Jump to content
  • 0
gaon12

How to limit the number of edits per user per day

Question

There has been an incident where a malicious subject has corrupted almost all documents. We recovered the currently corrupted document. So I want to make sure that I can edit or create only one document per user per day. Certain users (or groups) and administrators do not want to restrict editing. What should I do?

Share this post


Link to post
Share on other sites

1 answer to this question

Recommended Posts

  • 0
  1. Block the offending user(s). If your wiki is open for anyone on the internet to register accounts, keep in mind that many vandals are quite persistent and will come back ("evading the block") to bother you again.
  2. Look into the guide on combating vandalism. It contains a number of extensions and configuration parameters that can be used to detect and outright prevent some behaviors.
  3. Determine a solution suitable for your community. Perhaps you rate-limit new accounts to 1 edit per 5 minutes until they've reached a certain time and/or edit threshold ("autoconfirmed"). Perhaps you run bots that patrol for bad actors and send out notifications for humans to look at before things get too out of hand. The exact solution is not a one-size-fits-all sort of thing and depends largely on your community and what you want the wiki to achieve.
  4. Increase monitoring of RecentChanges so that similar events can be caught more quickly in the future and the offending user blocked before they cause massive damage.
  5. Ensure you have scheduled backups of the wiki database, so that in a worst-case scenario type of thing you can roll back to a known-good backup.

A large benefit of MediaWiki is that pretty much every action a user can take can be reverted. It's a time-consuming process to revert hundreds of edits manually (bots, extensions, and maintenance scripts can help with this), but it's doable. The amount of attention this requires may be beyond the capabilities of some small wikis, however. Those wikis may find it easier or better to implement measures that block or restrict bad behavior up front (even if it has a chance of affecting legitimate users as well) simply due to the resources needed to quickly patrol everything shortly after it happens are nonexistent. The end solution is largely up to you, however. See the link I gave for some tips on tools you can use that may help.

  • Thanks 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.