https://bugzilla.wikimedia.org/show_bug.cgi?id=9838
--- Comment #17 from Tyler Romeo <[email protected]> 2012-05-31 04:19:44 UTC --- OK, so here's my suggestion. I like the SpecialPage idea, but I'm a little weary about relying on memcached so much, mainly in the case of installations where the wiki is configured not to have any type of object caching. Also, like the rest of the world, I'm damn lazy and don't like writing a lot of code when we don't have to. So here's my suggestion. Mediawiki already has a logging table... After any login (good or bad): Log the login. When logged in user browses any page: Show notification for bad logins (similar to new talk page message notification). After X bad logins in Y amount of time w/o user logging in: Email user. In this setup, the user is only emailed if they haven't logged in during the attacks, because with notifications there's no need to warn a user twice about the same thing. Also, all login attempts are stored permanently in Special:Log, which means the user can look at his authentication records whenever he/she wants. Users will be restricted to viewing only their own auth logs unless they have a special permission to view all auth logs. Also, there would be wiki configuration variables that can enable/disable logging good logins, enable/disable this feature altogether, enable/disable notifications, and set the email intervals. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
