lucamauri/wiki2ban

Allow the transport of page content to GitHub on page save

dev-master 2021-04-11 08:35 UTC

This package is auto-updated.

Last update: 2021-11-11 09:57:04 UTC


README

StyleCI Latest Stable Version Total Downloads Latest Unstable Version License Monthly Downloads Daily Downloads composer.lock Average time to resolve an issue Percentage of issues still open

Wiki2Ban

68747470733a2f2f75706c6f61642e77696b696d656469612e6f72672f77696b6970656469612f636f6d6d6f6e732f632f63652f5732424c6f676f2e737667Wiki2Ban, W2B in short, is a MediaWiki extension to generate log of failed authentication that can be fed into Fail2Ban to block relevant IP addresses.

This extension is inspired by Extension Fail2Banlog, but this extension is unmantained and built for an old MediaWiki version.
So this was written from scratch by written by Luca Mauri originally for use in Wikitrek: it is released as open source here in case it can be useful to anybody else.

Features

Requirements

Installation

Easiest way to install the extension is using Composer: it will automatically resolve all the dependencies and install them as well.

Add the require configuration as in the following example to the composer.local.json at the root of your mediawiki installation, or create the file if it does not exist yet:

{
    "require": {
        "lucamauri/wiki2ban": "~1.0"
    },
    "extra": {
        "merge-plugin": {
            "include": [
            ]
        }
    },
    "config": {
    }
}

and, in a command prompt, run Composer in the root of your mediawiki installation:

composer install --no-dev

Add the following code near the rest of the extensions loading in the site's LocalSettings.php:

wfLoadExtension('Wiki2Ban');

Below this line, add the configuration parameters as explained below in Configuration section.

Configuration

In the LocalSettigs.php file add:

$wgW2BlogFilePath = "/var/log/mediawiki/wiki2ban.log";

$wgW2BlogFilePath

The path to the logfile the extension will write and that Fail2Ban will read to perform ban actons.

Fail2Ban configuration

Finally you need to configure a rule and a filter on Fail2Ban: this extension contains two files in f2bconf direcory showing basic configuration.

Rule

Rule is shown in the file:

/f2bconf/w2brule.conf

the content of this file can be copied into Fail2Ban's main configuration file (usually /etc/fail2ban/jail.local) or kept as a separate configuration file in jail.d directory. Remember to customize the parameter logpath with the path of the file defined in the configuration file (see above).

Filter

Filter is shown in the file:

/f2bconf/w2bfilter.conf

this file should be copied into Fail2Ban's filter directory (usually /etc/fail2ban/filter.d/).

Troubleshooting

To read detailed logging messages, you can intercept the log group named Wiki2Ban: for instace with the following configuration into LocalSetting.php:

$wgShowExceptionDetails = true;
$wgDebugLogGroups['Wiki2Ban'] = "/var/log/mediawiki/Wiki2Ban-{$wgDBname}.log";

Additional file

wiki2ban.json contained in f2bconf folder is a definition for Log Navigator application as explained here: https://docs.lnav.org/en/latest/formats.html#defining-a-new-format

License

GNU General Public License, version 3

Maintainers

Luca Mauri

Contributors

Luca Mauri