Jump to content

Extension:TorBlock

From mediawiki.org
MediaWiki extensions manual
TorBlock
Release status: stable
Implementation User access
Description Automatically applies restrictions to Tor exit nodes with access to the wiki's front-door server.
Author(s) Andrew Garrett (Werdnatalk)
Latest version 1.1.0 (Continuous updates)
MediaWiki 1.35+
PHP 5.5+
License GNU General Public License 2.0 or later
Download
  • $wgTorBlockProxy
  • $wgTorIPs
  • $wgTorProjectCA
  • $wgTorOnionooServer
  • $wgTorTagChanges
  • $wgTorAutoConfirmCount
  • $wgTorDisableAdminBlocks
  • $wgTorBypassPermissions
  • $wgTorAllowedActions
  • $wgTorOnionooCA
  • $wgTorAutoConfirmAge
  • torunblocked
Quarterly downloads 23 (Ranked 110th)
Public wikis using 1,149 (Ranked 224th)
Translate the TorBlock extension if it is available at translatewiki.net
Issues Open tasks · Report a bug

The TorBlock extension automatically applies restrictions to Tor exit node's access to the wiki's front-door server.

Installation

  • Download and move the extracted TorBlock folder to your extensions/ directory.
    Developers and code contributors should install the extension from Git instead, using:cd extensions/
    git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/TorBlock
  • Add the following code at the bottom of your LocalSettings.php file:
    wfLoadExtension( 'TorBlock' );
    
  • Configure as required.
  • Yes Done – Navigate to Special:Version on your wiki to verify that the extension is successfully installed.


Configuration

$wgTorBypassPermissions = [ 'torunblocked' ]; User account permissions that bypass Tor blocks.

By default, $wgGroupPermissions['user']['torunblocked'] = true; is set, so logged-in users will bypass permissions unless it is set to false.

$wgTorLoadNodes = true; If set to true, the extension will always try to load a list of nodes if there is no current list available in the cache. Loading the exit node list is expensive, so some wikis may want to set this to false, and instead have loadExitNodes.php be run as a cron job to update the node list.
$wgTorIPs = [ '208.80.152.2' ]; An array of IP addresses that the wiki server uses. Only exit nodes allowed to connect to these IPs will be returned in the internal list. Note: this is only used when the extension has to fall back to the Tor Project's bulk list service, rather than using the newer Onionoo protocol.
$wgTorDisableAdminBlocks = true; Disables existing Tor blocks made by admins.
$wgTorAutoConfirmAge = 0;

$wgTorAutoConfirmCount = 0;

Like Manual:$wgAutoConfirmAge and $wgAutoConfirmCount . Both sets of limits must be passed for an account to be granted any statuses defined in Manual:$wgAutopromote (including autoconfirmed status).
$wgTorAllowedActions = [ 'read' ]; Permissions allowed to Tor anonymous users. By default, Tor users cannot create accounts.
$wgTorOnionooServer = 'https://onionoo.torproject.org';

$wgTorOnionooCA = "$dir/torproject.crt";
$wgTorProjectCA = "$dir/torproject.crt";

By default, the extension uses a service called Onionoo, created by the Tor Project, to retrieve the list of exit nodes. Onionoo servers can be run by anybody, so a custom one (and its associated SSL certificate) can be set with these variables. The default is the Tor Project's own server.
$wgTorTagChanges = true; Mark Tor edits as such
$wgTorBlockProxy = false; Proxy to use, if not the default proxy

See also

  • BulkBlock Extension — an extension that allows administrators to easily block multiple users at once on a MediaWiki website.