Jump to content

Manual:$wgRateLimits: Difference between revisions

From mediawiki.org
Browse history interactively
← Older edit
Content deleted Content added
VisualWikitext
Marked this version for translation
mNo edit summary
 
(44 intermediate revisions by 15 users not shown)
Line 1: Line 1:
<languages/>
<languages />
{{SettingSummary
{{SettingSummary
|name=RateLimits
|name=RateLimits
|version_min=1.4.5
|version_min=1.4.5
|section=Rate limiter
|section=User Access
|range=
|range=
|default=''<translate><!--T:1--> see below</translate>''
|default=''<translate><!--T:1--> see below</translate>''
Line 10: Line 10:
<translate>
<translate>
==Details== <!--T:3-->
==Details== <!--T:3-->

<!--T:4-->
This setting provides a simple rate limiter to brake floods of edits and other potentially destructive behavior, like sending out emails to other users.</translate> <translate>
<!--T:5-->
It sets a maximum number of actions allowed in the given number of seconds; after that, the violating client receives HTTP 429 error pages until the period elapses.</translate> <translate><!--T:42--> Note that limits are generally counted per site, but some of the special limits are aggregated across all sites in a wiki farm, e.-g. all Wikimedia wikis.</translate> <translate>
<!--T:6-->
To check if a rate limit has been exceeded, use the User::pingLimiter() function.
</translate>
</translate>


{{Warning|1=<translate><!--T:11--> <tvar name=2>{{ll|Manual:$wgMainCacheType|$wgMainCacheType}}</tvar> must be set to a value other than <tvar name=1><code>CACHE_NONE</code></tvar> for rate limits to be enabled at all.</translate> <translate><!--T:64--> It's <tvar name=1><code>CACHE_NONE</code></tvar> by default, so if it's left at that, anything documented below will not work as expected.</translate>}}
The general syntax is:

<translate><!--T:4--> This setting provides a simple rate limiter to brake floods of edits and other potentially destructive behavior, like sending out emails to other users.</translate>
<translate><!--T:5--> It sets a maximum number of actions allowed in the given number of seconds; after that, the violating client receives HTTP 429 error page or other error message until the period elapses.</translate>
<translate><!--T:42--> Note that limits are generally counted per site, but some of the special limits are aggregated across all sites in a wiki farm, e.g. all Wikimedia wikis.</translate>
<translate><!--T:6--> To check if a rate limit has been exceeded, use the <tvar name=1>{{phpi|User::pingLimiter()}}</tvar> function.</translate>

<translate>
<!--T:43-->
The general syntax is:</translate>


<syntaxhighlight lang="php">
<syntaxhighlight lang="php">
Line 25: Line 27:
</syntaxhighlight>
</syntaxhighlight>


<translate>
There are some special additional limits:
<!--T:44-->
There are some special additional limits:</translate>


* <code>anon</code> - applies to unregistered users only, and applies by action and IP.
* <code>anon</code> - <translate><!--T:45--> applies to unregistered users only, and applies by action and IP.</translate>
* <code>user</code> - applies to registered users only, and applies by action and user.
* <code>user</code> - <translate><!--T:46--> applies to registered users only, and applies by action and user.</translate>
* <code>newbie</code> - applies to both unregistered and "newbie" users, and applies by action and user.
* <code>user-global</code> - <translate><!--T:47--> (since 1.35) applies by action and registered user, counted across sites.</translate>
* <code>ip</code> - applies to both unregistered and "newbie" users (i.e. users without the <code>{{ll|Manual:Autoconfirmed users|autoconfirmed}}</code> user right), and will limit total number of action from one IP regardless of specific users. This will be enforced ''in addition to'' other limits, and is counted across sites.
* <code>newbie</code> - <translate><!--T:48--> applies to unregistered, temporary and "newbie" users, and applies by action and user.</translate>
* <code>subnet</code> - applies to both unregistered and "newbie" users, and will limit total number of action from the /24 (for IPv4) or /64 (for IPv6) range of IP. This will be enforced ''in addition to'' other limits, and is counted across sites
* <code>ip</code> - <translate><!--T:49--> applies to both unregistered and "newbie" users (i.e. users without the <tvar name=1><code>{{ll|Manual:Autoconfirmed users|autoconfirmed}}</code></tvar> user right), and will limit total number of action from one IP regardless of specific users.</translate> <translate><!--T:50--> This will be enforced ''in addition to'' other limits, and is counted across sites.</translate>
* <code>ip-all</code> - applies to all users other than those whose ''user-specific limit'' (see below) is more permissive, and will limit total number of action from one IP regardless of specific users. This will be enforced ''in addition to'' other limits, and is counted across sites.
* <code>subnet</code> - <translate><!--T:51--> applies to both unregistered and "newbie" users, and will limit total number of action from the /24 (for IPv4) or /64 (for IPv6) range of IP.</translate> <translate><!--T:52--> This will be enforced ''in addition to'' other limits, and is counted across sites.</translate>
* <code>subnet-all</code> - applies to all users other than those whose ''user-specific limit'' is more permissive, and will limit total number of action from /24 or /64 range. This will be enforced ''in addition to'' other limits, and is counted across sites.
* <code>ip-all</code> - <translate><!--T:53--> applies to all users other than those whose ''user-specific limit'' (see below) is more permissive, and will limit total number of action from one IP regardless of specific users.</translate> <translate><!--T:54--> This will be enforced ''in addition to'' other limits, and is counted across sites.</translate>
* <code>subnet-all</code> - <translate><!--T:55--> applies to all users other than those whose ''user-specific limit'' is more permissive, and will limit total number of action from /24 or /64 range.</translate> <translate><!--T:56--> This will be enforced ''in addition to'' other limits, and is counted across sites.</translate>


<translate>
If there are multiple limit defined, the ''user-specific limit'' is defined as:
<!--T:57-->
If there are multiple limit defined, the ''user-specific limit'' is defined as:</translate>


* <code>newbie</code> - if the user is a "newbie", or
* <code>newbie</code> - <translate><!--T:58--> if the user is a "newbie", or</translate>
* The most permissive (i.e. with the highest action/timespan ratio) of <code>user</code> limit and all applicable user group limits of the user, or
* <translate><!--T:59--> The most permissive (i.e. with the highest action/timespan ratio) of <tvar name=1><code>user</code></tvar> limit and all applicable user group limits of the user, or</translate>
* <code>anon</code> - for unregistered users.
* <code>anon</code> - <translate><!--T:60--> for unregistered users.</translate>


<translate>
All user groups defined in {{ll|Manual:$wgAutopromote|$wgAutopromote}} (for example, <code>autoconfirmed</code>) will not be checked unless you [[Special:MyLanguage/Manual:$wgAutopromote#Caveats|explicitly assigned]] the user group to a specific user.
<!--T:61-->
All user groups defined in <tvar name=1>{{ll|Manual:$wgAutopromote|$wgAutopromote}}</tvar> (for example, <tvar name=2><code>autoconfirmed</code></tvar>) will not be checked unless you [[<tvar name=3>Special:MyLanguage/Manual:$wgAutopromote#Caveats</tvar>|explicitly assigned]] the user group to a specific user.</translate>


<translate>
<translate>
<!--T:7-->
<!--T:7-->
For example, to set a maximum of 4 edits per 60 seconds for "newbie" (i.e. non-[[<tvar|man>Special:MyLanguage/Manual:Autoconfirmed users</>|autoconfirm]]ed) users, add the following:
For example, to set a maximum of 4 edits per 60 seconds for "newbie" (i.e. non-[[<tvar name=man>Special:MyLanguage/Manual:Autoconfirmed users</tvar>|autoconfirm]]ed) users, add the following:
</translate>
</translate>


Line 54: Line 63:
{{note|1=<translate><!--T:10--> If you have many newbies using the same IP address, they all aggregate in the same count for the <code>ip</code> limit.</translate> <translate><!--T:28--> This might have wanted and unwanted effects.</translate> <translate><!--T:29--> If you for example have a code sprint with a huge number of (legitimate) new users, they might hit the IP limit rather quickly, which might be unwanted.</translate> <translate><!--T:30--> On the other hand, spammers who use several different accounts from the same IP address will hit it as well, which will be wanted.</translate>}}
{{note|1=<translate><!--T:10--> If you have many newbies using the same IP address, they all aggregate in the same count for the <code>ip</code> limit.</translate> <translate><!--T:28--> This might have wanted and unwanted effects.</translate> <translate><!--T:29--> If you for example have a code sprint with a huge number of (legitimate) new users, they might hit the IP limit rather quickly, which might be unwanted.</translate> <translate><!--T:30--> On the other hand, spammers who use several different accounts from the same IP address will hit it as well, which will be wanted.</translate>}}


<translate>
By setting <code>$wgRateLimits['anAction']['&can-bypass'] = false;</code> the limitations for a specific action can be marked as not skippable. If that is set, neither the ''noratelimit'' [[Special:MyLanguage/Manual:User rights|user right]] nor the {{ll|Manual:$wgRateLimitsExcludedIPs|$wgRateLimitsExcludedIPs}} setting have any effect for that action.
<!--T:62-->
By setting <tvar name=1><code>$wgRateLimits['anAction']['&can-bypass'] = false;</code></tvar> the limitations for a specific action can be marked as not skippable.</translate> <translate><!--T:63--> If that is set, neither the ''noratelimit'' [[<tvar name=1>Special:MyLanguage/Manual:User rights</tvar>|user right]] nor the <tvar name=2>{{ll|Manual:$wgRateLimitsExcludedIPs|$wgRateLimitsExcludedIPs}}</tvar> setting have any effect for that action.</translate>

<translate><!--T:39--> Extensions can provide additional keys for $wgRateLimit.</translate>
<translate><!--T:40--> E.g. <tvar name=ext>{{ll|Extension:ConfirmEdit}}</tvar> provides a "badcaptcha" key, which allows to throttle users based on the number of wrong answers they have given to a captcha. An example might be:</translate>

<syntaxhighlight lang="php">
$wgRateLimits['badcaptcha']['newbie'] = [ 100, 86400 ];
</syntaxhighlight>

<translate>
<!--T:41-->
This will allow newbie users not more than 100 wrong answers per day (86400 seconds).

== Rate limit message == <!--T:65-->
</translate>
<translate><!--T:66--> After reaching the rate limit, either of two things will happen.</translate>
<translate><!--T:67--> For purges, the purge dialogue will disappear.</translate>
<translate><!--T:68--> For edits or rollbacks, editors will see the following message:</translate>

=== {{int|actionthrottled}} ===
<div style="margin: auto 2em; border: 1px dashed #AAAAAA; padding: 4px; padding-left: 1em;">
{{int|actionthrottledtext}}
</div>


<translate>
<translate>
<!--T:11-->
<!--T:69-->
This message can be modified by editing <tvar name=1>[[MediaWiki:Actionthrottled]]</tvar> and <tvar name=2>[[MediaWiki:Actionthrottledtext]]</tvar>.
<tvar|MainCacheType>{{ll|Manual:$wgMainCacheType|$wgMainCacheType}}</> must be set to a value other than <tt>CACHE_NONE</tt> for rate limits to be enabled at all.


==Default value== <!--T:12-->
==Default value== <!--T:12-->
</translate>
</translate>
{{MW 1.34|+}}
{{MW 1.41|+}}
<syntaxhighlight lang="php">
<syntaxhighlight lang="php">
$wgRateLimits = [
$wgRateLimits = [
// <translate><!--T:31--> Page edits</translate>
// <translate nowrap><!--T:31--> Page edits</translate>
'edit' => [
'edit' => [
'ip' => [ 8, 60 ],
'ip' => [ 8, 60 ],
Line 71: Line 104:
'user' => [ 90, 60 ],
'user' => [ 90, 60 ],
],
],
// <translate><!--T:32--> Page moves</translate>
// <translate nowrap><!--T:32--> Page moves</translate>
'move' => [
'move' => [
'newbie' => [ 2, 120 ],
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
'user' => [ 8, 60 ],
],
],
// <translate><!--T:33--> File uploads</translate>
// <translate nowrap><!--T:33--> File uploads</translate>
'upload' => [
'upload' => [
'ip' => [ 8, 60 ],
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
],
// <translate><!--T:34--> Page rollbacks</translate>
// <translate nowrap><!--T:34--> Page rollbacks</translate>
'rollback' => [
'rollback' => [
'user' => [ 10, 60 ],
'user' => [ 10, 60 ],
'newbie' => [ 5, 120 ]
'newbie' => [ 5, 120 ]
],
],
// <translate><!--T:17--> Triggering password resets emails</translate>
// <translate nowrap><!--T:17--> Triggering password resets emails</translate>
'mailpassword' => [
'mailpassword' => [
'ip' => [ 5, 3600 ],
'ip' => [ 5, 3600 ],
],
],
// <translate><!--T:18--> Emailing other users using MediaWiki</translate>
// <translate nowrap><!--T:18--> Emailing other users using MediaWiki</translate>
'sendemail' => [
'ip' => [ 5, 86400 ],
'newbie' => [ 5, 86400 ],
'user' => [ 20, 86400 ],
],
'changeemail' => [
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
],
// <translate nowrap><!--T:71--> since 1.33 - rate limit email confirmations</translate>
'confirmemail' => [
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
],
// <translate nowrap><!--T:35--> Purging pages</translate>
'purge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// <translate nowrap><!--T:19--> Purges of link tables</translate>
'linkpurge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// <translate nowrap><!--T:20--> Files rendered via thumb.php or thumb_handler.php</translate>
'renderfile' => [
'ip' => [ 700, 30 ],
'user' => [ 700, 30 ],
],
// <translate nowrap><!--T:36--> Same as above but for non-standard thumbnails</translate>
'renderfile-nonstandard' => [
'ip' => [ 70, 30 ],
'user' => [ 70, 30 ],
],
// <translate nowrap><!--T:37--> Stashing edits into cache before save</translate>
'stashedit' => [
'ip' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
],
// <translate nowrap><!--T:70--> Stash base HTML for VE edits</translate>
'stashbasehtml' => [
'ip' => [ 5, 60 ],
'newbie' => [ 5, 60 ],
],
// <translate nowrap><!--T:38--> Adding or removing change tags</translate>
'changetags' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// <translate nowrap><!--T:72--> Changing the content model of a page</translate>
'editcontentmodel' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
];
</syntaxhighlight>

{{MW version|version=1.39|version2=1.40|gerrit change=805091}}
<syntaxhighlight lang="php">
$wgRateLimits = [
// <translate nowrap><!--T:73--> Page edits</translate>
'edit' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
'user' => [ 90, 60 ],
],
// <translate nowrap><!--T:74--> Page moves</translate>
'move' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
// <translate nowrap><!--T:75--> File uploads</translate>
'upload' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// <translate nowrap><!--T:76--> Page rollbacks</translate>
'rollback' => [
'user' => [ 10, 60 ],
'newbie' => [ 5, 120 ]
],
// <translate nowrap><!--T:77--> Triggering password resets emails</translate>
'mailpassword' => [
'ip' => [ 5, 3600 ],
],
// <translate nowrap><!--T:78--> Emailing other users using MediaWiki</translate>
'emailuser' => [
'emailuser' => [
'ip' => [ 5, 86400 ],
'ip' => [ 5, 86400 ],
Line 100: Line 219:
'user' => [ 4, 86400 ]
'user' => [ 4, 86400 ]
],
],
// since 1.33 - rate limit email confirmations
// <translate nowrap><!--T:79--> since 1.33 - rate limit email confirmations</translate>
'confirmemail' => [
'confirmemail' => [
'ip-all' => [ 10, 3600 ],
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
'user' => [ 4, 86400 ]
],
],
// <translate><!--T:35--> Purging pages</translate>
// <translate nowrap><!--T:80--> Purging pages</translate>
'purge' => [
'purge' => [
'ip' => [ 30, 60 ],
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
],
// <translate><!--T:19--> Purges of link tables</translate>
// <translate nowrap><!--T:81--> Purges of link tables</translate>
'linkpurge' => [
'linkpurge' => [
'ip' => [ 30, 60 ],
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
],
// <translate><!--T:20--> Files rendered via thumb.php or thumb_handler.php</translate>
// <translate nowrap><!--T:82--> Files rendered via <tvar name=1>thumb.php</tvar> or <tvar name=2>thumb_handler.php</tvar></translate>
'renderfile' => [
'renderfile' => [
'ip' => [ 700, 30 ],
'ip' => [ 700, 30 ],
'user' => [ 700, 30 ],
'user' => [ 700, 30 ],
],
],
// <translate><!--T:36--> Same as above but for non-standard thumbnails</translate>
// <translate nowrap><!--T:83--> Same as above but for non-standard thumbnails</translate>
'renderfile-nonstandard' => [
'renderfile-nonstandard' => [
'ip' => [ 70, 30 ],
'ip' => [ 70, 30 ],
'user' => [ 70, 30 ],
'user' => [ 70, 30 ],
],
],
// <translate><!--T:37--> Stashing edits into cache before save</translate>
// <translate nowrap><!--T:84--> Stashing edits into cache before save</translate>
'stashedit' => [
'stashedit' => [
'ip' => [ 30, 60 ],
'ip' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
],
],
// <translate><!--T:38--> Adding or removing change tags</translate>
// <translate nowrap><!--T:85--> Stash base HTML for VE edits</translate>
'stashbasehtml' => [
'ip' => [ 5, 60 ],
'newbie' => [ 5, 60 ],
],
// <translate nowrap><!--T:86--> Adding or removing change tags</translate>
'changetag' => [
'changetag' => [
'ip' => [ 8, 60 ],
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
],
// Changing the content model of a page
// <translate nowrap><!--T:87--> Changing the content model of a page</translate>
'editcontentmodel' => [
'editcontentmodel' => [
'newbie' => [ 2, 120 ],
'newbie' => [ 2, 120 ],
Line 143: Line 267:
</syntaxhighlight>
</syntaxhighlight>


{{MW version|version=1.34|version2=1.38}}
<translate>
<syntaxhighlight lang="php">
<!--T:39-->
$wgRateLimits = [
Extensions can provide additional keys for $wgRateLimit.</translate>
// <translate nowrap><!--T:88--> Page edits</translate>
<translate>
'edit' => [
<!--T:40-->
'ip' => [ 8, 60 ],
E.g. <tvar|ext>{{ll|Extension:ConfirmEdit}}</> provides a "badcaptcha" key, which allows to throttle users based on the number of wrong answers they have given to a captcha. An example might be:
'newbie' => [ 8, 60 ],
</translate>
'user' => [ 90, 60 ],
],
// <translate nowrap><!--T:89--> Page moves</translate>
'move' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
// <translate nowrap><!--T:90--> File uploads</translate>
'upload' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// <translate nowrap><!--T:91--> Page rollbacks</translate>
'rollback' => [
'user' => [ 10, 60 ],
'newbie' => [ 5, 120 ]
],
// <translate nowrap><!--T:92--> Triggering password resets emails</translate>
'mailpassword' => [
'ip' => [ 5, 3600 ],
],
// <translate nowrap><!--T:93--> Emailing other users using MediaWiki</translate>
'emailuser' => [
'ip' => [ 5, 86400 ],
'newbie' => [ 5, 86400 ],
'user' => [ 20, 86400 ],
],
'changeemail' => [
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
],
// <translate nowrap><!--T:94--> since 1.33 - rate limit email confirmations</translate>
'confirmemail' => [
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
],
// <translate nowrap><!--T:95--> Purging pages</translate>
'purge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// <translate nowrap><!--T:96--> Purges of link tables</translate>
'linkpurge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// <translate nowrap><!--T:97--> Files rendered via <tvar name=1>thumb.php</tvar> or <tvar name=2>thumb_handler.php</tvar></translate>
'renderfile' => [
'ip' => [ 700, 30 ],
'user' => [ 700, 30 ],
],
// <translate nowrap><!--T:98--> Same as above but for non-standard thumbnails</translate>
'renderfile-nonstandard' => [
'ip' => [ 70, 30 ],
'user' => [ 70, 30 ],
],
// <translate nowrap><!--T:99--> Stashing edits into cache before save</translate>
'stashedit' => [
'ip' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
],
// <translate nowrap><!--T:100--> Adding or removing change tags</translate>
'changetag' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// <translate nowrap><!--T:101--> Changing the content model of a page</translate>
'editcontentmodel' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
];
</syntaxhighlight>


{{collapse top}}
{{MW version|version=1.30|version2=1.33}}
<syntaxhighlight lang="php">
<syntaxhighlight lang="php">
$wgRateLimits['badcaptcha']['newbie'] = [ 100, 86400 ];
$wgRateLimits = [
// <translate nowrap><!--T:102--> Page edits</translate>
'edit' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
'user' => [ 90, 60 ],
],
// <translate nowrap><!--T:103--> Page moves</translate>
'move' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
// <translate nowrap><!--T:104--> File uploads</translate>
'upload' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// <translate nowrap><!--T:105--> Page rollbacks</translate>
'rollback' => [
'user' => [ 10, 60 ],
'newbie' => [ 5, 120 ]
],
// <translate nowrap><!--T:106--> Triggering password resets emails</translate>
'mailpassword' => [
'ip' => [ 5, 3600 ],
],
// <translate nowrap><!--T:107--> Emailing other users using MediaWiki</translate>
'emailuser' => [
'ip' => [ 5, 86400 ],
'newbie' => [ 5, 86400 ],
'user' => [ 20, 86400 ],
],
'changeemail' => [
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
],
// <translate nowrap><!--T:108--> Purging pages</translate>
'purge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// <translate nowrap><!--T:109--> Purges of link tables</translate>
'linkpurge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// <translate nowrap><!--T:110--> Files rendered via <tvar name=1>thumb.php</tvar> or <tvar name=2>thumb_handler.php</tvar></translate>
'renderfile' => [
'ip' => [ 700, 30 ],
'user' => [ 700, 30 ],
],
// <translate nowrap><!--T:111--> Same as above but for non-standard thumbnails</translate>
'renderfile-nonstandard' => [
'ip' => [ 70, 30 ],
'user' => [ 70, 30 ],
],
// <translate nowrap><!--T:112--> Stashing edits into cache before save</translate>
'stashedit' => [
'ip' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
],
// <translate nowrap><!--T:113--> Adding or removing change tags</translate>
'changetag' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// <translate nowrap><!--T:114--> Changing the content model of a page</translate>
'editcontentmodel' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
];
</syntaxhighlight>
</syntaxhighlight>


{{MW 1.29}}
<translate>
<syntaxhighlight lang="php">
<!--T:41-->
$wgRateLimits = [
This will allow newbie users not more than 100 wrong answers per day (86400 seconds).
// <translate nowrap><!--T:115--> Page edits</translate>
'edit' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
'user' => [ 90, 60 ],
],
// <translate nowrap><!--T:116--> Page moves</translate>
'move' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
// <translate nowrap><!--T:117--> File uploads</translate>
'upload' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// <translate nowrap><!--T:118--> Page rollbacks</translate>
'rollback' => [
'user' => [ 10, 60 ],
'newbie' => [ 5, 120 ]
],
// <translate nowrap><!--T:119--> Triggering password resets emails</translate>
'mailpassword' => [
'ip' => [ 5, 3600 ],
],
// <translate nowrap><!--T:120--> Emailing other users using MediaWiki</translate>
'emailuser' => [
'ip' => [ 5, 86400 ],
'newbie' => [ 5, 86400 ],
'user' => [ 20, 86400 ],
],
// <translate nowrap><!--T:121--> Purging pages</translate>
'purge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// <translate nowrap><!--T:122--> Purges of link tables</translate>
'linkpurge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// <translate nowrap><!--T:123--> Files rendered via <tvar name=1>thumb.php</tvar> or <tvar name=2>thumb_handler.php</tvar></translate>
'renderfile' => [
'ip' => [ 700, 30 ],
'user' => [ 700, 30 ],
],
// <translate nowrap><!--T:124--> Same as above but for non-standard thumbnails</translate>
'renderfile-nonstandard' => [
'ip' => [ 70, 30 ],
'user' => [ 70, 30 ],
],
// <translate nowrap><!--T:125--> Stashing edits into cache before save</translate>
'stashedit' => [
'ip' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
],
// <translate nowrap><!--T:126--> Adding or removing change tags</translate>
'changetag' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// <translate nowrap><!--T:127--> Changing the content model of a page</translate>
'editcontentmodel' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
];
</syntaxhighlight>


{{MW 1.28}}
<syntaxhighlight lang="php">
$wgRateLimits = [
// <translate nowrap><!--T:128--> Page edits</translate>
'edit' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// <translate nowrap><!--T:129--> Page moves</translate>
'move' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
// <translate nowrap><!--T:130--> File uploads</translate>
'upload' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// <translate nowrap><!--T:131--> Page rollbacks</translate>
'rollback' => [
'user' => [ 10, 60 ],
'newbie' => [ 5, 120 ]
],
// <translate nowrap><!--T:132--> Triggering password resets emails</translate>
'mailpassword' => [
'ip' => [ 5, 3600 ],
],
// <translate nowrap><!--T:133--> Emailing other users using MediaWiki</translate>
'emailuser' => [
'ip' => [ 5, 86400 ],
'newbie' => [ 5, 86400 ],
'user' => [ 20, 86400 ],
],
// <translate nowrap><!--T:134--> Purging pages</translate>
'purge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// <translate nowrap><!--T:135--> Purges of link tables</translate>
'linkpurge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// <translate nowrap><!--T:136--> Files rendered via <tvar name=1>thumb.php</tvar> or <tvar name=2>thumb_handler.php</tvar></translate>
'renderfile' => [
'ip' => [ 700, 30 ],
'user' => [ 700, 30 ],
],
// <translate nowrap><!--T:137--> Same as above but for non-standard thumbnails</translate>
'renderfile-nonstandard' => [
'ip' => [ 70, 30 ],
'user' => [ 70, 30 ],
],
// <translate nowrap><!--T:138--> Stashing edits into cache before save</translate>
'stashedit' => [
'ip' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
],
// <translate nowrap><!--T:139--> Adding or removing change tags</translate>
'changetag' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// <translate nowrap><!--T:140--> Changing the content model of a page</translate>
'editcontentmodel' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
];
</syntaxhighlight>

{{MW 1.27}}
<syntaxhighlight lang="php">
$wgRateLimits = [
// <translate nowrap><!--T:141--> Page edits</translate>
'edit' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
'user' => [ 90, 60 ],
],
// <translate nowrap><!--T:142--> Page moves</translate>
'move' => [
'newbie' => [ 2, 120 ],
'user' => [ 8, 60 ],
],
// <translate nowrap><!--T:143--> File uploads</translate>
'upload' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
// <translate nowrap><!--T:144--> Page rollbacks</translate>
'rollback' => [
'user' => [ 10, 60 ],
'newbie' => [ 5, 120 ]
],
// <translate nowrap><!--T:145--> Triggering password resets emails</translate>
'mailpassword' => [
'ip' => [ 5, 3600 ],
],
// <translate nowrap><!--T:146--> Emailing other users using MediaWiki</translate>
'emailuser' => [
'ip' => [ 5, 86400 ],
'newbie' => [ 5, 86400 ],
'user' => [ 20, 86400 ],
],
'changeemail' => [
'ip-all' => [ 10, 3600 ],
'user' => [ 4, 86400 ]
],
// <translate nowrap><!--T:147--> Purging pages</translate>
'purge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// <translate nowrap><!--T:148--> Purges of link tables</translate>
'linkpurge' => [
'ip' => [ 30, 60 ],
'user' => [ 30, 60 ],
],
// <translate nowrap><!--T:149--> Files rendered via <tvar name=1>thumb.php</tvar> or <tvar name=2>thumb_handler.php</tvar></translate>
'renderfile' => [
'ip' => [ 700, 30 ],
'user' => [ 700, 30 ],
],
// <translate nowrap><!--T:150--> Same as above but for non-standard thumbnails</translate>
'renderfile-nonstandard' => [
'ip' => [ 70, 30 ],
'user' => [ 70, 30 ],
],
// <translate nowrap><!--T:151--> Stashing edits into cache before save</translate>
'stashedit' => [
'ip' => [ 30, 60 ],
'newbie' => [ 30, 60 ],
],
// <translate nowrap><!--T:152--> Adding or removing change tags</translate>
'changetag' => [
'ip' => [ 8, 60 ],
'newbie' => [ 8, 60 ],
],
];
</syntaxhighlight>

{{MW version|version=1.25|version2=1.26}}
<syntaxhighlight lang="php">
$wgRateLimits = array(
'edit' => array(
'anon' => null, // <translate nowrap><!--T:153--> for any and all anonymous edits (aggregate)</translate>
'user' => null, // <translate nowrap><!--T:154--> for each logged-in user</translate>
'newbie' => null, // <translate nowrap><!--T:155--> for each recent (autoconfirmed) account; overrides 'user'</translate>
'ip' => null, // <translate nowrap><!--T:156--> for each anon and recent account</translate>
'subnet' => null, // <translate nowrap><!--T:157--> ... within a /24 subnet in IPv4 or /64 in IPv6</translate>
),
'upload' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'move' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'mailpassword' => array( // <translate nowrap><!--T:158--> triggering password resets emails</translate>
'anon' => null,
),
'emailuser' => array( // <translate nowrap><!--T:159--> emailing other users using MediaWiki</translate>
'user' => null,
),
'linkpurge' => array( // <translate nowrap><!--T:160--> purges of link tables</translate>
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'renderfile' => array( // <translate nowrap><!--T:161--> files rendered via <tvar name=1>thumb.php</tvar> or <tvar name=2>thumb_handler.php</tvar></translate>
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'renderfile-nonstandard' => array( // <translate nowrap><!--T:162--> same as above but for non-standard thumbnails</translate>
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'stashedit' => array( // <translate nowrap><!--T:163--> stashing edits into cache before save</translate>
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'changetag' => array( // <translate nowrap><!--T:164--> adding or removing change tags</translate>
'user' => null,
'newbie' => null,
),
);
</syntaxhighlight>

{{MW 1.24}}
<syntaxhighlight lang="php">
$wgRateLimits = array(
'edit' => array(
'anon' => null, // <translate nowrap><!--T:165--> for any and all anonymous edits (aggregate)</translate>
'user' => null, // <translate nowrap><!--T:166--> for each logged-in user</translate>
'newbie' => null, // <translate nowrap><!--T:167--> for each recent (autoconfirmed) account; overrides 'user'</translate>
'ip' => null, // <translate nowrap><!--T:168--> for each anon and recent account</translate>
'subnet' => null, // <translate nowrap><!--T:169--> ... within a /24 subnet in IPv4 or /64 in IPv6</translate>
),
'upload' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'move' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'mailpassword' => array( // <translate nowrap><!--T:170--> triggering password resets emails</translate>
'anon' => null,
),
'emailuser' => array( // <translate nowrap><!--T:171--> emailing other users using MediaWiki</translate>
'user' => null,
),
'linkpurge' => array( // <translate nowrap><!--T:172--> purges of link tables</translate>
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'renderfile' => array( // <translate nowrap><!--T:173--> files rendered via <tvar name=1>thumb.php</tvar> or <tvar name=2>thumb_handler.php</tvar></translate>
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'renderfile-nonstandard' => array( // <translate nowrap><!--T:174--> same as above but for non-standard thumbnails</translate>
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
);
</syntaxhighlight>

{{MW 1.23}}
<syntaxhighlight lang="php">
$wgRateLimits = array(
'edit' => array(
'anon' => null, // <translate nowrap><!--T:175--> for any and all anonymous edits (aggregate)</translate>
'user' => null, // <translate nowrap><!--T:176--> for each logged-in user</translate>
'newbie' => null, // <translate nowrap><!--T:177--> for each recent (autoconfirmed) account; overrides 'user'</translate>
'ip' => null, // <translate nowrap><!--T:178--> for each anon and recent account</translate>
'subnet' => null, // <translate nowrap><!--T:179--> ... within a /24 subnet in IPv4 or /64 in IPv6</translate>
),
'upload' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'move' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'mailpassword' => array( // <translate nowrap><!--T:180--> triggering password resets emails</translate>
'anon' => null,
),
'emailuser' => array( // <translate nowrap><!--T:181--> emailing other users using MediaWiki</translate>
'user' => null,
),
'linkpurge' => array( // <translate nowrap><!--T:182--> purges of link tables</translate>
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'renderfile' => array( // <translate nowrap><!--T:183--> files rendered via <tvar name=1>thumb.php</tvar> or <tvar name=2>thumb_handler.php</tvar></translate>
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
);
</syntaxhighlight>

{{MW 1.22}}
<syntaxhighlight lang="php">
$wgRateLimits = array(
'edit' => array(
'anon' => null, // <translate nowrap><!--T:184--> for any and all anonymous edits (aggregate)</translate>
'user' => null, // <translate nowrap><!--T:185--> for each logged-in user</translate>
'newbie' => null, // <translate nowrap><!--T:186--> for each recent (autoconfirmed) account; overrides 'user'</translate>
'ip' => null, // <translate nowrap><!--T:187--> for each anon and recent account</translate>
'subnet' => null, // <translate nowrap><!--T:188-->
... within a /24 subnet in IPv4 or /64 in IPv6
),</translate>
'move' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'mailpassword' => array( // <translate nowrap><!--T:189--> triggering password resets emails</translate>
'anon' => null,
),
'emailuser' => array( // <translate nowrap><!--T:190--> emailing other users using MediaWiki</translate>
'user' => null,
),
'linkpurge' => array( // <translate nowrap><!--T:191--> purges of link tables</translate>
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'renderfile' => array( // <translate nowrap><!--T:192--> files rendered via <tvar name=1>thumb.php</tvar> or <tvar name=2>thumb_handler.php</tvar></translate>
'anon' => null,
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
);
</syntaxhighlight>

{{MW version|version=1.10|version2=1.21}}
<syntaxhighlight lang="php">
$wgRateLimits = array(
'edit' => array(
'anon' => null, // <translate nowrap><!--T:193--> for any and all anonymous edits (aggregate)</translate>
'user' => null, // <translate nowrap><!--T:194--> for each logged-in user</translate>
'newbie' => null, // <translate nowrap><!--T:195--> for each recent (autoconfirmed) account; overrides 'user'</translate>
'ip' => null, // <translate nowrap><!--T:196--> for each anon and recent account</translate>
'subnet' => null, // <translate nowrap><!--T:197--> ... with final octet removed</translate>
),
'move' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'mailpassword' => array(
'anon' => null,
),
'emailuser' => array(
'user' => null,
),
);
</syntaxhighlight>

{{MW version|version=1.7|version2=1.9}}
<syntaxhighlight lang="php">
$wgRateLimits = array(
'edit' => array(
'anon' => null, // <translate nowrap><!--T:198--> for any and all anonymous edits (aggregate)</translate>
'user' => null, // <translate nowrap><!--T:199--> for each logged-in user</translate>
'newbie' => null, // <translate nowrap><!--T:200--> for each recent account; overrides 'user'</translate>
'ip' => null, // <translate nowrap><!--T:201--> for each anon and recent account</translate>
'subnet' => null, // <translate nowrap><!--T:202--> ... with final octet removed</translate>
),
'move' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
'mailpassword' => array(
'anon' => NULL,
),
);
</syntaxhighlight>
{{collapse bottom}}

{{MW version|version=1.4|version2=1.6}}
<syntaxhighlight lang="php">
$wgRateLimits = array(
'edit' => array(
'anon' => null, // <translate nowrap><!--T:203--> for any and all anonymous edits (aggregate)</translate>
'user' => null, // <translate nowrap><!--T:204--> for each logged-in user</translate>
'newbie' => null, // <translate nowrap><!--T:205--> for each recent account; overrides 'user'</translate>
'ip' => null, // <translate nowrap><!--T:206--> for each anon and recent account</translate>
'subnet' => null, // <translate nowrap><!--T:207--> ... with final octet removed</translate>
),
'move' => array(
'user' => null,
'newbie' => null,
'ip' => null,
'subnet' => null,
),
);
</syntaxhighlight>

<translate>
==Version differences== <!--T:21-->
==Version differences== <!--T:21-->


Line 171: Line 919:
<translate>
<translate>
<!--T:25-->
<!--T:25-->
* The 'renderfile' array was added in MediaWiki 1.22.0.
* The 'renderfile' array was added in MediaWiki 1.22.0.</translate>


<translate>
==See also== <!--T:26-->
==See also== <!--T:26-->
</translate>
</translate>
* {{ll|Manual:Edit throttling}}
* {{ll|Manual:Edit throttling}}
* {{ll|Manual:$wgDebugLogGroups|$wgDebugLogGroups}}
* {{ll|Manual:$wgDebugLogGroups|$wgDebugLogGroups}}
* <translate><!--T:27--> <tvar|noratelimit>''noratelimit''</> [[<tvar|man>Special:MyLanguage/Manual:User rights</>|user right]]</translate>
* <translate><!--T:27--> <tvar name=noratelimit>''noratelimit''</tvar> [[<tvar name=man>Special:MyLanguage/Manual:User rights</tvar>|user right]]</translate>
* {{ll|Manual:$wgAccountCreationThrottle|$wgAccountCreationThrottle}}
* {{ll|Manual:$wgAccountCreationThrottle|$wgAccountCreationThrottle}}
* {{ll|Manual:$wgPasswordAttemptThrottle|$wgPasswordAttemptThrottle}}
* {{ll|Extension:ThrottleOverride}}
* {{ll|Extension:ThrottleOverride}}


Latest revision as of 07:04, 6 September 2024

Languages:
User rights, access control and monitoring: $wgRateLimits
Simple rate limiter options to brake edit floods.
Introduced in version:1.4.5
Removed in version:Still in use
Allowed values:Unspecified
Default value:see below
Other settings: Alphabetical | By function

Details

[edit]
Warning Warning: $wgMainCacheType must be set to a value other than CACHE_NONE for rate limits to be enabled at all. It's CACHE_NONE by default, so if it's left at that, anything documented below will not work as expected.

This setting provides a simple rate limiter to brake floods of edits and other potentially destructive behavior, like sending out emails to other users. It sets a maximum number of actions allowed in the given number of seconds; after that, the violating client receives HTTP 429 error page or other error message until the period elapses. Note that limits are generally counted per site, but some of the special limits are aggregated across all sites in a wiki farm, e.g. all Wikimedia wikis. To check if a rate limit has been exceeded, use the User::pingLimiter() function.

The general syntax is: 

$wgRateLimits['<action>']['<usergroup>'] = [ <maximum number of action>, <timespan in second> ];

There are some special additional limits:

  • anon - applies to unregistered users only, and applies by action and IP.
  • user - applies to registered users only, and applies by action and user.
  • user-global - (since 1.35) applies by action and registered user, counted across sites.
  • newbie - applies to unregistered, temporary and "newbie" users, and applies by action and user.
  • ip - applies to both unregistered and "newbie" users (i.e. users without the autoconfirmed user right), and will limit total number of action from one IP regardless of specific users. This will be enforced in addition to other limits, and is counted across sites.
  • subnet - applies to both unregistered and "newbie" users, and will limit total number of action from the /24 (for IPv4) or /64 (for IPv6) range of IP. This will be enforced in addition to other limits, and is counted across sites.
  • ip-all - applies to all users other than those whose user-specific limit (see below) is more permissive, and will limit total number of action from one IP regardless of specific users. This will be enforced in addition to other limits, and is counted across sites.
  • subnet-all - applies to all users other than those whose user-specific limit is more permissive, and will limit total number of action from /24 or /64 range. This will be enforced in addition to other limits, and is counted across sites.

If there are multiple limit defined, the user-specific limit is defined as:

  • newbie - if the user is a "newbie", or
  • The most permissive (i.e. with the highest action/timespan ratio) of user limit and all applicable user group limits of the user, or
  • anon - for unregistered users.

All user groups defined in $wgAutopromote (for example, autoconfirmed) will not be checked unless you explicitly assigned the user group to a specific user.

For example, to set a maximum of 4 edits per 60 seconds for "newbie" (i.e. non-autoconfirmed) users, add the following: 

$wgRateLimits['edit']['newbie'] = [ 4, 60 ];
If you have many newbies using the same IP address, they all aggregate in the same count for the ip limit. This might have wanted and unwanted effects. If you for example have a code sprint with a huge number of (legitimate) new users, they might hit the IP limit rather quickly, which might be unwanted. On the other hand, spammers who use several different accounts from the same IP address will hit it as well, which will be wanted.

By setting $wgRateLimits['anAction']['&can-bypass'] = false; the limitations for a specific action can be marked as not skippable. If that is set, neither the noratelimit user right nor the $wgRateLimitsExcludedIPs setting have any effect for that action.

Extensions can provide additional keys for $wgRateLimit. E.g. Extension:ConfirmEdit provides a "badcaptcha" key, which allows to throttle users based on the number of wrong answers they have given to a captcha. An example might be: 

$wgRateLimits['badcaptcha']['newbie'] = [ 100, 86400 ];

This will allow newbie users not more than 100 wrong answers per day (86400 seconds).

Rate limit message

[edit]

After reaching the rate limit, either of two things will happen. For purges, the purge dialogue will disappear. For edits or rollbacks, editors will see the following message:

Action throttled

[edit]

As an anti-abuse measure, you are limited from performing this action too many times in a short space of time, and you have exceeded this limit. Please try again in a few minutes.

This message can be modified by editing MediaWiki:Actionthrottled and MediaWiki:Actionthrottledtext.

Default value

[edit]
MediaWiki version:
1.41
 
$wgRateLimits = [
	// Page edits
	'edit' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
		'user' => [ 90, 60 ],
	],
	// Page moves
	'move' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
	// File uploads
	'upload' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Page rollbacks
	'rollback' => [
		'user' => [ 10, 60 ],
		'newbie' => [ 5, 120 ]
	],
	// Triggering password resets emails
	'mailpassword' => [
		'ip' => [ 5, 3600 ],
	],
	// Emailing other users using MediaWiki
	'sendemail' => [
		'ip' => [ 5, 86400 ],
		'newbie' => [ 5, 86400 ],
		'user' => [ 20, 86400 ],
	],
	'changeemail' => [
		'ip-all' => [ 10, 3600 ],
		'user' => [ 4, 86400 ]
	],
	// since 1.33 - rate limit email confirmations
	'confirmemail' => [
		'ip-all' => [ 10, 3600 ],
		'user' => [ 4, 86400 ]
	],
	// Purging pages
	'purge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Purges of link tables
	'linkpurge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Files rendered via thumb.php or thumb_handler.php
	'renderfile' => [
		'ip' => [ 700, 30 ],
		'user' => [ 700, 30 ],
	],
	// Same as above but for non-standard thumbnails
	'renderfile-nonstandard' => [
		'ip' => [ 70, 30 ],
		'user' => [ 70, 30 ],
	],
	// Stashing edits into cache before save
	'stashedit' => [
		'ip' => [ 30, 60 ],
		'newbie' => [ 30, 60 ],
	],
	// Stash base HTML for VE edits
	'stashbasehtml' => [
		'ip' => [ 5, 60 ],
		'newbie' => [ 5, 60 ],
	],
	// Adding or removing change tags
	'changetags' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Changing the content model of a page
	'editcontentmodel' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
];
MediaWiki versions:
1.39 – 1.40
Gerrit change 805091		 
$wgRateLimits = [
	// Page edits
	'edit' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
		'user' => [ 90, 60 ],
	],
	// Page moves
	'move' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
	// File uploads
	'upload' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Page rollbacks
	'rollback' => [
		'user' => [ 10, 60 ],
		'newbie' => [ 5, 120 ]
	],
	// Triggering password resets emails
	'mailpassword' => [
		'ip' => [ 5, 3600 ],
	],
	// Emailing other users using MediaWiki
	'emailuser' => [
		'ip' => [ 5, 86400 ],
		'newbie' => [ 5, 86400 ],
		'user' => [ 20, 86400 ],
	],
	'changeemail' => [
		'ip-all' => [ 10, 3600 ],
		'user' => [ 4, 86400 ]
	],
	// since 1.33 - rate limit email confirmations
	'confirmemail' => [
		'ip-all' => [ 10, 3600 ],
		'user' => [ 4, 86400 ]
	],
	// Purging pages
	'purge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Purges of link tables
	'linkpurge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Files rendered via thumb.php or thumb_handler.php
	'renderfile' => [
		'ip' => [ 700, 30 ],
		'user' => [ 700, 30 ],
	],
	// Same as above but for non-standard thumbnails
	'renderfile-nonstandard' => [
		'ip' => [ 70, 30 ],
		'user' => [ 70, 30 ],
	],
	// Stashing edits into cache before save
	'stashedit' => [
		'ip' => [ 30, 60 ],
		'newbie' => [ 30, 60 ],
	],
	// Stash base HTML for VE edits
	'stashbasehtml' => [
		'ip' => [ 5, 60 ],
		'newbie' => [ 5, 60 ],
	],
	// Adding or removing change tags
	'changetag' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Changing the content model of a page
	'editcontentmodel' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
];
MediaWiki versions:
1.34 – 1.38
 
$wgRateLimits = [
	// Page edits
	'edit' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
		'user' => [ 90, 60 ],
	],
	// Page moves
	'move' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
	// File uploads
	'upload' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Page rollbacks
	'rollback' => [
		'user' => [ 10, 60 ],
		'newbie' => [ 5, 120 ]
	],
	// Triggering password resets emails
	'mailpassword' => [
		'ip' => [ 5, 3600 ],
	],
	// Emailing other users using MediaWiki
	'emailuser' => [
		'ip' => [ 5, 86400 ],
		'newbie' => [ 5, 86400 ],
		'user' => [ 20, 86400 ],
	],
	'changeemail' => [
		'ip-all' => [ 10, 3600 ],
		'user' => [ 4, 86400 ]
	],
	// since 1.33 - rate limit email confirmations
	'confirmemail' => [
		'ip-all' => [ 10, 3600 ],
		'user' => [ 4, 86400 ]
	],
	// Purging pages
	'purge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Purges of link tables
	'linkpurge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Files rendered via thumb.php or thumb_handler.php
	'renderfile' => [
		'ip' => [ 700, 30 ],
		'user' => [ 700, 30 ],
	],
	// Same as above but for non-standard thumbnails
	'renderfile-nonstandard' => [
		'ip' => [ 70, 30 ],
		'user' => [ 70, 30 ],
	],
	// Stashing edits into cache before save
	'stashedit' => [
		'ip' => [ 30, 60 ],
		'newbie' => [ 30, 60 ],
	],
	// Adding or removing change tags
	'changetag' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Changing the content model of a page
	'editcontentmodel' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
];
Extended content
MediaWiki versions:
1.30 – 1.33
 
$wgRateLimits = [
	// Page edits
	'edit' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
		'user' => [ 90, 60 ],
	],
	// Page moves
	'move' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
	// File uploads
	'upload' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Page rollbacks
	'rollback' => [
		'user' => [ 10, 60 ],
		'newbie' => [ 5, 120 ]
	],
	// Triggering password resets emails
	'mailpassword' => [
		'ip' => [ 5, 3600 ],
	],
	// Emailing other users using MediaWiki
	'emailuser' => [
		'ip' => [ 5, 86400 ],
		'newbie' => [ 5, 86400 ],
		'user' => [ 20, 86400 ],
	],
	'changeemail' => [
		'ip-all' => [ 10, 3600 ],
		'user' => [ 4, 86400 ]
	],
	// Purging pages
	'purge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Purges of link tables
	'linkpurge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Files rendered via thumb.php or thumb_handler.php
	'renderfile' => [
		'ip' => [ 700, 30 ],
		'user' => [ 700, 30 ],
	],
	// Same as above but for non-standard thumbnails
	'renderfile-nonstandard' => [
		'ip' => [ 70, 30 ],
		'user' => [ 70, 30 ],
	],
	// Stashing edits into cache before save
	'stashedit' => [
		'ip' => [ 30, 60 ],
		'newbie' => [ 30, 60 ],
	],
	// Adding or removing change tags
	'changetag' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Changing the content model of a page
	'editcontentmodel' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
];
MediaWiki version:
1.29
 
$wgRateLimits = [
	// Page edits
	'edit' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
		'user' => [ 90, 60 ],
	],
	// Page moves
	'move' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
	// File uploads
	'upload' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Page rollbacks
	'rollback' => [
		'user' => [ 10, 60 ],
		'newbie' => [ 5, 120 ]
	],
	// Triggering password resets emails
	'mailpassword' => [
		'ip' => [ 5, 3600 ],
	],
	// Emailing other users using MediaWiki
	'emailuser' => [
		'ip' => [ 5, 86400 ],
		'newbie' => [ 5, 86400 ],
		'user' => [ 20, 86400 ],
	],
	// Purging pages
	'purge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Purges of link tables
	'linkpurge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Files rendered via thumb.php or thumb_handler.php
	'renderfile' => [
		'ip' => [ 700, 30 ],
		'user' => [ 700, 30 ],
	],
	// Same as above but for non-standard thumbnails
	'renderfile-nonstandard' => [
		'ip' => [ 70, 30 ],
		'user' => [ 70, 30 ],
	],
	// Stashing edits into cache before save
	'stashedit' => [
		'ip' => [ 30, 60 ],
		'newbie' => [ 30, 60 ],
	],
	// Adding or removing change tags
	'changetag' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Changing the content model of a page
	'editcontentmodel' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
];
MediaWiki version:
1.28
 
$wgRateLimits = [
	// Page edits
	'edit' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Page moves
	'move' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
	// File uploads
	'upload' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Page rollbacks
	'rollback' => [
		'user' => [ 10, 60 ],
		'newbie' => [ 5, 120 ]
	],
	// Triggering password resets emails
	'mailpassword' => [
		'ip' => [ 5, 3600 ],
	],
	// Emailing other users using MediaWiki
	'emailuser' => [
		'ip' => [ 5, 86400 ],
		'newbie' => [ 5, 86400 ],
		'user' => [ 20, 86400 ],
	],
	// Purging pages
	'purge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Purges of link tables
	'linkpurge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Files rendered via thumb.php or thumb_handler.php
	'renderfile' => [
		'ip' => [ 700, 30 ],
		'user' => [ 700, 30 ],
	],
	// Same as above but for non-standard thumbnails
	'renderfile-nonstandard' => [
		'ip' => [ 70, 30 ],
		'user' => [ 70, 30 ],
	],
	// Stashing edits into cache before save
	'stashedit' => [
		'ip' => [ 30, 60 ],
		'newbie' => [ 30, 60 ],
	],
	// Adding or removing change tags
	'changetag' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Changing the content model of a page
	'editcontentmodel' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
];
MediaWiki version:
1.27
 
$wgRateLimits = [
	// Page edits
	'edit' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
		'user' => [ 90, 60 ],
	],
	// Page moves
	'move' => [
		'newbie' => [ 2, 120 ],
		'user' => [ 8, 60 ],
	],
	// File uploads
	'upload' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
	// Page rollbacks
	'rollback' => [
		'user' => [ 10, 60 ],
		'newbie' => [ 5, 120 ]
	],
	// Triggering password resets emails
	'mailpassword' => [
		'ip' => [ 5, 3600 ],
	],
	// Emailing other users using MediaWiki
	'emailuser' => [
		'ip' => [ 5, 86400 ],
		'newbie' => [ 5, 86400 ],
		'user' => [ 20, 86400 ],
	],
	'changeemail' => [
		'ip-all' => [ 10, 3600 ],
		'user' => [ 4, 86400 ]
	],
	// Purging pages
	'purge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Purges of link tables
	'linkpurge' => [
		'ip' => [ 30, 60 ],
		'user' => [ 30, 60 ],
	],
	// Files rendered via thumb.php or thumb_handler.php
	'renderfile' => [
		'ip' => [ 700, 30 ],
		'user' => [ 700, 30 ],
	],
	// Same as above but for non-standard thumbnails
	'renderfile-nonstandard' => [
		'ip' => [ 70, 30 ],
		'user' => [ 70, 30 ],
	],
	// Stashing edits into cache before save
	'stashedit' => [
		'ip' => [ 30, 60 ],
		'newbie' => [ 30, 60 ],
	],
	// Adding or removing change tags
	'changetag' => [
		'ip' => [ 8, 60 ],
		'newbie' => [ 8, 60 ],
	],
];
MediaWiki versions:
1.25 – 1.26
 
$wgRateLimits = array(
	'edit' => array(
		'anon' => null, // for any and all anonymous edits (aggregate)
		'user' => null, // for each logged-in user
		'newbie' => null, // for each recent (autoconfirmed) account; overrides 'user'
		'ip' => null, // for each anon and recent account
		'subnet' => null, // ... within a /24 subnet in IPv4 or /64 in IPv6
	),
	'upload' => array(
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'move' => array(
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'mailpassword' => array( // triggering password resets emails
		'anon' => null,
	),
	'emailuser' => array( // emailing other users using MediaWiki
		'user' => null,
	),
	'linkpurge' => array( // purges of link tables
		'anon' => null,
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'renderfile' => array( // files rendered via thumb.php or thumb_handler.php
		'anon' => null,
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'renderfile-nonstandard' => array( // same as above but for non-standard thumbnails
		'anon' => null,
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'stashedit' => array( // stashing edits into cache before save
		'anon' => null,
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'changetag' => array( // adding or removing change tags
		'user' => null,
		'newbie' => null,
	),
);
MediaWiki version:
1.24
 
$wgRateLimits = array(
	'edit' => array(
		'anon' => null, // for any and all anonymous edits (aggregate)
		'user' => null, // for each logged-in user
		'newbie' => null, // for each recent (autoconfirmed) account; overrides 'user'
		'ip' => null, // for each anon and recent account
		'subnet' => null, // ... within a /24 subnet in IPv4 or /64 in IPv6
	),
	'upload' => array(
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'move' => array(
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'mailpassword' => array( // triggering password resets emails
		'anon' => null,
	),
	'emailuser' => array( // emailing other users using MediaWiki
		'user' => null,
	),
	'linkpurge' => array( // purges of link tables
		'anon' => null,
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'renderfile' => array( // files rendered via thumb.php or thumb_handler.php
		'anon' => null,
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'renderfile-nonstandard' => array( // same as above but for non-standard thumbnails
		'anon' => null,
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
);
MediaWiki version:
1.23
 
$wgRateLimits = array(
	'edit' => array(
		'anon' => null, // for any and all anonymous edits (aggregate)
		'user' => null, // for each logged-in user
		'newbie' => null, // for each recent (autoconfirmed) account; overrides 'user'
		'ip' => null, // for each anon and recent account
		'subnet' => null, // ... within a /24 subnet in IPv4 or /64 in IPv6
	),
	'upload' => array(
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'move' => array(
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'mailpassword' => array( // triggering password resets emails
		'anon' => null,
	),
	'emailuser' => array( // emailing other users using MediaWiki
		'user' => null,
	),
	'linkpurge' => array( // purges of link tables
		'anon' => null,
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'renderfile' => array( // files rendered via thumb.php or thumb_handler.php
		'anon' => null,
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
);
MediaWiki version:
1.22
 
$wgRateLimits = array(
	'edit' => array(
		'anon' => null, // for any and all anonymous edits (aggregate)
		'user' => null, // for each logged-in user
		'newbie' => null, // for each recent (autoconfirmed) account; overrides 'user'
		'ip' => null, // for each anon and recent account
		'subnet' => null, // ... within a /24 subnet in IPv4 or /64 in IPv6
	),
	'move' => array(
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'mailpassword' => array( // triggering password resets emails
		'anon' => null,
	),
	'emailuser' => array( // emailing other users using MediaWiki
		'user' => null,
	),
	'linkpurge' => array( // purges of link tables
		'anon' => null,
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'renderfile' => array( // files rendered via thumb.php or thumb_handler.php
		'anon' => null,
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
);
MediaWiki versions:
1.10 – 1.21
 
$wgRateLimits = array(
	'edit' => array(
		'anon' => null, // for any and all anonymous edits (aggregate)
		'user' => null, // for each logged-in user
		'newbie' => null, // for each recent (autoconfirmed) account; overrides 'user'
		'ip' => null, // for each anon and recent account
		'subnet' => null, // ... with final octet removed
	),
	'move' => array(
		'user' => null,
		'newbie' => null,
		'ip' => null,
		'subnet' => null,
	),
	'mailpassword' => array(
		'anon' => null,
	),
	'emailuser' => array(
		'user' => null,
	),
);
MediaWiki versions:
1.7 – 1.9
 
$wgRateLimits = array(
	'edit' => array(
		'anon'   => null, // for any and all anonymous edits (aggregate)
		'user'   => null, // for each logged-in user
		'newbie' => null, // for each recent account; overrides 'user'
		'ip'     => null, // for each anon and recent account
		'subnet' => null, // ... with final octet removed
		),
	'move' => array(
		'user'   => null,
		'newbie' => null,
		'ip'     => null,
		'subnet' => null,
		),
	'mailpassword' => array(
		'anon' => NULL,
		),
	);
MediaWiki versions:
1.4 – 1.6
 
$wgRateLimits = array(
	'edit' => array(
		'anon'   => null, // for any and all anonymous edits (aggregate)
		'user'   => null, // for each logged-in user
		'newbie' => null, // for each recent account; overrides 'user'
		'ip'     => null, // for each anon and recent account
		'subnet' => null, // ... with final octet removed
		),
	'move' => array(
		'user'   => null,
		'newbie' => null,
		'ip'     => null,
		'subnet' => null,
		),
	);

Version differences

[edit]
  • The 'mailpassword' array was added in MediaWiki 1.7.0.
  • The 'emailuser' array was added in MediaWiki 1.10.0.
  • The 'linkpurge' array was added in MediaWiki 1.22.0.
  • The 'renderfile' array was added in MediaWiki 1.22.0.

See also

[edit]
Retrieved from "https://www.mediawiki.org/w/index.php?title=Manual:$wgRateLimits&oldid=6740286"