Use a default setting of > 20 logins in 10 minutes. In order to
achieve this many with core's default throttle's, you would have
to be attempting to login from at least 2 IP addresses.
Bug: T122164
Change-Id: Id3ea766cfb7d50444082275a628b8b2aa10e6050
If you are running multiple wikis, you probably want the rate limit
on one wiki to apply to all wikis
Bug: T126685
Change-Id: If5533f222eae9dc540b7c79606d7e7ce613f4e13
If the user has not resolved the "edit"-triggered CAPTCHA correctly,
show an error message, so the user knows, why their edit isn't saved.
Change-Id: Iecbf280e76e450d111f548fda29220688c65fc3a
The config needs to be an array to work, if any other type given it
will throw a warning, but doesn't show, that it will not work. Instead
of pass the edit as "not need to be checked", throw an exception to
indicate that something went wrong.
Change-Id: I4a2374ab2c5f8cf9ce5ea5f36f707a770a46a07d
Check, if an edit is being saved or not, before checking for captcha
triggers, that potentially could query the database or/and do other
expensive things.
Bug: T93961
Change-Id: Iab3e94e642c965becd23d31c6c1baa4c0cddacde
Logs a 'captcha.display' event when a captcha is displayed,
either via web or in an API response, and 'captcha.submit' when
a captcha response is evaluated.
Bug: T91701
Change-Id: I376fdd6740aca4f11776e1326ff2e7e6e5af6a75
Log exceeding the badcaptcha rate limit to the main captcha log (e.g.,
captcha.log on the WMF cluster).
So that we can measure the impact of things like
https://gerrit.wikimedia.org/r/#/c/195886/
Change-Id: I2af26d23b9343e90db2f01f099c1292914bd7ac3