This extension is inspired by Extension Fail2Banlog, but this extension is unmantained and built for an old MediaWiki version.
So this was written from scratch by written by Luca Mauri originally for use in Wikitrek: it is released as open source here in case it can be useful to anybody else.
Easiest way to install the extension is using Composer: it will automatically resolve all the dependencies and install them as well.
Add the require configuration as in the following example to the composer.local.json at the root of your mediawiki installation, or create the file if it does not exist yet:
{
"require": {
"lucamauri/wiki2ban": "~1.0"
},
"extra": {
"merge-plugin": {
"include": [
]
}
},
"config": {
}
}and, in a command prompt, run Composer in the root of your mediawiki installation:
composer install --no-dev
Add the following code near the rest of the extensions loading in the site's LocalSettings.php:
wfLoadExtension('Wiki2ban');Below this line, add the configuration parameters as explained below in Configuration section.
In the LocalSettigs.php file add:
$wgW2BlogFilePath = "/var/log/mediawiki/wiki2ban.log";
The path to the logfile the extension will write and that Fail2Ban will read to perform ban actons.
Finally you need to configure a rule and a filter on Fail2Ban: this extension contains two files in f2bconf direcory showing basic configuration.
Rule is shown in the file:
/f2bconf/w2brule.conf
the content of this file can be copied into Fail2Ban's main configuration file (usually /etc/fail2ban/jail.local) or kept as a separate configuration file in jail.d directory. Remember to customize the parameter logpath with the path of the file defined in the configuration file (see above).
Filter is shown in the file:
/f2bconf/w2bfilter.conf
this file should be copied into Fail2Ban's filter directory (usually /etc/fail2ban/filter.d/).
To read detailed logging messages, you can intercept the log group named Wiki2Ban: for instace with the following configuration into LocalSetting.php:
$wgShowExceptionDetails = true;
$wgDebugLogGroups['Wiki2Ban'] = "/var/log/mediawiki/Wiki2Ban-{$wgDBname}.log";wiki2ban.json contained in f2bconf folder is a definition for Log Navigator application as explained here: https://docs.lnav.org/en/latest/formats.html#defining-a-new-format