CrowdSec Extension

This extension is does a job for CrowdSec bouncer for mediawiki.

Note

This extension is highly experimental. Use at your own risk.

There's no challenge method. You can block the 'captcha' type using $wgCrowdSecTreatTypesAsBan.
- Recommended to use with ConfirmEdit. It blocks some kind of things.
This extension is tested on Mediawiki 1.39. but it may work with lower version of Mediawiki too.

Configuration

in LocalSettings.php

wfLoadExtension( 'CrowdSec' ); // Load Extension

$wgCrowdSecEnable = true; // Set false to disable

$wgCrowdSecAPIUrl = "http://localhost:8080"; // your crowdsec lapi address
$wgCrowdSecAPIKey = ""; // !mandatory! Set your bouncer key from cscli. eg. `cscli bouncers add mediawiki-bouncer`

$wgCrowdSecCache = true; // Recommended to use this for perfomance.
$wgCrowdSecCacheTTL = 604800; // Cache TTL. In seconds. Default to 7 days but it's nice to set 2 hours if can handle it. (2 hours is default CAPI pull interval)

$wgCrowdSecFallbackBan = false; // If LAPI request failed, `true` will block all user. Not recommended to set `true`.
$wgCrowdSecRestrictRead = false; // Use at your own risk. This will block the site at all who listed on CrowdSec
$wgCrowdSecTreatTypesAsBan = []; // Use at your own risk. Since there's no challenge integration, `captcha` will be passed too(Use ConfirmEdit instead). If you want to block `captcha` type user, then add `"captcha"` to this array.

$wgCrowdSecReportOnly = false; // This Doesn't block the user. for debug purpose.

// Debug purpose
#$wgDebugLogGroups['CrowdSec'] = '/var/log/mediawiki/crowdsec.log'; // Hooks
#$wgDebugLogGroups['CrowdSecLocalAPI'] = '/var/log/mediawiki/crowdsec.log'; // LAPIClient

You should setup CrowdSec and CrowdSec LAPI, Configurations too. Also highly recommend to register CAPI(Central API) for pull blocklist from central.

User rights

crowdsec-bypass: allows users to bypass crowdsec check.

AbuseFilter

There's AbuseFilter integration. The variable crowdsec_blocked is representing...

false: LAPI Request was failed. or failed to get user ip.
ok: This user is ok to process.
ban: This user is reported for "ban" from LAPI.
... and various (custom) types via CrowdSec. including captcha.

Thanks

main method for block user is based on StopForumSpam Extension.
Cache method is based on AWS Extension
CrowdSec itself.

Development setup

install nodejs, npm, and PHP composer
change to the extension's directory
npm install
composer install

Name		Name	Last commit message	Last commit date
Latest commit History 27 Commits
.github/workflows		.github/workflows
i18n		i18n
src		src
tests		tests
.eslintrc.json		.eslintrc.json
.gitignore		.gitignore
.gitreview		.gitreview
.phpcs.xml		.phpcs.xml
.stylelintrc.json		.stylelintrc.json
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
COPYING		COPYING
Gruntfile.js		Gruntfile.js
README.md		README.md
composer.json		composer.json
extension.json		extension.json
package-lock.json		package-lock.json
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CrowdSec Extension

Note

This extension is highly experimental. Use at your own risk.

Configuration

User rights

AbuseFilter

Thanks

Development setup

About

Releases

Languages

License

ShinyColorsWiki/mediawiki-extensions-crowdsec

Folders and files

Latest commit

History

Repository files navigation

CrowdSec Extension

Note

This extension is highly experimental. Use at your own risk.

Configuration

User rights

AbuseFilter

Thanks

Development setup

About

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

Languages