Jump to content

Increasing account creation threshold

From Wikitech

There are cases when the Wikimedia Foundation or others will host events that have a tendency of creating a large amount of new account requests during a short window of time from a single IP or a few IPs. The IP can be effectively excluded from rate limiting. This will also raise edit rate limits to the value used for autoconfirmed users (by default 90 edits/minute) instead of the limit for non-autoconfirmed users (8 edits/minute for all newbies coming from the same IP address).

throttle.php

This can easily be done if you add an $wmgThrottlingExceptions array in throttle.php 

$wmgThrottlingExceptions[] = [ // T185930
	'from' => '2018-03-10T11:00:00 -5:00',
	'to' => '2018-03-10T16:00:00 -5:00',
	'range' => '38.125.10.42',
	'dbname' => [ 'enwiki' ],
	'value' => 30 // 20 expected
];

The 'IP', 'range' and 'dbname' values can all be single strings or arrays. The 'IP'/'range' is optional, but highly recommended.

After this a backport deployer must sync the throttle with 

sync-file wmf-config/throttle.php

The processing logic for throttle.php is in throttle-analyze.php.

Reset

If you don't want to change the configuration but want to restart the throttle from zero (e.g. you are debugging some account creation flow in production), you can delete the memcached key with: 

mwscript-k8s --comment='T00000' --follow -- resetAuthenticationThrottle.php --wiki=aawiki --signup --ip=1.2.3.4

(It does not matter which wiki you use, the throttle is shared.)

Retrieved from "https://wikitech.wikimedia.org/w/index.php?title=Increasing_account_creation_threshold&oldid=2390033"