chrome.

Follow the instructions provided by the addon to change your X-Forward-For header to the IP you want to simulate.

Then interact with the wiki as usual.

Follow the instructions about simulating a different IP address but do not add anything to your LocalSettings.php (comment that part out if you have added it).

This should also work on beta and production.

e.g. how to checkout a previous version of a patch.

e.g. links to other documentation about the feature or project.