Go to file
libraryupgrader 91411494fe build: Updating browserslist to 4.16.6
* https://npmjs.com/advisories/1747 (CVE-2021-23364)

Change-Id: I8beca2e5ecb999a707e440b6d7d8cf0f817a9639
2021-05-25 20:57:44 +00:00
.phan phan: Remove suppression for PhanParamTooMany 2019-10-04 11:42:42 +02:00
i18n Localisation updates from https://translatewiki.net. 2021-05-24 09:54:23 +02:00
includes Use static closures where safe to use 2021-05-04 19:34:58 +02:00
maintenance Avoid using User::setOption() 2021-04-02 21:06:06 +02:00
tests/phpunit Remove incomplete @param from test function 2021-01-19 21:22:42 +01:00
.eslintrc.json build: Updating eslint-config-wikimedia to 0.19.0 2021-03-14 00:53:19 +00:00
.gitignore build: Updating mkdirp to 0.5.3 2020-03-21 02:54:24 +00:00
.gitreview Whoops, track not trace 2016-10-24 17:02:52 -07:00
.phpcs.xml build: Updating dependencies 2021-01-30 03:54:05 +00:00
CODE_OF_CONDUCT.md build: Updating mediawiki/phan-taint-check-plugin to 1.3.0 2018-08-19 14:12:15 +00:00
composer.json build: Updating composer dependencies 2021-05-05 11:29:27 +00:00
COPYING Initial version of extension to notify people on failed login attempts. 2016-03-28 04:29:04 -04:00
extension.json Make use of BatchRowIterator::setCaller 2020-09-04 18:30:20 +01:00
Gruntfile.js build: Updating dependencies 2021-01-30 03:54:05 +00:00
package-lock.json build: Updating browserslist to 4.16.6 2021-05-25 20:57:44 +00:00
package.json build: Updating npm dependencies 2021-05-11 08:17:29 +00:00
README.md Fix some typos 2017-05-13 13:17:41 +02:00
UserAvatar.svg Update 'UserAvatar' to latest WikimediaUI icon 2018-11-27 10:26:09 -08:00

The LoginNotify extension notifies you when someone logs into your account. It can be configured to give warnings after a certain number of failed login attempts (The number is configurable, and can be different between unknown IPs/devices and known IP/devices). It can also give echo/email notices for successful logins from IPs you don't normally use. It can optionally integrate into the CheckUser extension in order to determine if the login is from an IP address you don't normally use. It can also set a cookie to try and determine if the login is from a device you normally use.

Installation

  • This extension requires the Echo extension to be installed. This extension can optionally integrate with the CheckUser extension if it is installed, but does not require it.
  • Download and place the file(s) in a directory called LoginNotify in your extensions/ folder.
  • Add the following code at the bottom of your LocalSettings.php: wfLoadExtension( 'LoginNotify' );
  • Navigate to Special:Version on your wiki to verify that the extension is successfully installed.

Configuration parameters

"@doc": "The number of failed login attempts to permit from a known IP before a notification is triggered.",
"LoginNotifyAttemptsKnownIP": 10
"@doc": "The time-to-live of the count of failed login attempts from a known IP (from the time of the first failed attempt).",
"LoginNotifyExpiryKnownIP": 604800,
"@doc": "The number of failed login attempts to permit from a new IP before a notification is triggered.",
"LoginNotifyAttemptsNewIP": 3,
"@doc": "The time-to-live of the count of failed login attempts from a new IP (from the time of the first failed attempt).",
"LoginNotifyExpiryNewIP": 1209600,
"@doc": "Whether to trigger a notification after failed logins from known IPs.",
"LoginNotifyCheckKnownIPs": true,
"@doc": "Whether to trigger a notification after successful logins from unknown IPs.",
"LoginNotifyEnableOnSuccess": true,
"@doc": "Set different default notification preferences for different user groups. For user groups that have any of the user rights listed in this array, the preferences specified in Hooks:getOverriddenOptions() are on by default.",
"LoginNotifyEnableForPriv": [ "editinterface", "userrights" ],
"@doc": "Override this to use a different secret than $wgSecretKey",
"LoginNotifySecretKey": null,
"@doc": "Expiry in seconds. Default is 180 days",
"LoginNotifyCookieExpire": 15552000,
"@doc": "Override to allow sharing login cookies between sites on different subdomains",
"LoginNotifyCookieDomain": null,
"@doc": "Maximum number of users (records) to track as having successfully logged in on a particular device.",
"LoginNotifyMaxCookieRecords": 6,
"@doc": "Set to false to disable caching IPs in memcache. Set to 0 to cache forever. Default 60 days.",
"LoginNotifyCacheLoginIPExpiry": 5184000